Cryptography Series - A Primer on Hallifaxian Encryption A Note From the Hallifaxian Bureau of Internal Security It is the pleasure of the Bureau of Internal Security to present the following primer on cryptography. Encryption of messages in some form has existed in Hallifax since the founding of the city, though the processes involved have grown substantially more complex with time. While the modern methods of cryptography remain secrets of the State, is is pleasing to demonstrate from time to time the intellectual achievements of Hallifax's past as reminder of all it possesses in the present. The following documents are a brief summary of the cryptological tools and methods previously employed by agents of the Commonwealth in times past in order to protect Hallifax both from depredations of other states and from abuse by members of the Empire who worked to erode the State's internal sovereignty. Few particular historic incidents are described in order to protect notable families and the Nation from any possibility of reprisal, though considerable efforts have been made to put various techniques in their historical contexts by outlining applications in which such techniques were used. Parties interested in further education on the subject of cryptological techniques might apply indirectly through the author or directly through the Consortium and Ministry of Peace for the declassification of further materials. Considerable material yet remains which could be safely released, and for an appropriate commission the revelation of even particular present techniques might be engineered around in a satisfactory way by the Ministry. This document was declassified for the education of the Basin following evaluation by the Consortium. All reasonable educational and scholarly uses of this document are authorized for all members of the general public. Commercial uses of this document are forbidden except where expressly permitted by Hallifaxian law. Primitive Cryptographical Methods - Part 1 The earliest techniques in preventing the interception of messages relied not on encryption but on escaping notice altogether. The best security for a message is insured by preventing one's enemies from being aware of the message at all. Both historic records in private hands and the earliest intelligence records attest to many instances and variety of this train of thought. Simple approaches included false pockets and hidden compartments where messages might be stored. One particularly interesting technique was used by local magnates who possessed large numbers of indentured trill workers: A number of feathers would be plucked away from the worker and a message tattooed on the exposed skin. As new feathers grew they would hide the message and the worker could be sent to his or her destination on some trivial errand. Arriving at their destination, the receiving party would once again remove the feathers concealing the message, often then tattooing over the message to permanently obscure it. Obviously, a message cannot be delivered with haste using such a method and similarly one must anticipate that few servants were eager for the task. It is hardly surprising that more convenient and sophisticated means were developed to transmit messages. Similar in principle but with substantial advantages in security was the method of hiding messages within another message. Property barons and the state alike employed a variety of means to hide their business from rivals. The simplest such method is for two communicating parties to establish a standard pattern of enclosure, such as accepting that the first word of each sentence or line in a message will communicate the concealed content of that message. This approach was particularly common during the reign of the Celestine Empire, wherein routine bureaucratic documents would often conceal messages from the church's prying eyes. Embedded messages in this style have a particular advantage over concealed messages in that no suspicion is aroused by discovery of the message. While an inquisitor could arrest a merchant for carrying bills of sale during the time of the Empire, they typically refrained from doing so. Primitive Cryptographical Methods - Part 2 The most sophisticated means of embedding messages employed interesting tools to this end. Prior to the development of true ciphers, these tool-assisted methods represented the pinnacle of espionage. Coincidentally, the need to prepare such tools in secrecy was the primary catalyst for the development of a true intelligence apparatus within Hallifax. Skilled labor and substantial resources necessarily had to be managed without public scrutiny or even awareness. This shift towards professionalism in espionage coincided with a trend to use trained, specialized individuals loyal to the state in preference to hired parties and the transition of the Sentinels from a mercenary company to an integral part of the State apparatus. Alchemists developed so-called 'invisible inks' which could write messages which was only visible under certain conditions, such as under the application of heat or when exposed to certain sources of light. Particularly refined formulations were developed which required specialized eye-wear to detect, sometimes in addition to other requirements such as heating. As with other approaches to embedding messages, these inks allowed the concealment of covert instructions within legitimate