Talk:Encryption

Wiki Education Foundation-supported course assignment
This article is or was the subject of a Wiki Education Foundation-supported course assignment. Further details are available on the course page. Student editor(s): Bhale2.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 20:42, 17 January 2022 (UTC)

Wiki Education Foundation-supported course assignment
This article was the subject of a Wiki Education Foundation-supported course assignment, between 13 January 2020 and 1 May 2020. Further details are available on the course page. Student editor(s): DGC12345, Markscarsi, Jackbelshe, Zoharrab.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 20:42, 17 January 2022 (UTC)

Wiki Education Foundation-supported course assignment
This article is or was the subject of a Wiki Education Foundation-supported course assignment. Further details are available on the course page. Student editor(s): Eph17.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 20:34, 16 January 2022 (UTC)

articles should be merged, too similar
Encryption and Cipher are currently too similar. They should be merged, or Cipher should be specialized to the customary (though vague) subset of private-key encryption.

disagree, and problems w/ diagram
Tromer, Your observation is a common misunderstanding. Encryption can be done in several ways, only one of which uses a cypher. As for 'cipher' being customarily a subset of private-key encryption, that is true only if by private key one means symmetric key cypher. At least that's the sense I take from your comment. The spelling is (cy v ci) is irrelevant as to meaning, but excites comment (see Talk:Cryptography for some history on WP). As the diagram notes, cyphers come in symmetric and asymmetric flavors, and symmetric cyphers are sometimes (confusingly) called private key cyphers. Asymmetric key cyphers are sometimes (wrongly) taken to be all public key/private key cyphers. Not all are, as there exist some in which there are no public keys.

As for the diagram, I will note that the placement of rotor machine is probably incorrect. Rotor machines (as the Hebern machine, Enigma machine, SIGABA, Typex, and even the non-rotor Japanese stepping switch machines) are fundamentally substitution cyphers, albeit polyalphabetic ones. The diagram should reflect this. ww 15:12, 19 Jul 2004 (UTC)

I'm going to make a text version of the diagram here, so it's easier for me (and presumably others) to edit:


 * Ciphers
 * Classical
 * Substitution
 * Rotor machines
 * Transposition
 * Modern
 * Public Key (shouldn't this be "assymetric key" ?)
 * Private Key (shouldn't this be "symmetric key" ?)
 * Stream
 * Block

Do "Stream" and "Block" really only apply to "Private Key" ciphers ?


 * Steam and block: in usage, yes. "Public key" and "private key" are, essentially, synonymous with "assymetric" and "symmetric key".&mdash; Matt 09:18, 22 Aug 2004 (UTC)

Taxonomy approach
See also Image talk:Cipher-taxonomy.png. There is a problem with making a taxonomy of ciphers. There are (at least) two ways of approaching it, and each is somewhat unsatisfactory. The first is a more "abstract" classification, dividing the ciphers strictly according to how they function. The problem with this approach is that you then make distinctions that are never made in practice: the distinction between substitution and transposition is only really used in the context of classical ciphers; the distinction between symmetric and asymmetric ciphers is only really used in the context of modern cryptography, and so on.

The alternative approach, employed here, is to divide ciphers into sections according to how they are divided in practice. The problem with the "usage-reflecting" style is that, e.g., a classical substitution cipher isn't labelled as a symmetric key cipher, which might be desirable, but I think it's more important to reflect usage. &mdash; Matt 09:18, 22 Aug 2004 (UTC)
 * I think that classical ciphers would fit well enough under symmetric encryption in a symmetric vs. asymmetric layout. Jobarts-Talk 07:46, 19 January 2006 (UTC)

Encryption: hash functions?
I moved this recent addition here temporarily: Cryptographic hashes, also known as one-way hashes or message digests, are used to encrypt data so that it cannot ever be decrypted, but it can be recognized because the same data always produces the same output. Other unique features of this form of encryption include that no matter the size of the input, the size of the output is always the same (the size of the output varies from algorithm to algorithm), and that no keys are used. Popular algorithms include MD5 and SHA. See the Cryptographic hash function entry for more information. I'm not sure this is the right place to diversify into a discussion of crypto hash functions -- secure hashing isn't usually described as "encryption", although it's certainly part of cryptography and symmetric key cryptography. &mdash; Matt 13:14, 2 Oct 2004 (UTC)
 * I think this should be moved to the "Message verification" subsection. Greatpopcorn (talk) 03:02, 13 November 2013 (UTC)

