The Code Book 22
The Code Book | |
author | Simon Singh |
pages | 450 |
publisher | Anchor Books |
rating | 10/10 |
reviewer | stern |
ISBN | 0-385-49532-3 |
summary | Engrossing history of code-making and code-breaking, with equal parts drama, biography, and tutorial. |
Perhaps the most remarkable thing about Simon Singh's masterful The Code Book becomes clear at the end, when he provides seven coded messages. He starts with a simple substitution cypher and ends with what appears to be a form of public key encyrption. After only 350 pages, he has made codebreaking so exciting, so worthy an endeaver, and has explained the mechanics of the process so well, that you can't help but pick up a pencil and set to work.
When compared to other mass-market books on cryptography, Singh goes into much more detail on the contruction of cyphers, and the mathematics behind them. This makes the power and momentum of his writing a bit of a surprise. However, his thrill at the cracking of each code, and his understanding of the world-altering effects of each one, infect the reader.
The book contains everything you would expect -- Vigniere cyphers, the cracking of Enigma, a brief history of public key encryption. It also includes the Beale Treasure (crack a code, and there may still be millions in gold left to find), the Zimmerman telegram (which, when decoded by the British in 1917, drove the United States to declare war on Germany), and other stories of varying levels of familiarity. Most unusual, Singh includes the story of the decoding of Linear B and Egyptian Hieroglyphics. In other books, these chapters might seem very much out of place, as neither language was developed as a tool to keep things secret, and they are therefore distinctly out of place when next to commercial and military cyphers. That said, Singh's book is more about the thrill of decypherment and the intellect of code-breakers. Since the skills necessary to decode these languages closely resemble those of code-breakers, and since the triumph of victory is very much the same, they fit here.
What's Bad?
Codes and cyphers of importance in Britain and the United States dominate the book. There is almost no discussion of codes or codebreaking elsewhere. Perhaps Singh will address them in a later book. Also, for some, very sophisticated readers, much of the math will be overly simplistic. For some, very slow readers, later chapters will be difficult to follow. However, most people will find this book to be a treasure -- worth reading, and worth sharing with others.
What's Good?
From the perspective of the early 21st century, the weaknesses of old codes are obvious. As Singh walks us through the Cipher of Mary Queen of Scots, substitution codes and cyphers of increasing sophistication, the Vigniere cipher, we cover thousands of years worth of the science of secret writing. Today, computers bring us such tremendously powerful tools for cracking these codes, that you want to put a hand over your eyes and shake your head in embarassment for the governments, businesses, and hobbyists who should have known better. When Singh shows us the first Arabic document on the use of frequency analysis to crack substitution cyphers, I felt a pride similar to that I feel when I contemplate powered flight. As Singh's story progresses, it becomes clear that the advance of code-making, just like the advance in agriculture or the advance of transportation, carries within it the evolution of global civilizations. It includes technology, politics, trade, and the the demand for civil liberties (or privacy, which often amounts to the same thing).
Singh considers future technologies as well, especially quantum computing and its implications for modern, prime-number based encryption systems. He ends with quantum cryptography, perhaps the next paradigm in secrecy. If Singh is right, there is no principal in physics as we now understand it which will allow an untrusted party to decode messages encrypted with quantum cryptography.
He has also put up $15,000 for whoever can read the secret messages at the back of the book. The first few are easy, but they quickly get difficult. If the last few are what I think they are, a distributed computing network will be needed to crack them. Anybody volunteering to organize it?
Stern is the president of Information Markets Corp. You can purchase this book at ThinkGeek.
Simon Singh on the Telly (Score:1)
--
Re:Recommend me a crypto book? (Score:2)
You've indicated that you want a book that is "fun to read" and this in my mind leaves only one choice: Applied Cryptography 2nd Ed by B.Schneier. It's funny, well written, insightful and accessible.
Something like Handbook of Applied Cryptography [uwaterloo.ca] is more precise and scientific in approach, but has 0% humour.
