the same time that cryptography was becoming a routine diplomatic tool, the science of cryptanalysis was beginning to emerge in the West. Diplomats had only just familiarized themselves with the skills required to establish secure communications, and already there were individuals attempting to destroy this security. It is quite probable that cryptanalysis was independently discovered in Europe, but there is also the possibility that it was introduced from the Arab world. Islamic discoveries in science and mathematics strongly influenced the rebirth of science in Europe, and cryptanalysis might have been among the imported knowledge.
Arguably the first great European cryptanalyst was Giovanni Soro, appointed as Venetian cipher secretary in 1506. Soro’s reputation was known throughout Italy, and friendly states would send intercepted messages to Venice for cryptanalysis. Even the Vatican, probably the second most active centre of cryptanalysis, would send Soro seemingly impenetrable messages that had fallen into its hands.
This was a period of transition, with cryptographers still relying on the monoalphabetic substitution cipher, while cryptanalysts were beginning to use frequency analysis to break it. Those yet to discover the power of frequency analysis continued to trust monoalphabetic substitution, ignorant of the extent to which cryptanalysts such as Soro were able to read their messages.
Meanwhile, countries that were alert to the weakness of the straightforward monoalphabetic substitution cipher were anxious to develop a better cipher, something that would protect their own nation’s messages from being unscrambled by enemy cryptanalysts. One of the simplest improvements to the security of the monoalphabetic substitution cipher was the introduction of nulls, symbols or letters that were not substitutes for actual letters, merely blanks that represented nothing. For example, one could substitute each plain letter with a number between 1 and 99, which would leave seventy-three numbers that represent nothing, and these could be randomly sprinkled throughout the ciphertext with varying frequencies. The nulls would pose no problem to the intended recipient, who would know that they were to be ignored. However, the nulls would baffle an enemy interceptor because they would confuse an attack by frequency analysis.
Another attempt to strengthen the monoalphabetic substitution cipher involved the introduction of codewords. The term code has a very broad meaning in everyday language, and it is often used to describe any method for communicating in secret. However, it actually has a very specific meaning, and applies only to a certain form of substitution. So far we have concentrated on the idea of a substitution cipher, whereby each letter is replaced by a different letter, number or symbol. However, it is also possible to have substitution at a much higher level, whereby each word is represented by another word or symbol – this would be a code. For example,
Using this very limited set of coded words, we can encode a simple message as follows:
Technically, a code is defined as substitution at the level of words or phrases, whereas a cipher is defined as substitution at the level of letters. Hence the term encipher means to scramble a message using a cipher, while encode means to scramble a message using a code. Similarly, the term decipher applies to unscrambling an enciphered message, and decode to unscrambling an encoded message. The terms encrypt and decrypt are more general, and cover scrambling and unscrambling with respect to both codes and ciphers. Figure 6 presents a brief summary of these definitions. In general, I shall keep to these definitions, but when the sense is clear, I might use a term such as codebreaking to describe a process that is really cipher breaking – the latter phrase might be technically accurate, but the former phrase is widely accepted.
At first sight, codes seem to offer more security than ciphers, because words are much less vulnerable to frequency analysis than letters. To decipher a monoalphabetic cipher you need only identify the true value of each of the twenty-six characters, whereas to decipher a code you need to identify the true value of hundreds or even thousands of codewords. However, if we examine codes in more detail, we see that they suffer from two major practical failings when compared with ciphers. First, once the sender and receiver have agreed upon the twenty-six letters in the cipher alphabet (the key), they can encipher any message, but to achieve the same level of flexibility using a code they would need to go through the painstaking task of defining a codeword for every one of the thousands of possible plaintext words. The codebook would consist of hundreds of pages, and would look something like a dictionary. In other words, compiling a codebook is a major task, and carrying it around is a major inconvenience.
Second, the consequences of having a codebook captured by the enemy are devastating. Immediately, all the encoded communications would become transparent to the enemy. The senders and receivers would have to go through the process of having to compile an entirely new codebook, and then this hefty new book would have to be distributed to everyone in the communications network, which might mean securely transporting it to every ambassador in every state. In comparison, if the enemy succeeds in capturing a cipher key, then it is relatively easy to compile a new cipher alphabet of twenty-six letters, which can be memorized and easily distributed.
Even in the sixteenth century, cryptographers appreciated the inherent weaknesses of codes and instead relied largely on ciphers, or sometimes nomenclators. A nomenclator is a system of encryption that relies on a cipher alphabet, which is used to encrypt the majority of a message, and a limited list of codewords. For example, a nomenclator book might consist of a front page containing the cipher alphabet, and then a second page containing a list of codewords. Despite the addition of codewords, a nomenclator is not much more secure than a straightforward cipher, because the bulk of a message can be deciphered using frequency analysis, and the remaining encoded words can be guessed from the context.
Figure 6 The science of secret writing and its main branches.
As well as coping with the introduction of the nomenclator, the best cryptanalysts were also capable of dealing with the presence of nulls. In short, they were able to break the majority of encrypted messages. Their skills provided a steady flow of uncovered secrets, which influenced the decisions of their masters and mistresses, thereby affecting Europe’s history at critical moments.
Nowhere is the impact of cryptanalysis more dramatically illustrated than in the case of Mary Queen of Scots. The outcome of her trial depended wholly on the battle between her codemakers and Queen Elizabeth’s codebreakers. Mary was one of the most significant figures of the sixteenth century – queen of Scotland, queen of France, pretender to the English throne – yet her fate would be decided by a slip of paper, the message it bore, and whether or not that message could be deciphered.
THE BABINGTON PLOT
On November 24, 1542, the English forces of Henry VIII demolished the Scottish army at the Battle of Solway Moss. It appeared that Henry was on the verge of conquering Scotland and stealing the crown of King James V. After the battle, the distraught Scottish king suffered a complete mental and physical breakdown, and withdrew to the palace at Falkland. Even the birth of a daughter, Mary, just two weeks later could not revive the ailing king. It was as if he had been waiting for news of an heir so that he could die in peace, safe in the knowledge that he had done his duty. Just a week after Mary’s birth, King James V, still only thirty years old, died. The baby princess had become Mary Queen of Scots.
Mary was born prematurely, and initially there was considerable concern that she would not survive. Rumours in England suggested that the baby had died, but this was merely wishful thinking at the English court, which was anxious to learn of anything that might destabilize Scotland. In fact, Mary soon grew strong and healthy, and at the age of nine months, on September 9,