Cryptography I

— Exercises —
Luca Viganò
Department of Computer Science
ETH Zurich

Information Security
Luca Viganò 1

Some definitions
• Cryptology: the study of secret writing.

• Cryptography: the science of secret writing.

• Secret writing: codes and ciphers (more general).

– Code: a string of symbols stands for a complete message.
Example: telegraph code “73” = “love and kisses”.
– Cipher = cryptographic algorithm: transform plaintext P into
ciphertext C (and vice versa).
• Cryptanalysis: science of recovering P (or keys, other secrets, ...).
– Attack = attempted cryptanalysis.
– Compromise = obtain secret by non-cryptanalytic means (theft,
torture, ...).
Also: steganography (hide secret messages in other messages).
Information Security 10.4.03
Luca Viganò 2

Steganography

• Described by Herodotus in accounts of the wars between Greece

and Persia:
As the danger of discovery was great, there was only one way
in which Demaratus could contrive to get the message
through – this way by scraping the wax off a pair of wooden
folding tablets, writing on the wood underneath what Xerxes
intended to do, and then covering the message over with wax
again. In this way the tablets, being apparently blank, would
cause no trouble with the guards along the road.

Information Security 10.4.03

Luca Viganò 3

Steganography (cont.)

• Used many times since:

– Slaves head were shaved and a message written (tattooed),
then allowed to grow their head back before sending them on a
journey.
– Ancient Chinese wrote messages on fine silk, which was then
scrunched into a tiny ball and covered in wax. The messenger
would swallow the ball of wax.
– In 15th century in Italy messages written on hard-boiled eggs
using special ink which penetrated the shell and left the
message on the albumen.

Information Security 10.4.03

Luca Viganò 4

Key-based cryptographic algorithms

• General Schema: EKey1(P ) = C, DKey2(C) = P
Key1 Key2
Ciphertext
Plaintext Plain Text
Encryption Decryption
P C P

• Security depends on secrecy of the key, not on the details of the

algorithm (which can be published and analyzed).
• Symmetric algorithms: Key1 = Key2, or are easily derived from
each other.
DKey2(C) = DKey2(EKey1(P )) = P .

• Asymmetric or public key algorithms:

– Different keys, which cannot be derived from each other.
– Public key can be published without compromising private key.
Information Security 10.4.03
Luca Viganò 5

Goals of cryptography
Protection goals:
• Confidentiality: prevention of unauthorized disclosure of
information (only selected principals should be able to access
data/message).
• Integrity: prevention of unauthorized modification of information
(an intruder should not be able to modify a message in transit).
• Availability: prevention of unauthorized withholding of
information or resources.
• Authentication: an intruder should not be able to masquerade as
someone else.
• Nonrepudiation: a sender should not be able to falsely deny later
that he sent a message.
• etc. (see, for instance, Gollmann’s book)
Information Security 10.4.03
Luca Viganò 6

Historical perspective
• Code: a string of symbols stands for a complete message.
– Example: ‘OCELOT’ is ciphertext for ‘TURN LEFT 90
DEGREES’ and ‘LOLLIPOP’ is ciphertext for ‘TURN RIGHT 90
DEGREES’.
– But: if there is no entry for ‘ANTEATER’, then you can’t say it.
• Cipher (cryptographic algorithm): one-to-one correspondence
between symbols of original message (plaintext P) and symbols of
its equivalent in secret writing (ciphertext C).
• Classical ciphers: simple algorithms (military, ordinary citizen, ...).

• Modern ciphers: computer cryptography.

– Yesterday: exclusive domain of the militaries, governments, ...
– Today: state-of-the-art cryptography accessible to all.
Information Security 10.4.03
Luca Viganò 7

Transposition ciphers
Rearrange (order of) bits or characters in the plaintext.
• Keys are functions for transposition.
• More formally:
– For block length t, let K be the set of permutations on
{1, . . . , t}. For each e ∈ K and m ∈ M
Ee(m) = me(1)me(2) · · · me(t)
– The set of all such transformations is called transposition cipher.
– To decrypt c = c1c2 · · · ct compute Dd(c) = cd(1)cd(2) · · · cd(t).
• N.B.: cryptanalysis easy as frequencies (of letters) preserved.
• Examples:
– Aduaenttlydhatoiekounletmtoihahvsekeeeleeyqonouv = ???
– EARN SAIS CNE = ???
Information Security 10.4.03
Luca Viganò 8

Transposition ciphers (cont.)