Seriously, buy Applied Crypto...You won't regret it. Secrets & Lies is Schneiers follow-up and this is also a very good book, but is more into dealing with computer security rather than crypto.
Code discussed on the Register (Score:1)
By: Lucy Sherriff
Posted: 13/10/2000 at 10:32 GMT
Following the news that the final cipher of Simon Singh's Code Book challenge had been broken, The Register caught up with him and Paul Leyland, who between them set the ten ciphers in the challenge.
"I really didn't have the foggiest idea how long it would take to be solved, but I think a year is a good time. If it had gone on for longer, say five years or so, it would have become frustrating and lost its pace. It is very hard to set a cipher that isn't either trivial or impossible," said Singh, thoughts echoed by his college, Paul Leyland.
"Designing a good cipher isn't easy," he said. "Designing a bad one, however, is easy. In general terms, first off you have to decide what you are protecting. Is it information of low value, or high? Is it short-lived or must it be protected for many years?"
Equally important are the resources of the enemy you are trying to evade, and your own resources to encrypt the data in the first place.
Leyland continues: "In more familiar terms, do you want a simple bolt on a bathroom door to advise others that the room is occupied, or do you need a vault with three-foot thick steel walls to keep out professional thieves armed with explosives and cutting torches, or something in between? All these factors are important and must be properly considered before designing or choosing a cipher."
As for the timing, the cracking of the cipher coincided with the start of Singh's TV serialisation of "The Code Book." Pure coincidence? Well, it seems so. Rather wistfully Singh says: "Last week would have been nice, it would have saved me a thousand pounds."*
Because the ciphers in the challenge had been following a historical theme, the final stage had to be a realistic application of public key cryptography.
Again, we defer to Leyland for an explanation: "The archetypal public key algorithm is RSA, and one of its major uses in real life is to encrypt a cipher key. The key would then be used to encrypt a message with a cipher far too hard to break by key search as for the DES stage. We chose triple-DES for the cipher, and encrypted its 112-bit key with a RSA public key, which was 512-bits in size."
And in the way of all things code related, the final cipher turned out to have another final trick up its sleeve.
"The last text was supposed to be triple DES encrypted," said Singh. "This is impossible to crack, but we had encrypted the key to the passage with a 512-bit asymmetric cipher, and this was the way to solve the final stage."
However, by accident, the passage ended up being only single DES encrypted. Since the previous text, once deciphered, hinted strongly that the next passage was encrypted using triple DES, the Swedes used the key to un-triple DES the passage. Obviously after this it made no sense at all.
"It took them a couple of hours to work out what was going on," Singh remarks. "I'm not embarrassed by it, its just part of cryptography that things are not always perfect. I'm sure there were spelling mistakes running through all the other texts as well."
As for the implications of such a strong cipher being broken without the use of a super computer, this is the part that really impressed Leyland and Singh. However, according to David Shapland, enterprise product manager at BT Trustwise, the UK face of Verisign, said that we should be neither concerned nor surprised.
"Most things are secured using a 1024-bit key these days," he said. "And if you bear in mind that starting from a 512 bit key, each additional bit doubles the number of available keys that is pretty secure." ®
*When the challenge was set, Singh promised £1000 to the person who was leading the race at the one year mark. The final cipher was cracked just a week after this milestone had been passed
Good book, but... (Score:1)
-The Reverend (I am not a Nazi nor a Troll)
Re:Sorry Timothy, You're an Idiot (Score:1)
Excellent book (Score:3)
Get a real book on crypto (Koblitz, maybe) if you're interested in learning the math for real. If you just want a good history of the field and what it evolved from, then this is the book to get. Anybody who is interested in cryto should consider this a must-read simply for the historical perspective.
BTW, I know what the encrypted message really is at the end of the book. It's just xyzzy over and over and over......
Re:Excellent book (Score:1)
Thankyou.