Cryptographic hash functions
While cryptographic hash functions are certainly not a cipher, they are a vital part of encryption technology. Someone unfamiliar with the plumbing of encryption will just type "encryption" into Wikipedia and hope to get an overview of the subject with links to the details. This seems like a reasonable approach to making the Encryption and Cipher entries different so they work best for users. Encryption is a more general term.

It is logical that the Encryption entry should have brief descriptions of symmetric and asymmetric ciphers, hash functions and encryption-strength pRNGs in order to best serve users who may be unfamiliar with the categories or taxonomy related to the subject.

Vancegloster 21:27, 3 Oct 2004 (UTC)


 * OK, I can see what you're getting at here; you're saying that "encryption" is sometimes used to mean "encryption technology", which is essentially the field of "cryptography". Currently, we have an overview of the field in Cryptography, which deals (hopefully) with everything, including the entire gamut of PRNGs, digital signatures, hash functions, secret sharing schemes, authentication protocols, MACs and so on. This article, which deals with ciphers, is termed Encryption &mdash; in my experience, most cryptographers use "encryption" to refer to the action of ciphers, so it's a good title. You've pointed out, though, that sometimes people are looking for an overview of the entire field when they search for "encryption". Your suggestion is to move the cipher stuff into an article called Cipher, and have Encryption survey all the cryptography mechanisms. The problem with this is that most of Cryptography and Encryption would then be duplicating each other to a large extent. I'd propose an alternative: to this page, add a "disambiguation" header saying something like:
 * This article is about algorithms for encryption and decryption. For an overview of cryptographic technology related to encryption, see cryptography.
 * Do you think that would suffice? &mdash; Matt 22:14, 3 Oct 2004 (UTC)

This does seem reasonable. Vancegloster 23:54, 7 Oct 2004 (UTC)

Text added by anon user
This text was added by an anonymous user. I'm not at all sure what it is supposed to be saying, so I've moved it here:


 * practical example of not too deciphered news

--Fastfission 02:18, 27 Jan 2005 (UTC)


 * Fastfission, you did the first half of the job. I did the other half: I deleted all that gibberish by some German joker, who can't even write decent English. Just in case anyone wants to look at it, it's down there in this page's history. --AVM (talk) 16:08, 26 September 2008 (UTC)

Ciphers versus codes
Besides of a bit confusing diagram in the "Types of cipher" section, I think that in the "Ciphers versus codes" section distingushing between codes and ciphers based on amount of data processed (words x letters) is a misunderstanding.

As I always understood it, codes are not directly related with security (meaning security against intruders, etc.), but rather they are used to transfer data in a defined form and/or to secure data against transfer errors. For example [error correcting codes like the Hamming code or ASCII code and many others.

Therefore i disagree with the sentence: "Some systems used both codes and ciphers in one system, using superencipherment to increase the security."

Of course I mean the "technical discussions" usage of the words.

Finally, I found out that in cryptography article the definition of code x cipher is the same. But I still disagree :).

What are your opinions? PeP
 * I agree that the diagram is confusing, so I've removed it for now. Codes were indeed used in cryptography for secrecy, and not (well, not primarily) for error checking or as a standard like ASCII. &mdash; Matt Crypto 21:05, 14 January 2006 (UTC)

Encryption (album)
I apologise, I don't know how to use the coding that has been used at the top of the article to talk about other uses of the word. I just thought that it may be worth adding a note about the album Encryption by Pro-jekt. J Milburn 16:29, 11 September 2006 (UTC)
 * Anyone? J Milburn 09:46, 22 October 2006 (UTC)

where's sourcecode?
i'm not a mathetician, hell i failed all my math classes, but i consider myself to be a programmer but i've learn some math just by programing.. (weird huh?) is there any non math equations that show encryption techniques, the links like this  didn't help much, i rather have newbie friendly sourcecode.. to examine and apply. —The preceding unsigned comment was added by 75.15.191.81 (talk) 02:31, 4 January 2007 (UTC).