messages. While invisible inks were less obvious than messages embedded within the text, which might be detected by casual inspection, the presence of such ink on a document, if detected, did absolutely reveal covert intent. These risks and benefits were obviously carefully weighed on a case by case basis. While it is beyond the scope of this text to provide the formulation of any such ink, interested individuals are encouraged experiment with lemon juice, cactus juice, and nightshade extract, though not all at once. Another tool to allow more sophisticated inclusion of a message within another text was the cryptological grille. Such a device was a plate laid over a message prior to composition or in order to decode a concealed message. The grille possessed a number of holes into which the text of the secret message was written onto the parchment beneath. This accomplished, the grille was removed and a message composed which incorporated the previous text. While the method is in its theory identical to other means of embedding text, the grille allowed for far more complex and irregular patterns than the simple rules typically employed without it. While other encryption tools primarily served the needs of spies and merchant interests, one particular device was developed for secure communications in military applications. Batons of exact size and shape were issued to certain key officers of the State's military. These batons allowed the rapid issuing of messages which would resist decyphering by hostile parties in the short term while remaining easily translatable by the intended recipient. A strip of parchment was wrapped around the baton and the message written across the rings of parchment. Once removed, the contents of the parchment are not trivially understood but can be reconstructed instantly by wrapping the parchment around another baton, provided this second device shares exactly the same shape and size as the original. While a determined party could doubtless make sense of the message given time, in the context of active battle it would be a poor use of an officer's time. In the era of its use, these messages were further secured by the fact that most soldiers would not possess full literacy and so the task of deciphering a message could not be passed on to less important parties. Finally, the method provided a certain degree of security against injection of false messages as such a message would not be compatible with the recipients' baton. It seems that these tools were so strongly associated with rank that they became components of formal dress for many officers long after they ceased to be used for covert purposes. Simple Ciphers Early instances of covert communication were relatively simple, focused more on avoiding detection than resisting decryption. As the matters of state become increasingly complicated and sensitive, the consequences of an intercepted and decrypted message have become increasingly severe while the means to deliver them have become more reliably secure. Consequently, the state moved to develop means to conceal the content of vital messages even from enemies who understood that information was being concealed and potentially were even aware of the form of that information. The first such means was the use of code phrases. Little evolved from embedded messages, code words were simply substitutions of sensitive information for other terms according to an agreed upon standard. If payment was to be delivered to a designated drop point, a message might instead inform the recipient that alms were to be distributed according to the usual schedule. Most code phrases utilized the language and customs of the Church of Celest which, at the time, possessed both the most legitimacy of any organization in the Empire and which possessed the greatest capacity to curtail Hallifaxian agendas. A particular example of coded messages is displayed in the publication "Operation Mint" by Lord Portius wherein an agent receives a message informing the agent that their sins will be forgiven as a coded instruction granting permission to kill. With the benefit of hindsight, it is obvious that greater efforts should also have been taken in confounding the nascent Illuminati developing within Gaudiguch at this time. The failure to contain this threat while it was small is one of the greatest mistakes in the Beacon's history. Beyond the use of code phrases, true encryption begins. The simplest and earliest form of encryption was the shift cipher. In a shift, a key value is agreed upon by both parties. The encrypter uses this key value to shift each letter of their message forward a number of steps, while the receiver then reserves this process. For example, with a key value of '3', the letter 'A' in a message would be written as 'D' and the receiver would decode the letter 'E' to understand a meaning of 'B'. As a more complete example, using the same key of '3', the message, "FRAME THE AQUAMANCER FOR THE INQUISITOR'S MURDER" would be written as "IUDPH WKH DTXDPDQFHU IRU WKH LQTXLVLWRU'V PXUGHU". As before, there is a trade-off in lost deniability when making a communication more secure. When a physical document is being used to transmit a covert message, it is common to employ both encryption and means of concealment to mitigate risk. While the shift cipher provides a certain degree of security, it is trivially overcome by a determined reader. Once any portion of the