(Re)-introducing La Cryptographie Militaire

Kerckhoffs’ classic MILITARY CRYPTOGRAPHY or CIPHERS USED IN TIME OF WAR

Alex Gantmann (@againsthimself) and Devdatta Akhawe (@frgx)

Download ebook pdf epub mobi docx

If you have spent any time working with computer security, chances are you have heard of Kerckhoffs’ Law: security of the system must not rely on secrecy of any part other than the key, often condensed into the pithy saying “no security through obscurity.” But despite the ubiquity of the maxim, and even citing it a few times in our own talks, we had never actually read Military Cryptography, which introduced the concept. Last year, Alex finally got around to reading it and enjoyed it immensely–recommending it to Dev. We both were pleasantly surprised how something written more than 140 years ago remains readable and so relevant even today.

Although Military Cryptography’s legacy is Kerckhoffs’ Law (something we have talked about), the work is much more than that. It is an excellent systematization of pre-digital cryptography; it is a passionate advocacy for, and a prime example of, the importance of publishing offensive security research; and it is a fascinating historical artifact.

As an overview of early cryptosystems, it is as informative and accessible as any modern text. Kerckhoffs methodically describes classical cryptographic techniques (substitution, transposition, etc.) and proceeds to demonstrate how trivially broken all of them are, providing a hands on primer of pen-and-paper cryptanalysis with worked examples of n-gram frequency analysis, ciphert-text-only, and known-plaintext attacks. To this day it is one of the most cogent and accessible overviews of early attempts to encrypt messages.

Kerckhoffs’ exposition of cryptosystem weaknesses is a prototypical attack paper in style and substance. Mercilessly snarky, it would have been right at home in Phrack (think Smashing Ciphers for Fun and Profit). A tinge of Victorian passive-aggressive propriety hones the edge and makes the read even more enjoyable.

Verily, citizen Dlandol was a better patriot than decrypter!

It is probable that the general was stronger in military tactics than in cryptography,*

With all due deference to the author whom I have just quoted, the system […] is not much more difficult to decrypt than a modest simple-key cipher.*

Whatever Colonel Laussedat, the author of the report I have just quoted, may think of it, messages written with the Wheatstone cryptograph are perfectly decipherable.*

Kerckhoff is adamant in his defense of open discussion and teaching of cryptanalytic attacks:

I believe I am not acting like a bad citizen in exposing to the light of day a state of affairs [which] our foreign enemies some day might only too well and too easily turn to account.

He puts the blame for the sorry state of contemporary cryptography on the lack of awareness of past attacks and strongly advocates for the critical role offensive knowledge plays in defense.

it will only be when our officers have studied the principles of cryptography and learned the art of decrypting, that they will be in a position to avoid the numerous blunders that endanger the key of the best ciphers, and to which the ordinary ones are necessarily exposed

As a historical text Military Cryptography is a wealth of references to European cryptologic work from 15th-19th centuries and from Roman antiquity. One of the joys of reading older works is being surprised by what has and has not changed. In this case our attention was caught by Kerckhoffs’ remarks on how relatively recent social (and legal) acceptance of secret communication is.

in those times of distrustful ignorance [the Middle Ages], it was just as dangerous to correspond in a mysterious or indecipherable language as to write in the clear the most compromising secrets. Even in the 17th century, the simple fact of having corresponded in secret characters was still considered as an aggravating circumstance by the English courts. […] Chancellor Bacon pointed out, as a grave charge against the accused noble, his habit of writing to his friends in cipher.

In the context of ongoing attempts by governments to regulate private use of encryption, these comments from almost 150 years ago did not age nearly as much as we could have hoped.

Of course it is Kerckhoffs’ Law that has cemented Military Cryptography’s place in countless bibliographies. The tenet that has become synonymous with the author’s name is actually one of six requirements that Kerckhoffs lays out for proper military-grade encryption.

  1. The system must be practically, if not mathematically, indecipherable.
  2. It is necessary that it not demand secrecy, and that it may without inconvenience fall into enemy hands.
  3. The key must be able to be communicated and remembered without the help of written notes, and to be changed or modified at the will of the correspondents.
  4. It must be applicable to telegraphic correspondence.
  5. It must be portable, and its handling and operation must not require the presence of several persons.
  6. Finally, it is necessary, in view of the circumstance governing operation, that the system be easy to use, not demanding intense mental effort nor the knowledge of a long series of rules to be observed.

According to Kerckhoffs, “Everyone agrees that the last three requirements are justified, but there is no such agreement on the first three.” Ironically, it is the first three requirements that have best withstood the test of time, while the last three have become largely irrelevant with the advent of digital systems. The first requirement is now accepted as a given. The second requirement is the one that tends to get all the publicity, and the one we know as Kerckhoffs’ Law. But it is the key replacement clause in the third requirement, and how it interacts with Kerckhoffs Law in the context of modern systems, that is often forgotten.

We believe Kerckhoffs’ Military Cryptography deserves a place alongside Thompson’s Reflections on Trusting Trust and Saltzer’s and Schroeder’s The Protection of Information in Computer Systems. It is our pleasure to share this digitally typeset reprint of the “Machiavelli” translation, with figures from scans of the original hosted by Fabien Petitcolas. We hope you enjoy reading it as much as we did.

Download ebook pdf epub mobi docx

Built on pandoc-markdown-css-theme.