P = And in the end the love you take is equal to the love you make
A n d i n t h e e n
d t h e l o v e y o
u t a k e i s e q u
a l t o t h e l o v
e y o u m a k e

C = Aduaenttlydhatoiekounletmtoihahvsekeeeleeyqonouv
Key (in this case: the grid) is function for transposition.

Information Security 10.4.03

Luca Viganò 9

Transposition ciphers (cont.)

• Scytale: wrap belt spirally around baton and write plaintext

lengthwise on it (ancient Greeks, who also used steganography
and concealment ciphers).

• Fixed period:
i = 1, 2, 3, 4 RENA ISSA NCE
Period 4 and ⇒
f (i) = 2, 4, 1, 3 EARN SAIS CNE

Information Security 10.4.03

Luca Viganò 10

Substitution ciphers
Replace parts of plaintext (bits, characters, blocks) with ciphertext.

• Can be almost always easily broken.

• Keys are functions for substitution.

• Monoalphabetic or polyalphabetic (and other types).

• Used in some modern commercial computer security products, in

conjunction with other methods.

Information Security 10.4.03

Luca Viganò 11

Mono-alphabetic substitution ciphers

• Let K be the set of all permutations on the alphabet A. Define

for each e ∈ K an encryption transformation Ee on strings
m = m1m2 · · · mn ∈ M as

Ee(m) = e(m1)e(m2) · · · e(mn) = c1c2 · · · cn = c

• To decrypt c, compute the inverse permutation d = e−1 and

Dd(c) = d(c1)d(c2) · · · d(cn) = m

• Ee is a simple substitution cipher or a mono-alphabetic

substitution cipher.

Information Security 10.4.03

Luca Viganò 12

Examples of substitution ciphers

• Caesar cipher: each plaintext character is replaced by the
character three to the right modulo 26.
– ‘A’ is replaced by ‘D’, ‘B’ by ‘E’, ..., ‘X’ by ‘A’, ...
⇒ KHOOR ZRUOG = HELLO WORLD

• ROT13: rotate every letter by 13 places

– ‘A’ is replaced by ‘N’, ‘B’ by ‘O’, ..., ‘N’ by ‘A’, ..., ‘P’ by ‘C’, ...
– P = ROT13(ROT13(P))
⇒ Zl anzr vf Nqnz = My name is Adam

• Alphanumeric (‘crossword puzzle’, ‘Kreuzworträtsel’): substitute

numbers for letters.
– Example: ‘A’ is replaced by ‘1’, ‘B’ by ‘2’, ...
⇒ 2-25-5 2-25-5 = BYE BYE
Information Security 10.4.03
Luca Viganò 13

Advanced Caesar cipher

• Caesar Cipher: each plaintext character is replaced by the
character three to the right modulo 26.

• Advanced Caesar Cipher: key = number of characters of

alphabet’s offset, e.g. with shift 19:

Plaintext: A B C D E F G H I J ... U V W X Y Z
Ciphertext: T U V W X Y Z A B C ... N O P Q R S

• Shift n can be broken by hand! How?

Information Security 10.4.03

Luca Viganò 13

Advanced Caesar cipher

• Caesar Cipher: each plaintext character is replaced by the
character three to the right modulo 26.

• Advanced Caesar Cipher: key = number of characters of

alphabet’s offset, e.g. with shift 19:

Plaintext: A B C D E F G H I J ... U V W X Y Z
Ciphertext: T U V W X Y Z A B C ... N O P Q R S

• Shift n can be broken by hand! How?

• Unknown shift is one of possible 26... use computer to try them

all out...

Information Security 10.4.03

Luca Viganò 13

Advanced Caesar cipher

• Caesar Cipher: each plaintext character is replaced by the
character three to the right modulo 26.

• Advanced Caesar Cipher: key = number of characters of

alphabet’s offset, e.g. with shift 19:

Plaintext: A B C D E F G H I J ... U V W X Y Z
Ciphertext: T U V W X Y Z A B C ... N O P Q R S

• Shift n can be broken by hand! How?

• Unknown shift is one of possible 26... use computer to try them

all out... but can computer recognize “readable English (German,
Japanese,...) texts”? E.g.: and Caesar said, SBKF SFAF SFZF.

