📜 The story of Scytales

In the ancient days, cryptography started off as a way to protect valuable messages from enemy access. Ancient emperors used various methods to convey secret military messages to their army commanders.

One of the earliest methods include the use of a cylindrical wooden rod called Scytale used by ancient Greek emperors. Before a military invasion, the emperor would order to make two exactly same cylindrical wooden rods (scytales). The king would give one scytale to the army commander and keep one with himself.

The way it worked was, the emperor would wound a strip of leather across the scytale and then write the message.

Suppose a specific scytale allowed one to write three letters around in a circle and five letters down the side of it. The wounded leather strip with the message "attackfromright" written on it will look like:

       |   |   |   |   |   |
       | a | t | t | a | c |  |
     __| k | f | r | o | m |__|
    |  | r | i | g | h | t |
    |  |   |   |   |   |   |

After writing the message with scytale, the emperor will un-wound the leather strip and send it to the commandar.

The un-wounded strip will contain the message:

----------------
akrtfitrgaohcmt
----------------

Now, even if the leather strip gets intercepted by an enemy spy, the message will not make sense. Isn't this fascinating? smart use of a wooden rod might have helped the ancient emperors win battles.

Symmetric key encryption

The scytale technique we saw above was an encryption technique. Encryption is a process in which the original message is modified (or encoded) in such a way that only the intended receipient can decode to see the actual message.

The original message is called plaintext, the encoded message is called the ciphertext. Encryption converts plaintext to ciphertext with help of a key.

To decrypt, that is to convert ciphertext to plaintext, it can only be done by those who have access to that same key.

If we compare it to the scytale technique, the scytale (the wooden rod) is the key and is only shared with the commander. Here's how the encryption process looks like:

Plaintext, key and ciphertext — Encryption process with scytale

The decryption process will look like:

ciphertext, key, plaintext — Decryption process with scytale

We call this symmetric key encryption because the same key is used to encrypt and decrypt the message. Later in the course, we will see asymmetric key encryption, in which two different keys will used, one for encryption and another for decryption.

Breaking the encryption

In case of scytale, imagine, if a very motivated enemy spy gets access to the leather strip that has the ciphertext on it. What's stopping the enemy spy in decrypting the ciphertext? there are two hurdles for the enemy spy --

The encryption and decryption technique (or the algorithm): the Greek emperor wounded the leather strip across the scytale and then wrote the message to generate the ciphertext. And the commander had to do the same thing, that is, wound the strip around scytale and then read the plaintext. This technique of writing and reading with help of scytale were unknown to the enemy.
The scytale itself (or the key): the scytale that only the emperor and the commander shared were of a particular dimension. If the enemy spy manages to create the exact same scytale then they just needed to know how to use the scytale to decrypt the ciphertext.

Let's hear a story. The Greek emperor is fighting a battle. They lose the battle and the enemy tortures the commandar to reveal the scytale and how he used the scytale to read the ciphertext. Now, their scytale (key) & the method of reading (algorithm) both are revealed. The enemy shares both of this intel to the other enemies of the emperor.

Now, the emperor is in trouble because all of his enemies knows his communication algorithm and the key. How can the emperor deal with this situation?

The emperor was clever. He changed the scytale for future wars. Now even if the enemy gets access to the ciphertext, they will need to make the exact same scytale to decrypt the ciphertext.

Suppose the scytale was of 50cm in length and 10cm in diameter and this scytale allowed to write three letters around in a circle and five letters across the length. If the enemy makes a scytale of any other dimension then the enemy won't be able to read the ciphertext correctly because the exact number of letters should fit around circle and across the length of scytale to accurately decrypt the ciphertext.

The enemy will need to make hundreds of different stycales to figure out the right one. That is, the enemy will need to brute-force the key.

But making hundreds of them can take weeks because there are no machines, it'll all be done by human craftsman. Till the time enemy figures out the right scytale, the emperor crushes the enemy's army and wins the battle. Yeah, emperor for the win!

With time and experience, it was realised that keeping the encryption algorithm as an internal secret is not feasible. The encryption algorithm is bound to get revealed not immeditely but definitely over the course of time.

Even if the key gets revealed, the key can easily be updated but designing a new encryption algorithm everytime it gets revealed is not at all feasible.

Auguste Kerckhoffs and later Claude Shannon, the pioneers of Cryptography stated one of the most important principles of Cryptography called the Kerckhoffs's principle. It says that -- it should always be assumed that the enemy knows everything about the encryption algorithm (and the system).

The security of a particular encryption algorithm depends only on how hard it is to crack the key. The more variations the key can have, the harder it'll be to crack it.

So, it's all in the key! The key should be kept secret from adversaries. It should only be shared with the trusted parties.

🌱 Please, fill a short feedback form designed for this lesson. Let's make this the best cryptography resource for devs!