Damn, that's three words.
Now it's 7....
I cracked the department code! (Score:1)
It says:
from the guy-who-cracked-The-Code-Book-challenge-has-too-m
Excellent book. (Score:1)
Many shouts of "GEEK!" across the pool too.
"Yes?" my reply.
Al.
Re:which Englishmen? (Score:2)
Re:What's bad? (Score:1)
Recommend me a crypto book? (Score:1)
The other book that keeps getting mentioned is "Applied Cryptography" by Schneier. Can anyone tell me which one is better (and why) or if there's another candidate?
Re:Excellent book (Score:2)
Hhhhm....Koblitz isn't bad, but is very terse and not nearly comprehensive. It's widely accepted that the current definitive work on cryptography is The Handbook of Applied Cryptography (HAC for short).
Literally every chapter of HAC is available on the HAC homepage here [uwaterloo.ca] for free download in both .ps and .pdf format - so it's possible to "try before you buy".
The only area I'd say Koblitz has the upper hand is Elliptic Curves - HAC is very light on this topic.
Complement to Cryptonomicon (Score:1)
Re:which Englishmen? (Score:1)
Re:I cracked the department code! (Score:1)
---
What's bad? (Score:2)
What's bad: Codes and cyphers of importance in Britain and the United States dominate the book. There is almost no discussion of codes or codebreaking elsewhere.
True, but the Code Book doesn't claim to be a comprehensive treatment of cryptography through the ages and around the world...And for good reason: David Kahns The CodeBreakers [amazon.com] is the definitive comprehensive and technically rich reference of cryptography in a historical context. My understanding is that The Code Book was supposed to be easy to read and accessible (like Dr Singhs other book "Fermats Last Theorem").
Personally I believe Singh achieves this - the book is very well written and "just at the right level" for a non-technical person to understand.
Re:which Englishmen? (Score:1)
Koblitz and Elliptic Curves (Score:2)
I especially enjoyed hearing his story about RSA bashing (in a "polite way") on Elliptic Curve crypto. He showed us a quote by Rivest where he said that finding a mathematician who could give you a reasonable analysis of EC crypto was about as hard as finding someone to give you an interpretation of Chaldean poetry. In response, the organizers of an EC workshop that Koblitz attended had shirts made with elliptic curves on them and the statement "I Love Chaldean Poetry" silkscreened on the front.
Koblitz wore the shirt to the talk, and we all had a good chuckle. :)
Sorry Timothy, You're an Idiot (Score:1)
This article merely shows the depths to which Slashdot has sunk in its posting of articles. For the second time in as many days, Timothy posts a story which is ALREADY ON THE FRONT PAGE! [slashdot.org] Furthermore, this book has been out for over a year now: it's not like your review adds anything new. And does Slashdot really need three reviews on the same book?--one by Ellen Knowlton Wilson [slashdot.org], one by JonKatz [slashdot.org] and one by yourself? Is this really necessary?
If the last few [ciphers] are what I think they are, a distributed computing network will be needed to crack them. Anybody volunteering to organize it?
In case you've been living on a different planet for the last year, there already was a group of a thousand or so voluteers gathered at eGroups and various spinoff groups, working on various stages and in groups for Stages 9 (DES) and 10 (RSA).
(Ignore the .sig. It's not supposed to reflect on my posting style. ;-)
--
Great book (Score:1)
---------------------------
Garden of Eden Creation Kit
Breaking languages good example for cryptanalysis (Score:2)
I don't think that this is unusual. The landmark book for the history of cryptography, David Kahn's The Codebreakers, also contains a chapter on Linear B and the Rosetta stone. Decoding unknown languages is a good, lucid way to demonstrate how cryptanalysis proceeds without a lot of mathematics, and has the advantage of having all of the details openly published. For the casual reader without a strong background in computers or cryptography, showing how linquists decipher an unknown written language is the best way I can think of to show the thought processes of a cryptanalyst.