• Better approach: use statistical data about letter frequencies.

Information Security 10.4.03
 Luca Viganò 14

Advanced Caesar Cipher — Exercise

Relative frequencies in an English text of 1000 letters:

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
73 9 30 44 130 28 16 35 74 2 3 35 25 78 74 27 3 77 63 93 27 13 16 5 19 1

Use this information to decide the most likely shift used to obtain:

K DKVO DYVN LI KX SNSYD, PEVV YP CYEXN KXN PEBI, CSQXSPISXQ XYDRSXQ.

Don’t just use “brute force” but proceed strategically: tally the
frequencies of letters in the ciphertext
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

and then try a shift so that there is a correspondence between the

English Language Frequencies and the Enciphered Message
Frequencies.

Information Security 10.4.03

 Luca Viganò 15

Advanced Caesar Cipher — Exercise solution

Relative frequencies in an English text of 1000 letters:

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
73 9 30 44 130 28 16 35 74 2 3 35 25 78 74 27 3 77 63 93 27 13 16 5 19 1

K DKVO DYVN LI KX SNSYD, PEVV YP CYEXN KXN PEBI, CSQXSPISXQ XYDRSXQ.

⇒
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 4 3 0 0 0 3 0 4 1 0 4 1 4 3 1 6 0 0 4 0 7 5 0

⇒
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
73 9 30 44 130 28 16 35 74 2 3 35 25 78 74 27 3 77 63 93 27 13 16 5 19 1
K L M N O P Q R S T U V W X Y Z A B C D E F G H I J
4 1 0 4 1 4 3 1 6 0 0 4 0 7 5 0 0 1 2 4 3 0 0 0 3 0

⇒
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
K L M N O P Q R S T U V W X Y Z A B C D E F G H I J

Information Security 10.4.03

 Luca Viganò 16

Advanced Caesar Cipher — Exercise solution

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
K L M N O P Q R S T U V W X Y Z A B C D E F G H I J

so that

K DKVO DYVN LI KX SNSYD, PEVV YP CYEXN KXN PEBI, CSQXSPISXQ XYDRSXQ.

is decrypted to

A TALE TOLD BY AN IDIOT, FULL OF SOUND AND FURY, SIGNIFYING NOTHING.

which is an excerpt from

Information Security 10.4.03

 Luca Viganò 16

Advanced Caesar Cipher — Exercise solution

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
K L M N O P Q R S T U V W X Y Z A B C D E F G H I J

so that

K DKVO DYVN LI KX SNSYD, PEVV YP CYEXN KXN PEBI, CSQXSPISXQ XYDRSXQ.

is decrypted to

A TALE TOLD BY AN IDIOT, FULL OF SOUND AND FURY, SIGNIFYING NOTHING.

which is an excerpt from William Shakespeare’s Macbeth, Act V,

Scene 5
To-morrow, and to-morrow, and to-morrow,
Creeps in this petty pace from day to day,
To the last syllable of recorded time;
And all our yesterdays have lighted fools
The way to dusty death. Out, out, brief candle!
Life’s but a walking shadow; a poor player,
That struts and frets his hour upon the stage,
And then is heard no more: it is a tale
Told by an idiot, full of sound and fury,
Signifying nothing.

Information Security 10.4.03

 Luca Viganò 17

Advanced Caesar Cipher — Another Exercise

K DKVO DYVN LI KX SNSYD, PEVV YP CYEXN KXN PEBI, CSQXSPISXQ XYDRSXQ.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
73 9 30 44 130 28 16 35 74 2 3 35 25 78 74 27 3 77 63 93 27 13 16 5 19 1
K L M N O P Q R S T U V W X Y Z A B C D E F G H I J
4 1 0 4 1 4 3 1 6 0 0 4 0 7 5 0 0 1 2 4 3 0 0 0 3 0

⇒
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
K L M N O P Q R S T U V W X Y Z A B C D E F G H I J

⇒ A TALE TOLD BY AN IDIOT, FULL OF SOUND AND FURY, SIGNIFYING NOTHING.

