Invited Paper. Nature-Inspired Cryptography: Past, Present and Future

Classical ciphers are based around the notions of character substitution and transposition. Messages are sequences of characters taken from some plaintext alphabet (e.g. the letters A to Z) and are encrypted to form sequences of characters from some ciphertext alphabet. The plaintext and ciphertext alphabets may be the same. Subsitution ciphers replace plaintext characters with ciphertext characters. For example, if the letters of the alphabet A..Z are indexed by 0 . . . 25, then a Caesar cipher might replace a letter with index k by the letter with index (k + 3) mod 26. Thus, the word “JAZZ” would become “MDCC”. Transposition ciphers work by shuffling the plaintext in certain ways. Thus, reversing the order of letters in successive blocks of four would encrypt “CRYPTOGRAPHY” as “PYRCRGOTYHPA”. Modern crypto-systems have now supplanted the classical ciphers but cryptanalysis of classical ciphers is the most popular cryptological application for meta-heuristic search research. Why is this so? The reasons are probably mixed. The basic concepts of substitution and transposition are still widely used today (though typically using blocks of bits rather than characters) and so these ciphers form simple but plausible testbeds for exploratory research. Problems of varying difficulty can easily be created (e.g. by altering the key size). They seem also to be natural candidates for meta-heuristic solution as argued below. Consider a simple substitution cipher on the letters A . . . Z indexed by 0 . . . 25 as above. The keyspace for this type of system is the set of bijective functions f : 0 . . . 25 → 0 . . . 25. Given ciphertext C, decryption can be thought of as a function fC(K) from the keyspace to the space of plaintext messages. Decrypting ciphertext using keys that are ‘nearly the same’ gives rise to plaintexts that are nearly the same. Similarly, keys that are ‘nearly correct’ give rise to plaintexts that are nearly correct. With respect to correctness the decryption operation is reasonably continuous over the keyspace. This is crucial to the general use of heuristic search since some means of homing in on the solution is required. It is this continuity that makes these problems natural candidates for guided search techniques. One cannot know how correct a decrypted text is without knowing the plaintext. Instead, the degree to which decrypted text has the distributional properties of natural language is taken as a surrogate measure of correctness of the decryption key. In English text the letter “E” will usually occur more than any other. Similarly, the pair (bigram) “TH” will occur frequently, as will the triple (trigram) “THE”. In contrast, the occurrence of the pair “AE” is less common and the occurrence of “ZQT” is either a rare occurrence of an acronym or else indicates an terrible inability to spell. The frequencies with which these various N-grams appear in plaintext are used as the basis for determining the correctness of the key which produced that plaintext. The more the frequencies resemble expected frequencies, the closer the underlying decryption key is assumed to be to the actual key.