Cryptography is a mystery to me, mostly how the encryption on any message encrypted with an unknown method can be broken. I know computers are an extremely useful tool, but how are they used exactly? How would a computer know when a message has been decoded?
It doesn’t. The computer can tell when it has applied a particular decryption scheme to a message, but it has no idea whether the result is meaningful. That requires human judgment, and that’s a completely different topic.
Cryptanalysis is heavily dependent on statistics. Statistics can be used to determine which encryption method was used, the language used for the original message, and if a given message is in plain text or cipher text.
Abraham Sinkov, who was one of the NSA’s top cryptanalysts, wrote a good introductory book on the subject for the Mathematical Association of America’s New Mathematical Library, called “Elementary Cryptanalysis: A Mathematical Approach”.
mks57’s point withstanding, in general the encryption technique won’t be unknown. In general, only a government would have any interest in and the ability to accomplish the development of a new encryption algorithm. As soon as anyone cares, some friendly spying and a bit later you’ll probably know the details of the encryption technique. And, given that there is no longer the USSR and there are plenty of published, public encryption techniques, there isn’t much reason to make your own and keep secret.
And of course for most of the world, safe commerce is the primary goal of encryption. For this an unknown encryption technique is unfeasible, since both sides need to support it.
Roll-your-own encryption methods are only secure so long as you are proof against spying, unless you have some pretty good reason to believe that your technique really is proof against some major attack power. says the guy who wrote his own digest algorithm the week before…
Sage Rat all sorts of private companies are working on encryption. Most of the big companies working in the telecommunication space are actively reseaching encryption methods.
ultrafilter is right in general. (How do you know that the message GSDBV XYGXG QZOQW GKWXX is actually encrypted; maybe that’s just what I meant to say!) But if you expect the decryption to be a natural-language text message, then there are lots of (more or less language-specific) tests available. You can estimate the entropy of single characters or of digraphs; most alphabetic languages have a pretty nonuniform character distribution, so this will be much lower for a correct decoding than for most incorrect decodings. For English (and probably most languages using variants of the Roman alphabet), one simple useful check for a sufficiently long ciphertext is the maximum number of consecutive consonants. And of course you can use automated dictionary checks as well.
I’d be very surprised if they don’t intend to publish those algorithms (especially if they want their phones to be able to talk to other people’s phones). The modern standard is that you don’t rely on keeping the encryption method a secret for security. Instead, you publish it and give everyone a chance to crack it.
Sorry, I wrote that bad. My first paragraph was meant to be discussing “unknown” encryption techniques. I.e. ones were the creator intended to keep them secret for internal use.
While I suppose it is always possible that some corporation could want their very own encryption algorithm, they would be doing so in the face of any cost-benefit analysis unless they intended to market the resultant algorithm. Why develop your own encryption when you can download a free encryption package that’s been verified and accepted for use by the RSA, NIST, NESSIE, CRYPTEC, etc.?
Check out http://elonka.com/ That’s the homepage of a friend of mine who is an internationally known cryptographer and published author. She is an expert on the Kryptos sculpture at CIA headquarters and has given lectures there on Al-quida notes and such. She has links there to books on cryptology and a bunch of her own notes.
She really is a fascinating person and I feel lucky to have been able to get to know her, you can also check her bio out at http://en.wikipedia.org/wiki/Elonka_Dunin
They definitely publish them. There are conferences, standards bodies etc. I was commenting on the idea that only governments pursue encryption research.