Question: why is this not a very good example for the use (and
decryption) of an advanced Caesar cipher by frequency analysis?
As a comparison, decrypt the following ciphertext and explain why it
is better suited for frequency analysis
QBB JXU MEHBT YI Q IJQWU QDT QBB JXU CUD QDT MECUD CUHUBO FBQOUHI
Information Security 10.4.03
Luca Viganò 18

Successfull Substitution Ciphers

To resist to frequency analysis, successfull substitution ciphers
employ several advanced Caesar ciphers at once, e.g. by employing
several cipher-disks

or a Vigenère cipher.
For example, try to decrypt the ciphertext
KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY

Information Security 10.4.03

Luca Viganò 19

The Vigenère Cipher

A polyalphabetic substitution cipher based on a tableau where each row is a Caesar Cipher with
incremental shift (by Blaise de Vigenère from the court of Henry III of France in the 16th century):
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A
C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D
F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E
G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F
H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G
I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H
J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I
K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J
L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K
M M N O P Q R S T U V W X Y Z A B C D E F G H I J K L
N N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N
P P Q R S T U V W X Y Z A B C D E F G H I J K L M N O
Q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P
R R S T U V W X Y Z A B C D E F G H I J K L M N O P Q
S S T U V W X Y Z A B C D E F G H I J K L M N O P Q R
T T U V W X Y Z A B C D E F G H I J K L M N O P Q R S
U U V W X Y Z A B C D E F G H I J K L M N O P Q R S T
V V W X Y Z A B C D E F G H I J K L M N O P Q R S T U
W W X Y Z A B C D E F G H I J K L M N O P Q R S T U V
X X Y Z A B C D E F G H I J K L M N O P Q R S T U V W
Y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X
Z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y

Information Security 10.4.03

Luca Viganò 20

The Vigenère Cipher — Encipherment

• Use the table together with a keyword to encipher a message.
• If we use the keyword RELATIONS to encipher the plaintext message
TO BE OR NOT TO BE THAT IS THE QUESTION

then the ciphertext

Keyword: RE LA TI ONS RE LA TION SR ELA TIONSREL

Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION
Ciphertext: KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY

follows by the intersection of the columns given by the plaintext letters and the
rows given by the corresponding keyword letters
A B ··· T ···
A A B ··· ··· ···
B B C ··· ··· ···
... ... ... ... ... ...
R R S ··· K ···
... ... ... ··· ··· ···

Information Security 10.4.03

Luca Viganò 21

The Vigenère Cipher — Decipherment

Encipherment:
Keyword: RE LA TI ONS RE LA TION SR ELA TIONSREL
Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION
Ciphertext: KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY

Decipherment:
Keyword: RE LA TI ONS RE LA TION SR ELA TIONSREL
Ciphertext: KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY
Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION

Use the keyword letter to pick a column of the table and then trace down the
column to the row containing the ciphertext letter: the index of that row is the
plaintext letter.
A B ··· R ···
A A B ··· ··· ···
B B C ··· ··· ···
... ... ... ... ... ...
T T U ··· K ···
... ... ... ··· ··· ···

Information Security 10.4.03

Luca Viganò 22

The Vigenère Cipher — Discussion

Keyword: RE LA TI ONS RE LA TION SR ELA TIONSREL
Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION
Ciphertext: KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY

• This ciphertext illustrates the strength of the Vigenère cipher against frequency
analysis.

• How?

Information Security 10.4.03

Luca Viganò 22

The Vigenère Cipher — Discussion

Keyword: RE LA TI ONS RE LA TION SR ELA TIONSREL
Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION
Ciphertext: KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY

• This ciphertext illustrates the strength of the Vigenère cipher against frequency
analysis.

• How? Look, for example, at the 7 ‘T’s in the plaintext.

Information Security 10.4.03

Luca Viganò 22

The Vigenère Cipher — Discussion

Keyword: RE LA TI ONS RE LA TION SR ELA TIONSREL
Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION
Ciphertext: KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY

• This ciphertext illustrates the strength of the Vigenère cipher against frequency
analysis.

• How? Look, for example, at the 7 ‘T’s in the plaintext.

• They have been encrypted by ‘H’, ‘L’, ‘K’, ‘M’, ‘G’, ‘X’, ’L’.

• This successfully masks the frequency characteristics of the English ‘T.’

• In a nutshell: each letter of the keyword RELATIONS picks out 1 of the 26

possible substitution alphabets given in the Vigenère tableau.