 * Try --agr 02:19, 5 June 2007 (UTC)


 * Haven't you ever considered learning some English? --AVM (talk) 16:10, 26 September 2008 (UTC)

Trim see also
I trimmed the see also section. I think it should be kept to major topics in encryption, and not become a laundry list of articles that touch on encryption. In particular I removed the recently added Zodiac Killer link, but I did add the the unsolved codes and ciphers category to the Zodiac Killer article. --agr 02:19, 5 June 2007 (UTC)

History of the word 'cipher'
To quote pages 80-81 of Zero, The Biography of a Dangerous Idea, by Charles Seife:

Italian merchants loved the Arabic numbers. They allowed the bankers to get rid of their counting boards. However, while businessmen saw their usefulness, the local governments hated them. In 1299, Florence banned Arabic numerals. The ostensible reason was that the numbers were easily changed and falsified. (A 0 could be turned into a 6 with a simple flourish of a pen, for instance.) But the advantages of zero and other Arabic numerals were not so easily dispensed with; Italian merchants continued to use them, and even used them to send encrypted messages - which is how the word 'cipher' came to mean "secret code."

Of course, you must keep in mind that Zero-into-6 was at the core of the issue, and that the old name for Zero was cipher.

ryanakca 14:57, 31 August 2007 (UTC)

Spliting this article
Most of this article is about term "cipher", not about term "encryption". I see that this article was created by merger of those two articles, so this situation is understandable. I propose 2 possible solutions:
 * 1) move this article to Cipher
 * 2) split this article to Cipher and Encryption by moving everything except the introduction to Cipher and leaving only the intro section here. That would make Encryption a stub, but would solve our problem. --Dijxtra (talk) 21:31, 27 November 2007 (UTC)
 * I would suggest we move out the Etymology of cipher section only. A cipher is an algorithm for encryption &mdash; essentially, it's the same topic. &mdash; Matt Crypto 22:13, 27 November 2007 (UTC)
 * Yes, it's the same topic, but two different terms. It's a bit confusing this way: article which is about cipher is named "encryption". I think we gain a lot on clarity if we move the stuff about the cipher to new article called "Cipher". I don't see why we can't have a small article "Encryption" which would say something like "encryption is the act of using a cipher", and then a big "Cipher" article which deals with term cipher. Wouldn't that be terminologically correct? --Dijxtra (talk) 08:41, 28 November 2007 (UTC)
 * As there were no stern opposes, I proceeded with split. Now I will revamp the articles to make 2 meaningful entities. --Dijxtra (talk) 11:45, 29 November 2007 (UTC)
 * Hmmm. I agree that this article could do with cleaning up, but I don't think two separate articles on the same topic is the best way to go. After all, how do you decide what goes in cipher and what goes in encryption if they're covering the same thing? I suggest we merge them back; I don't particularly mind if the article is called "cipher" or "encryption", but I think we should really cover it in one place. &mdash; Matt Crypto  20:38, 29 November 2007 (UTC)


 * In most current usage, I believe, "encryption" is a broader term than "cipher" and includes techniques such as code books and secret algorithms that do not have a key. Arguably it could extend to analog scramblers and mechanical devices. So I think the split is a good idea, but the encryption article needs to written more broadly. It should mention classical ciphers, rotor machines, codes,  and give a brief intro to public key crypto.  --agr (talk) 21:28, 29 November 2007 (UTC)