message is understood, the key is obvious and the rest of the message can quickly be decrypted. The next development in intelligence techniques was the substitution cipher. Rather than use a single off-set for every letter, a mapping is made between each letter and a corresponding cipher letter. For example, if the letters 'ABCD' were mapped to 'RPSN', the word 'BAD' would be written 'PRN'. Both the sender and the receiver must possess the substitution key in this method, as the receiver must reverse the direction of the mapping to recover the message. Substitution has advantages over a shift cipher in that the failure of any one letter or even word of the of cipher weakens but does not compromise the strength of the rest of the message. It is further noted that substitution ciphers are the basis of almost later ciphers and in various forms represented the state of the art from the early days of the empire until the modern day. Only recently, mathematical methods developed by the Matrix Research Institute have allowed the development of 'asymmetric encryption' which does not in some way rely on the principles of simple substitution. Early Modern Ciphers While substitution ciphers are sufficient to deter the average wine-sotted dracnari or dull-witted orclash, a message of sufficient length is trivially decodeable by a determined party since each letter that can be discovered weakens the integrity of the remaining message. As in the case of a shift cipher, any knowledge of the 'key' potentially endangers the entire message. It followed naturally that obscuring the relationship between the key and any individual letter of a message reduces the vulnerability of the message to decryption. A shifting substitution obscures the relationship between the message and the substitution key. In such a scheme, the entire substitution key is shifted after each letter is written. By way of example, if an initial key may begin as 'ABCD' mapping to 'XHPR'. In a simple substituion, the word "BAD" would now be encoded as 'HXR'. With a shifting subsitution, with a 'shift' of one, the entire key would rotate by one step after each letter is written. Translating 'BAD' would still begin with the letter 'H', but this would prompt a shift in the key. Moving each letter in the key one space to the right, the new key becomes 'ABCD' to 'RXHP' instead of 'XHPR'. Now the second letter is selected, with 'A' now mapping to 'R'. The key shifts again for the next letter, with 'ABCD' mapping to 'PRXH', and so the letter D is written as H. With the shifting substitution, 'BAD' is now encrypted as 'HRH'. In the context of a larger message, it is obvious how this potentially confounds a foe who might now assume that 'HRH' much have the same first and last letter. With the shifting substitution, decrypting a single portion of the message no longer weakens the rest of the message unless the shift is discovered and accounted for. In the theme of a protected key, the ultimate form of message security is the so-called 'one-time pad'. Rather than develop a simple correspondence between sets of letters, the one-time pad requires a key as long as or longer than the message, known to both parties in advance. This key is a string of characters or numbers which the encoder uses to operate upon their coded messages in the manner of a shift cipher. For example, with a 'pad' of '1532' and the message 'BAD', the first letter is shifted forward once, to 'C', the second five times to 'F', the and third three times, to 'G', producing 'CFG'. Because each letter is protected by its own key, no portion of the message is weakened whatsoever by the decryption of any other part. What is more, since the one-time pad does not follow any particular set of rules, any possible decryption is as likely as any other possible decryption; That is to say that a three letter word combination in an encrypted message potentially decrypts into any three letter word in the original message. Discussion of Future Works More complex methodologies of encryption exist. The state of the art in most of the Basin is mechanical encryption, where a tool of some sort is used to effectively generate a one-time pad on demand that can be reproduced by the receiving party by utilization of an identical mechanical tool. The simplest of these base the encryption of each letter off of the previous letter, resulting in an encryption considerably more secure than substitution, but still vulnerable if a portion of the plain text of the message is known. More advanced machine ciphers exist, utilizing multiple letters to determine the encryption of each letter and requiring most of the message to be known to defeat the encryption. Finally, the most advanced machines effectively their message multiple times using different combinations of letters for each layer to render a message effectively unbeatable without knowledge of the encryption pattern. Beyond mechanical encryption, Hallifax has developed methodologies of “asymmetric encryption”, which require a different key for encoding and decoding. These processes utilize complex mathematics to generate an encryption which is not reverse-engineerable, even if the decryption key is known to an adversary. Both mechanical and asymmetric encryption will be discussed in a later work. Moreover, a practice primer and best practices guide will provide practical experience with the techniques described in this and following works.