• Thus, any message encrypted by a Vigenère cipher is a collection of as many

simple substitution ciphers as there are letters in the keyword.
Information Security 10.4.03
Luca Viganò 23

The Vigenère Cipher — Attacks and Variations

• The Vigenère Cipher can be broken with the Kasiski/Kerckhoff

Method (1863): find the length of the keyword and then divide
the message into that many simple substitution cryptograms that
can be attacked by frequency analysis.

• The Gronsfeld Cipher is a modern variant of the Vigenère Cipher

in which a key number is used instead of a keyword, e.g. 14965.

• Other ciphers in the next exercises and in the bibliography,

including the Polybius Cipher, the Playfair Cipher, the ADFGVX
Cipher, and the Enigma Machine.

Information Security 10.4.03

Luca Viganò 24

Another Non-Trivial Classical Cipher

Exercise: the Churchyard cipher (simplified)

• History:
– This ciphertext appeared engraved on a tombstone in Trinity
Churchyard (New York) in 1794.
– First published solution: 1896.

• Questions:
– What kind of cipher is it?
– Why is it so difficult to break? (Especially without the hint!)
– What is the plaintext message?
– What is the key?
• HINT: TIC TAC TOE = :

• Similar cipher: the Pigpen Cipher.

Information Security 10.4.03
Luca Viganò 25

A modern cipher: XOR

0⊕0 = 0
0⊕1 = 1
1⊕0 = 1
1⊕1 = 0

where
a⊕a = 0
a⊕b⊕b = a

XOR can be used as polyalphabetic cipher:

P ⊕K = C
C ⊕K = P

but it can be trivially broken!

Information Security 10.4.03
Luca Viganò 26

One-time pads (Vernam cipher)

• Perfect encryption scheme!

• Invented in 1917, still used today for ultra-secure low-bandwidth

channels.

• Large nonrepeating set of truly random key letters, written on

sheets of paper, and glued together in a pad.

• New message ⇒ new key letters.

• Can be extended to binary data, using XOR.

Information Security 10.4.03

Luca Viganò 27

One-time pads
• A one-time pad is a stream cipher defined on A = {0, 1}.
Message m1 · · · mn is encrypted by a binary key string k1 · · · kn.

Ek1···kn (m1 · · · mn) = (m1 ⊕ k1) · · · (mn ⊕ kn)

Dk1···kn (c1 · · · cn) = (c1 ⊕ k1) · · · (cn ⊕ kn)

• Example: m = 010111, k = 110010, and c = 100101

• Since every key sequence is equally likely, so is every plaintext!
Perfect (information theoretical) security, if key isn’t reused.
• Until recently, communication between Moscow and Washington
was secured this way. Keys transported by trusted courier.
Problematic to securely exchange and synchronize long keys.
Information Security 10.4.03
Luca Viganò 28

One-time pads (cont.)

1. Sender uses each key letter on the pad to encrypt exactly one
plaintext character.

2. Encryption: add (modulo 26) the plaintext character and the

one-time pad key character.

3. Each key letter is used exactly once, for only one message.

4. Sender encrypts message and then destroys the pad.

5. Receiver has an identical pad and uses each key on the pad, in
turn, to decrypt each letter of the ciphertext, and then destroys
the pad.

Information Security 10.4.03

Luca Viganò 29

One-time pads (cont.)

• Example:
– If message is ONETIMEPAD and the key sequence from the pad is
TBFRGFARFM, then the ciphertext is IPKLPSFHGQ.
O + T mod 26 = I, N + B mod 26 = P ...
– Every key sequence is equally likely, so attacker has no chance!
– Key sequence could be
POYYAEAAZX ⇒ SALMONEGGS
BXFGBMTMXM ⇒ GREENFLUID
ABCDEFGHIJ ⇒ ...
• Caveats:
– Key letters have to be generated randomly.
– No reuse of key sequence.
– Length of key sequence must be equal to length of message.
– Synchronization sender-receiver is needed.
Information Security 10.4.03
Luca Viganò 30

One-time pads (cont.)

Ciphertexts encrypted according to a one-time pad cipher are
unbreakable.
However, this relies on each one-time pad being used once and only
once.
If a spy intercepts two distinct ciphertexts which have been encrypted
with the same one-time pad, he could (quite easily) decipher them.
Question: which strategy could he adopt to decipher them?
As a concrete example, decipher the two following texts, which were
encrypted with the same one-time pad (mod 26):
• UJHANTAMAWMUZVGKTERRYKUB
• BPGXMKYMBBPYXMOGOEHDEFGH

Which is the one-time pad that was used?

