Talk:Encryption

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Cryptography / Computer science  (Rated Start-class, Top-importance)
WikiProject icon This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the quality scale.
 Top  This article has been rated as Top-importance on the importance scale.
Taskforce icon
This article is supported by WikiProject Computer science (marked as Top-importance).
 
edit·history·watch·refresh Stock post message.svg To-do list for Encryption:
  • Revamp taxonomy diagram
  • Illustrate general process of both public and private-key encryption.

I believe that the first three words regarding cryptography have it backwards. Cryptographic protocols are a subset of encryption, not the other way around. Where, before computers, the distinction wasn't instructive, it is now. When I was provided the hyperbolic phrase, cryptographic encryption, it had a dissonance, because it was in the past redundant, and today, plain wrong. Encryption is the larger matter, various cryptographic schemes are a subset. But to simply re-write that, In encryption, cryptography etc etc does a huge injustice to clarity.

Perhaps, Cryptography is a manner of encryption which employs an express protocol intended to...

Maybe there can be a phrase to modify protocol, so we don't encrypt this revised definition. But this needs a discerning eye because physics and computer geeks are misusing this term by the second. ----

articles should be merged, too similar[edit]

Encryption and Cipher are currently too similar. They should be merged, or Cipher should be specialized to the customary (though vague) subset of private-key encryption.

disagree, and problems w/ diagram[edit]

Tromer, Your observation is a common misunderstanding. Encryption can be done in several ways, only one of which uses a cypher. As for 'cipher' being customarily a subset of private-key encryption, that is true only if by private key one means symmetric key cypher. At least that's the sense I take from your comment. The spelling is (cy v ci) is irrelevant as to meaning, but excites comment (see Talk:Cryptography for some history on WP). As the diagram notes, cyphers come in symmetric and asymmetric flavors, and symmetric cyphers are sometimes (confusingly) called private key cyphers. Asymmetric key cyphers are sometimes (wrongly) taken to be all public key/private key cyphers. Not all are, as there exist some in which there are no public keys.

As for the diagram, I will note that the placement of rotor machine is probably incorrect. Rotor machines (as the Hebern machine, Enigma machine, SIGABA, Typex, and even the non-rotor Japanese stepping switch machines) are fundamentally substitution cyphers, albeit polyalphabetic ones. The diagram should reflect this. ww 15:12, 19 Jul 2004 (UTC)

I'm going to make a text version of the diagram here, so it's easier for me (and presumably others) to edit:

  • Ciphers
  • Classical
    • Substitution
      • Rotor machines
    • Transposition
  • Modern
    • Public Key (shouldn't this be "assymetric key" ?)
    • Private Key (shouldn't this be "symmetric key" ?)
      • Stream
      • Block

Do "Stream" and "Block" really only apply to "Private Key" ciphers ?

Steam and block: in usage, yes. "Public key" and "private key" are, essentially, synonymous with "assymetric" and "symmetric key".— Matt 09:18, 22 Aug 2004 (UTC)

Taxonomy approach[edit]

See also Image talk:Cipher-taxonomy.png. There is a problem with making a taxonomy of ciphers. There are (at least) two ways of approaching it, and each is somewhat unsatisfactory. The first is a more "abstract" classification, dividing the ciphers strictly according to how they function. The problem with this approach is that you then make distinctions that are never made in practice: the distinction between substitution and transposition is only really used in the context of classical ciphers; the distinction between symmetric and asymmetric ciphers is only really used in the context of modern cryptography, and so on.

The alternative approach, employed here, is to divide ciphers into sections according to how they are divided in practice. The problem with the "usage-reflecting" style is that, e.g., a classical substitution cipher isn't labelled as a symmetric key cipher, which might be desirable, but I think it's more important to reflect usage. — Matt 09:18, 22 Aug 2004 (UTC)

I think that classical ciphers would fit well enough under symmetric encryption in a symmetric vs. asymmetric layout. Jobarts-Talk 07:46, 19 January 2006 (UTC)

Encryption: hash functions?[edit]

I moved this recent addition here temporarily:

Cryptographic hashes, also known as one-way hashes or message digests, are used to encrypt data so that it cannot ever be decrypted, but it can be recognized because the same data always produces the same output. Other unique features of this form of encryption include that no matter the size of the input, the size of the output is always the same (the size of the output varies from algorithm to algorithm), and that no keys are used. Popular algorithms include MD5 and SHA. See the Cryptographic hash function entry for more information.

