Secret History: The Story of Cryptology

Posted on by Ben Rothke

Narrating a compelling and interesting story about cryptography is not an easy endeavor.   Many authors have tried and failed miserably; attempting to create better anecdotes about the adventures of Alice and Bob.  David Kahn did the best job of it when wrote The Codebreakers: The story of secret writing in 1967 and set the gold standard on the information security narrative.  Kahn’s book was so provocative and groundbreaking that the US Government originally censored many parts of it. 

A lot has changes since 1967, and while Secret History: The Story of Cryptology is not as groundbreaking, it also has no government censorship.  With that, the book is fascinating read that provides a combination of cryptographic history and the underlying mathematics behind it. 

As a preface; the book has cryptology in its title, which is for the most part synonymous with cryptography.  Since cryptography is more commonly used, I’ll use it in this review.

Kahn himself wrote that he felt this book is by far the clearest and most comprehensive of the books dealing with the modern era of cryptography including classic ciphers and some of the important historical ones such as Enigma and Purple; but also newer systems such as AES and public-key cryptography.

The book claims that the mathematics detailed in it are accessible requiring minimal mathematical prerequisites.  But the reality is that is does require at least a college level understanding, including algebra, calculus and more.

As an aside, nearly every book on encryption and cryptography that claims no advanced mathematical knowledge is needed doesn’t meet that claim.  With that, Bauer does a good job of separating the two narratives in the book (cryptography and history), so one who is not comfortable with the high-level math can easily parse through those sections.

Bauer brings an extensive pedigree to the book, as he is a former scholar-in-residence at the NSA Center for Cryptologic History.  While Bauer has a Ph.D. in mathematics, that does not take away from his ability as an excellent story teller.  And let’s face it; telling the story of cryptography in a compelling and readable manner is not an easy task.

The 20 chapters in the book follow a chronological development of encryption and cryptography; from Roman times to current times.   Each chapter has a set of exercises that can be accessed here.  Besides being extremely well-researched, each chapter has numerous items for further reading and research.

Chapters 1-9 are focused on classical cryptology, with topics ranging from the Caesar cipher, Biblical cryptology, to a history of the Vigenère cipher, the ciphers of WW1 and WW2 and more. 

In chapter 8 World War II: The Enigma of Germany, Bauer does a great job of detailing how the Enigma machine worked, including details regarding the cryptanalysis of the device, both in its rotor wirings and how recovering its daily keys ultimately lead to is being broken.  The chapter also asked the question: what if Enigma had never been broken, and provides a provocative answer to that.

Chapter 8 opens with the famous quote from Ben Franklin that “three may keep a secret if two of them are dead”.  He notes that the best counterexample to that is of the 10,000 people that were involved in the project to break the Enigma.  They all were able to maintain their silence about the project for decades; which clearly shows that large groups can indeed keep a secret.    Bauer notes that it is often a reaction to conspiracy theories that large groups of people could never keep a secret for so long. 

Chapter 9 provides a fascinating account of the Navajo code talkers.  These were a group of Navajo Indians who were specially recruited during World War II by the Marines to serve in their communications units.  Since the Navajo language was unknown to the Axis powers; it ensured that all communications were kept completely secret.

While part 1 is quite interesting; part 2, chapters 10-20 focuses on modern cryptology and is even more fascinating.  Bauer does a fantastic job of encapsulating the last 60 years of cryptography, and covers everything from the origins of the NSA, the development of DES and AES, public key cryptography and much more. 

The book was printed in March 2013 just before the NSA PRISM surveillance program became public knowledge.  If there is any significant mistake in the book, it is in chapter 11 where Bauer writes that “everything I’ve seen and heard at the NSA has convinced me that the respect for the Constitution is a key component of the culture there”.

Aside from the incorrect observation about how the NSA treats the Constitution, the book does an excellent job of integrating both the history of cryptography and the mathematical element.  For those that aren’t interested in to the mathematics, there is plenty of narrative in the book to keep them reading.

This book is the latest in a long line of cryptography narrative, such as The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography by Simon Singh and The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet by David Kahn, and of course the classic cryptography text Applied Cryptography by Bruce Schneier, and Bauer shows himself to be a master author and story teller.

For those looking for a comprehensive and decipherable text on the history of cryptography, this is one of the best on the topic in many years.

Kahn’s book laid the groundwork that made a book like this possible and Secret History: The Story of Cryptology is a worthy follow-up to that legendary text. 














Chapman and Hall CRC Taylor Francis 1466561866 978-1466561861 Craig Bauer Rothke

Ben Rothke

Senior Information Security Manager, Tapad

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community