Information Security 10.4.03
Luca Viganò 31

Composite ciphers

• Ciphers based on just substitutions or transpositions are not secure

• Ciphers can be combined. However . . .

– two substitutions are really only one more complex substitution,
– two transpositions are really only one transposition,
– but a substitution followed by a transposition makes a new
harder cipher.

• Product ciphers chain

substitution-transposition combinations.

• Difficult to do by hand
; invention of cipher machines.

Information Security 10.4.03

Luca Viganò 32

A revolution

• Major advance developed in the 1970’s in area of key distribution.

• Solved shared secret “chicken & egg” problem.

– Now 2 parties that had never communicated before could do so
securely.

• First practical scheme was Diffie-Hellman Key Exchange.

– But it requires a number of handshakes.

• Improved by RSA asymmetric cryptography.

– Defines a pair of mathematically related keys (one key needed
to decrypt what has been encrypted by the other).

Information Security 10.4.03

Luca Viganò 33

Bibliography
• Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone.
Handbook of Applied Cryptography. CRC Press, 1996.
Available online at http://cacr.math.uwaterloo.ca/hac/
• Bruce Schneier. Applied Cryptography. John Wiley & Sons, New
York, 1996.
• Doug Stinson. Cryptography (Theory and Practice), CRC Press,
2002.
• Dieter Gollmann. Computer Security. Wiley, 2000.
• Arthur E. Hutt, Seymour Bosworth, Douglas B. Hoyt. Computer
Security Handbook. John Wiley & Sons, 1995.
See the class webpage http://www.infsec.inf.ethz.ch/teaching/ss03/infsec/
and check out the “Security Logics links” there.
Information Security 10.4.03
Luca Viganò 34

Bibliography

• Simon Singh. The Code Book: The Science of Secrecy from

Ancient Egypt to Quantum Cryptograhy. Anchor Books, 2000.

• David Kahn. The Codebreakers: The Story of Secret Writing.

Scribner, 1996.

• Bruce Schneier. Secrets and Lies. Wiley, 2000.

Information Security 10.4.03

Luca Viganò 35

Bibliography: URLs on Cryptography and Ciphers

Some of these webpages let you also experiment with Java versions of the ciphers.

• Cryptography and ciphers:

http://www.trincoll.edu/depts/cpsc/cryptography/index.html
• The Code Breakers: http://www.math.arizona.edu/~dsl/talk.htm
• The Enigma Machine: http://www.swimmer.org/morton/enigma.html,
http://www.codesandciphers.org.uk and http://www.xat.nl/enigma
• Secret Code Breaker Online: http://codebreaker.dids.com/
• Beginners’ Guide to Cryptography: http://www.ftech.net/~monark/crypto/index.htm
• Introduction to Cryptosystems: http://www.math.nmsu.edu/~crypto/Fundamentals.html
• Magic Decoder Game:
http://raphael.math.uic.edu/~jeremy/crypt/cgi-bin/magic-gateway.cgi
• Storia della crittografia (in italian): http:
//www.provincia.venezia.it/mfosc/studenti/crittografia/critto/storia.htm
• Making the Enigma ciphers for the film ”Enigma”:
http://www.qufaro.demon.co.uk/enigmafilm/
• An online bibliography: http://www.ce.chalmers.se/~stefanp/Security/sec_bib.html
• The Cipher IEEE newsletter: http://www.ieee-security.org/cipher.html
• SANS Institute Reading Room http://www.sans.org
• http://www.bakerstreet221b.de/canon/danc.htm
Information Security 10.4.03
Luca Viganò 36

Selected Filmography

• Math in the Movies: http://world.std.com/~reinhold/dir/mathmovies.html

• Cybercinema: http://www.english.uiuc.edu/cybercinema

• Hollywood and computers:

http://www.cbi.umn.edu/resources/hollywood.html

Many westerns with smoke signals; many James Bond or spy movies;
Ulysses; Wargames; Con air; Mercury rising; Mission Impossible;
Sneakers; Pi; The 13th floor; Swordfish; U571; Windtalkers; A
Beautiful Mind; Enigma...

Information Security 10.4.03