I'm not sure this is the right place to diversify into a discussion of crypto hash functions -- secure hashing isn't usually described as "encryption", although it's certainly part of cryptography and symmetric key cryptography. — Matt 13:14, 2 Oct 2004 (UTC)

I think this should be moved to the "Message verification" subsection. Greatpopcorn (talk) 03:02, 13 November 2013 (UTC)

Cryptographic hash functions[edit]

While cryptographic hash functions are certainly not a cipher, they are a vital part of encryption technology. Someone unfamiliar with the plumbing of encryption will just type "encryption" into Wikipedia and hope to get an overview of the subject with links to the details. This seems like a reasonable approach to making the Encryption and Cipher entries different so they work best for users. Encryption is a more general term.

It is logical that the Encryption entry should have brief descriptions of symmetric and asymmetric ciphers, hash functions and encryption-strength pRNGs in order to best serve users who may be unfamiliar with the categories or taxonomy related to the subject.

Vancegloster 21:27, 3 Oct 2004 (UTC)

OK, I can see what you're getting at here; you're saying that "encryption" is sometimes used to mean "encryption technology", which is essentially the field of "cryptography". Currently, we have an overview of the field in Cryptography, which deals (hopefully) with everything, including the entire gamut of PRNGs, digital signatures, hash functions, secret sharing schemes, authentication protocols, MACs and so on. This article, which deals with ciphers, is termed Encryption — in my experience, most cryptographers use "encryption" to refer to the action of ciphers, so it's a good title. You've pointed out, though, that sometimes people are looking for an overview of the entire field when they search for "encryption". Your suggestion is to move the cipher stuff into an article called Cipher, and have Encryption survey all the cryptography mechanisms. The problem with this is that most of Cryptography and Encryption would then be duplicating each other to a large extent. I'd propose an alternative: to this page, add a "disambiguation" header saying something like:
This article is about algorithms for encryption and decryption. For an overview of cryptographic technology related to encryption, see cryptography.
Do you think that would suffice? — Matt 22:14, 3 Oct 2004 (UTC)

This does seem reasonable. Vancegloster 23:54, 7 Oct 2004 (UTC)

Text added by anon user[edit]

This text was added by an anonymous user. I'm not at all sure what it is supposed to be saying, so I've moved it here:

practical example of not too deciphered news

--Fastfission 02:18, 27 Jan 2005 (UTC)

Fastfission, you did the first half of the job. I did the other half: I deleted all that gibberish by some German joker, who can't even write decent English. Just in case anyone wants to look at it, it's down there in this page's history. --AVM (talk) 16:08, 26 September 2008 (UTC)

Ciphers versus codes[edit]

Besides of a bit confusing diagram in the "Types of cipher" section, I think that in the "Ciphers versus codes" section distingushing between codes and ciphers based on amount of data processed (words x letters) is a misunderstanding.

As I always understood it, codes are not directly related with security (meaning security against intruders, etc.), but rather they are used to transfer data in a defined form and/or to secure data against transfer errors. For example [error correcting codes like the Hamming code or ASCII code and many others.

Therefore i disagree with the sentence: "Some systems used both codes and ciphers in one system, using superencipherment to increase the security."

Of course I mean the "technical discussions" usage of the words.

Finally, I found out that in cryptography article the definition of code x cipher is the same. But I still disagree :).

What are your opinions?

PeP

I agree that the diagram is confusing, so I've removed it for now. Codes were indeed used in cryptography for secrecy, and not (well, not primarily) for error checking or as a standard like ASCII. — Matt Crypto 21:05, 14 January 2006 (UTC)

Encryption (album)[edit]

I apologise, I don't know how to use the coding that has been used at the top of the article to talk about other uses of the word. I just thought that it may be worth adding a note about the album Encryption by Pro-jekt. J Milburn 16:29, 11 September 2006 (UTC)

Anyone? J Milburn 09:46, 22 October 2006 (UTC)

External links[edit]

I'm restoring edits to the External links section that were reverted by User:Austinmurphy, claiming they were self promotion. I have nothing to do with any of the sites listed before or after the edits. Some of the changes I made were to conform to Wikipedia capitalization style. I removed three links, one to an article that promoted several commercial products for tape backup, one to Encryption, from MysecureCyberspace's encyclopedia on cybersecurity which has a couple of paragraphis on the subject and a link back to Wikipedia, and SecurityBulletins.com Basic Encryption testing methods, which suggest users test encryption software by trying to compress the output, a rather inadequate approach, to say the least. I also replaced a link to the pgpi website which is rather out of date with one to the GPG website. If anyone has a problem with these changes please discuss it here. --agr 22:30, 18 October 2006 (UTC)

where's sourcecode?[edit]

i'm not a mathetician, hell i failed all my math classes, but i consider myself to be a programmer but i've learn some math just by programing.. (weird huh?) is there any non math equations that show encryption techniques, the links like this [1] didn't help much, i rather have newbie friendly sourcecode.. to examine and apply. —The preceding unsigned comment was added by 75.15.191.81 (talk) 02:31, 4 January 2007 (UTC).