Ibrahim Al-kadi references
Somebody keeps removing the works by Ibrahim Al-kadi. Please explain why. Binksternet (talk) 13:30, 26 April 2008 (UTC)
 * Would you mind explaining why you think these references should be in the article. 85.2.112.20 (talk) 15:17, 26 April 2008 (UTC)
 * I haven't read them; I have no idea what's in them. I am simply reacting to their removal without sufficient explanation. Their being obscure isn't good enough reason for removal. Binksternet (talk) 16:29, 26 April 2008 (UTC)
 * Ok, thanks for the clarification. 85.2.112.20 (talk) 17:11, 26 April 2008 (UTC)
 * I think it's fair to ask why they are present in this article. They do look like random citations -- why not any of the other hundreds of journal and conference papers about crypto? Are they being used as a source for any specific point in this article? There's certainly nothing in this article specifically about Arabic cryptology. We have more specialised articles (e.g. History of cryptography). &mdash; Matt Crypto 17:12, 26 April 2008 (UTC)
 * Good points. Binksternet (talk) 15:12, 28 April 2008 (UTC)

hisecure.net
Why would someone remove a site that is related to encryption from external links? www.hisecure.net —Preceding unsigned comment added by Metamorph123 (talk • contribs) 04:36, 11 July 2008 (UTC)
 * Because it looks like spam and/or isn't particularly notable? Nuwewsco (talk) 07:41, 11 July 2008 (UTC)

Blog external link
Please explain why a blog link should be included at External links. Binksternet (talk) 15:07, 22 April 2009 (UTC)


 * Because it has useful information about the topic. Please give your suggestion after reading the article. --Player82 (talk) 15:23, 22 April 2009 (UTC)


 * I see an article about printer data encryption; one that doesn't attribute its author. Without an author, we have no sense of expertise or reliability, per WP:RS. I see a small amount of text information that, if brought here, could amplify this article. Having useful information is a trait of a good reference, having too much useful information, too much detail, is a trait of a good external link. Binksternet (talk) 16:26, 22 April 2009 (UTC)

Not quite on the subject
I have been told a WWII encryption was based on an old phone book. i.e. essentially use once pad easy to get by both parties. I was also told it was broken.

Anyone know how?Aaaronsmith (talk) 19:57, 31 May 2009 (UTC)


 * This is a book cipher. If you have a reliable reference that book ciphers were used during WWII, it might be worth adding them to the article on book ciphers. 92.106.113.28 (talk) 07:27, 1 June 2009 (UTC)

Agreed. It is a book cipher. I can see how statistical analysis (a lot of it) might reveal the pattern in a book cipher that is based on a novel (something the Soviets loved to do). However, the numbers running down the columns in a phone book are essentially random. Does anyone know how that particular one was solved?Aaaronsmith (talk) 05:31, 6 June 2009 (UTC)

Merge disk encryption ?
I think the Disk encryption page should be merged here Bikepunk2 (talk) 17:06, 15 February 2010 (UTC)
 * I disagree. Encryption is different from Whole Disk encryption. This page explains encryption in general, whereas Disk encryption explains methods of whole disks being encrypted. For example, Pretty Good Privacy discusses encryption of a specific type. It still falls under the category encryption, but not whole disk. However, I think a In Wikipedia, Encryption may refer to the Full disk encryption. tag should be put up. -- MithrandirAgain  (Talk!) 02:42, 29 May 2010 (UTC)

I also disagree Rfellows. As pointed out by others, these topics require sufficient space to explain. Perhaps earlier, when both were shorter it would have made sense. Now, Disk encryption is actually longer and more complete than this article. 11:26 04 October 2010 (UTC)

Password protection
undid improper edit 21:42, 25 May 2010 TedColes (talk | contribs) (6,222 bytes) (Undid revision 364137170 by 67.51.122.18 (talk) Incorrect use). Tedcoles is deleting text that seems quite critical to understanding what this term means. It is widely accepted that password protection is a form of encryption. —Preceding unsigned comment added by 209.162.45.112 (talk)


 * Do others agree with this anonymous assertion that password protection is a form of encryption? Finding the password would lead to the raw information, i.e. plaintext not ciphertext, so in my book the information is not encrypted.--TedColes (talk) 09:17, 1 June 2010 (UTC)


 * No, password protection is not encryption. Breaking the password is like breaking the lock off of a bicycle—one can immediately ride the bicycle. Encryption is nowhere near that easy. Binksternet (talk) 15:45, 1 June 2010 (UTC)

Yes, password protection is widely accepted as a form of encryption. — Preceding unsigned comment added by 67.51.122.18 (talk) 15:45, 10 November 2011 (UTC)

product-specific POV
The last paragraph shows a product/implementation specific point of view.