Try [2]--agr 02:19, 5 June 2007 (UTC)
Haven't you ever considered learning some English? --AVM (talk) 16:10, 26 September 2008 (UTC)

Trim see also[edit]

I trimmed the see also section. I think it should be kept to major topics in encryption, and not become a laundry list of articles that touch on encryption. In particular I removed the recently added Zodiac Killer link, but I did add the the unsolved codes and ciphers category to the Zodiac Killer article. --agr 02:19, 5 June 2007 (UTC)

History of the word 'cipher'[edit]

To quote pages 80-81 of Zero, The Biography of a Dangerous Idea, by Charles Seife:

Italian merchants loved the Arabic numbers. They allowed the bankers to get rid of their counting boards. However, while businessmen saw their usefulness, the local governments hated them. In 1299, Florence banned Arabic numerals. The ostensible reason was that the numbers were easily changed and falsified. (A 0 could be turned into a 6 with a simple flourish of a pen, for instance.) But the advantages of zero and other Arabic numerals were not so easily dispensed with; Italian merchants continued to use them, and even used them to send encrypted messages - which is how the word 'cipher' came to mean "secret code."

Of course, you must keep in mind that Zero-into-6 was at the core of the issue, and that the old name for Zero was cipher.

ryanakca 14:57, 31 August 2007 (UTC)

Spliting this article[edit]

Most of this article is about term "cipher", not about term "encryption". I see that this article was created by merger of those two articles, so this situation is understandable. I propose 2 possible solutions:

  1. move this article to Cipher
  2. split this article to Cipher and Encryption by moving everything except the introduction to Cipher and leaving only the intro section here. That would make Encryption a stub, but would solve our problem. --Dijxtra (talk) 21:31, 27 November 2007 (UTC)
I would suggest we move out the Etymology of cipher section only. A cipher is an algorithm for encryption — essentially, it's the same topic. — Matt Crypto 22:13, 27 November 2007 (UTC)
Yes, it's the same topic, but two different terms. It's a bit confusing this way: article which is about cipher is named "encryption". I think we gain a lot on clarity if we move the stuff about the cipher to new article called "Cipher". I don't see why we can't have a small article "Encryption" which would say something like "encryption is the act of using a cipher", and then a big "Cipher" article which deals with term cipher. Wouldn't that be terminologically correct? --Dijxtra (talk) 08:41, 28 November 2007 (UTC)
As there were no stern opposes, I proceeded with split. Now I will revamp the articles to make 2 meaningful entities. --Dijxtra (talk) 11:45, 29 November 2007 (UTC)
Hmmm. I agree that this article could do with cleaning up, but I don't think two separate articles on the same topic is the best way to go. After all, how do you decide what goes in cipher and what goes in encryption if they're covering the same thing? I suggest we merge them back; I don't particularly mind if the article is called "cipher" or "encryption", but I think we should really cover it in one place. — Matt Crypto 20:38, 29 November 2007 (UTC)
In most current usage, I believe, "encryption" is a broader term than "cipher" and includes techniques such as code books and secret algorithms that do not have a key. Arguably it could extend to analog scramblers and mechanical devices. So I think the split is a good idea, but the encryption article needs to written more broadly. It should mention classical ciphers, rotor machines, codes, and give a brief intro to public key crypto. --agr (talk) 21:28, 29 November 2007 (UTC)

References[edit]

Two of the five references were to obscure papers by a Saudi. I removed them. Care should be taken to make sure he doesn't add them back. The references should be to well known authoritative works like _Code Breakers_. —Preceding unsigned comment added by 67.163.141.50 (talk) 13:23, 26 April 2008 (UTC)

Why would an obscure work not be appropriate? I haven't seen that in any guidelines. Binksternet (talk) 13:32, 26 April 2008 (UTC)

Ibrahim Al-kadi references[edit]

Somebody keeps removing the works by Ibrahim Al-kadi. Please explain why. Binksternet (talk) 13:30, 26 April 2008 (UTC)

Would you mind explaining why you think these references should be in the article. 85.2.112.20 (talk) 15:17, 26 April 2008 (UTC)
I haven't read them; I have no idea what's in them. I am simply reacting to their removal without sufficient explanation. Their being obscure isn't good enough reason for removal. Binksternet (talk) 16:29, 26 April 2008 (UTC)
Ok, thanks for the clarification. 85.2.112.20 (talk) 17:11, 26 April 2008 (UTC)
I think it's fair to ask why they are present in this article. They do look like random citations -- why not any of the other hundreds of journal and conference papers about crypto? Are they being used as a source for any specific point in this article? There's certainly nothing in this article specifically about Arabic cryptology. We have more specialised articles (e.g. History of cryptography). — Matt Crypto 17:12, 26 April 2008 (UTC)
Good points. Binksternet (talk) 15:12, 28 April 2008 (UTC)

hisecure.net[edit]

Why would someone remove a site that is related to encryption from external links? www.hisecure.net —Preceding unsigned comment added by Metamorph123 (talkcontribs) 04:36, 11 July 2008 (UTC)

Because it looks like spam and/or isn't particularly notable? Nuwewsco (talk) 07:41, 11 July 2008 (UTC)

Blog external link[edit]

Please explain why a blog link should be included at External links. Binksternet (talk) 15:07, 22 April 2009 (UTC)

Because it has useful information about the topic. Please give your suggestion after reading the article. --Player82 (talk) 15:23, 22 April 2009 (UTC)
I see an article about printer data encryption; one that doesn't attribute its author. Without an author, we have no sense of expertise or reliability, per WP:RS. I see a small amount of text information that, if brought here, could amplify this article. Having useful information is a trait of a good reference, having too much useful information, too much detail, is a trait of a good external link. Binksternet (talk) 16:26, 22 April 2009 (UTC)

Not quite on the subject[edit]

I have been told a WWII encryption was based on an old phone book. i.e. essentially use once pad easy to get by both parties. I was also told it was broken.

Anyone know how?Aaaronsmith (talk) 19:57, 31 May 2009 (UTC)

This is a book cipher. If you have a reliable reference that book ciphers were used during WWII, it might be worth adding them to the article on book ciphers. 92.106.113.28 (talk) 07:27, 1 June 2009 (UTC)

Agreed. It is a book cipher. I can see how statistical analysis (a lot of it) might reveal the pattern in a book cipher that is based on a novel (something the Soviets loved to do). However, the numbers running down the columns in a phone book are essentially random. Does anyone know how that particular one was solved?Aaaronsmith (talk) 05:31, 6 June 2009 (UTC)

Merge disk encryption ?[edit]

I think the Disk encryption page should be merged here Bikepunk2 (talk) 17:06, 15 February 2010 (UTC)

I disagree. Encryption is different from Whole Disk encryption. This page explains encryption in general, whereas Disk encryption explains methods of whole disks being encrypted. For example, Pretty Good Privacy discusses encryption of a specific type. It still falls under the category encryption, but not whole disk. However, I think a In Wikipedia, Encryption may refer to the Full disk encryption. tag should be put up. --MithrandirAgain (Talk!) 02:42, 29 May 2010 (UTC)

I also disagree Rfellows. As pointed out by others, these topics require sufficient space to explain. Perhaps earlier, when both were shorter it would have made sense. Now, Disk encryption is actually longer and more complete than this article. 11:26 04 October 2010 (UTC)

Password protection[edit]

undid improper edit 21:42, 25 May 2010 TedColes (talk | contribs) (6,222 bytes) (Undid revision 364137170 by 67.51.122.18 (talk) Incorrect use). Tedcoles is deleting text that seems quite critical to understanding what this term means. It is widely accepted that password protection is a form of encryption. —Preceding unsigned comment added by 209.162.45.112 (talk)

Do others agree with this anonymous assertion that password protection is a form of encryption? Finding the password would lead to the raw information, i.e. plaintext not ciphertext, so in my book the information is not encrypted.--TedColes (talk) 09:17, 1 June 2010 (UTC)
No, password protection is not encryption. Breaking the password is like breaking the lock off of a bicycle—one can immediately ride the bicycle. Encryption is nowhere near that easy. Binksternet (talk) 15:45, 1 June 2010 (UTC)

Yes, password protection is widely accepted as a form of encryption. — Preceding unsigned comment added by 67.51.122.18 (talk) 15:45, 10 November 2011 (UTC)

product-specific POV[edit]

The last paragraph shows a product/implementation specific point of view.

It should be removed, but I think the note about where things should be encrypted could remain. So I'm changing it. — Preceding unsigned comment added by IsmaelLuceno (talkcontribs) 11:20, 30 May 2011 (UTC)


Its not been changed and I too think it should be removed. I added the POV tag to warn users away from the statement. 97.83.152.148 (talk) 17:45, 11 August 2011 (UTC)

Short[edit]

I removed the table of contents from this article because I felt it was distracting and served no purpose (there's no subsections!). Please add subsections! 68.173.113.106 (talk) 03:16, 7 March 2012 (UTC)

RfC concerning the Lavabit email service[edit]

There is a request for comments (RfC) that may be of interest. The RfC is at

Talk:Lavabit#RfC: Should information about Lavabit complying with previous search warrants be included?

At issue is whether we should delete or keep the following text in the Lavabit article:

Before the Snowden incident, Lavabit had complied with previous search warrants. For example, on June 10, 2013, a search warrant was executed against Lavabit user Joey006@lavabit.com for alleged possession of child pornography.

Your input on this question would be very much welcome. --Guy Macon (talk) 05:07, 29 August 2013 (UTC)