It should be removed, but I think the note about where things should be encrypted could remain. So I'm changing it. — Preceding unsigned comment added by IsmaelLuceno (talk • contribs) 11:20, 30 May 2011 (UTC)

Its not been changed and I too think it should be removed. I added the POV tag to warn users away from the statement. 97.83.152.148 (talk) 17:45, 11 August 2011 (UTC)

Short
I removed the table of contents from this article because I felt it was distracting and served no purpose (there's no subsections!). Please add subsections! 68.173.113.106 (talk) 03:16, 7 March 2012 (UTC)

RfC concerning the Lavabit email service
There is a request for comments (RfC) that may be of interest. The RfC is at

Talk:Lavabit

At issue is whether we should delete or keep the following text in the Lavabit article:


 * Before the Snowden incident, Lavabit had complied with previous search warrants. For example, on June 10, 2013, a search warrant was executed against Lavabit user Joey006@lavabit.com for alleged possession of child pornography.

Your input on this question would be very much welcome. --Guy Macon (talk) 05:07, 29 August 2013 (UTC)

Added references
I've found articles for the needed citations. I will be removing the additional citations needed tag. BadSprad (talk) 14:22, 21 May 2015 (UTC)

You didn't mention
you have to dedicate many digit-sizes to noise, otherwise Eve the eavesdropper might find some patterns.
 * 1) each piece of information has a list of possible encryptions, Alice and Bob (sender and receiver) know that list, a randomizer picks a random synonymous encryption (that causes encryptions to be large, but are manageable)
 * 2) the size of the encryption output is variable, each information has lists of synonymous encryptions of many sizes of digits, each size-list must contain as many as possible synonymous encryptions
 * 3) * the reader of the message, must have a secondary key, to know the order of the digital fragmentation packages
 * 4) ** ⚠ many packages of certain digital sizes do not encrypt anything, just pure noise,
 * 1) typical and statistically common phrases are coded as one piece of information, they're not fragmented into separate letters
 * 2) (this is problematic, it's not used because it reveals statistics about your letters, also can lead to permanent informational loss) some consciously made spelling mistakes might help you hide better you message but the orthographic mistakes must be selected by a computer because humans are bad randomizers
 * (there is a myth that monkeys are good randomizers, a pure myth, monkeys neurotically press a range of buttons in a chaotic but not random way, read chaos, animals are bad randomizers and they can never type the Bible even after eternal infinities, because are restricted by their "envelope of chaos" function, their attractor. Monkeys cannot type the Bible, even after eternal infinities, because they are restricted by their chaotic attractor which by no means is random.

That requires huge lists from sender and receiver, also the messages are huge.

It has been used by the US, China and Russia (combined usually with 3 or more other encryptions) but you must have a clear line or preferably a cable (fiber optics). It's bad for space because it's slow, and if you make your lists smaller, then it's faster but anyone can decrypt your message. — Preceding unsigned comment added by 2A02:2149:8227:A300:9444:E682:3FB:B7E3 (talk) 18:27, 4 March 2018 (UTC)


 * you have to shuffle your lists, you need huge keys, it works (you don't write them by hand but then someone may steal the key, some people use several keys, and different security units handle them, they aren't allowed to communicate with each other, only with the commander. If one security group delivers the key to the enemy, the other keys are safe, so our encryption entropy. Even the commander isn't supposed to know all the details, only the generic management. (secrets leak outside the system, people don't play all day long with technology... some have sex with unknown people..... encryption won't help then) — Preceding unsigned comment added by 2A02:2149:847A:1E00:9444:E682:3FB:B7E3 (talk) 20:08, 4 March 2018 (UTC)

Shaky References
Reference 2, "History of Cryptography" is from Binance Academy, with no further sources at the reference source. Not sure where binance gets their info from, but this source is essentially just "dude trust me".

While I don't really doubt the truth of this claim, can we get a better source for early encryption and cryptographic history other than a binance article?

Zeph.tech (talk) 06:59, 8 September 2022 (UTC)