In cryptography, ciphertext (or cyphertext) is the result of encryption performed on plaintext using an algorithm, called a cipher.[1] Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. Decryption, the inverse of encryption, is the process of turning ciphertext into readable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of a Code, not a cipher.

## Symmetric key example

Let ${\displaystyle m \!}$ be the plaintext message that Alice wants to secretly transmit to Bob and let ${\displaystyle E_{k}\!}$ be the encryption cipher, where ${\displaystyle _{k}\!}$ is a secret key. Alice must first transform the plaintext into ciphertext, ${\displaystyle c \!}$, in order to securely send the message to Bob.

${\displaystyle c=E_{k}(m)\!}$[2]

Both Alice and Bob must know the choice of key, ${\displaystyle k\!}$, or else the ciphertext is useless. Once the message is encrypted as ciphertext, Alice can safely transmit it to Bob (assuming no one else knows the key). In order to read Alice's message, Bob must decrypt the ciphertext using ${\displaystyle {E_{k}}^{-1}\!}$ which is known as the decryption cipher, ${\displaystyle D_{k}\!}$.

${\displaystyle D_{k}(c)=D_{k}(E_{k}(m))=m\!}$[2]

## Types of ciphers

Main article: Cipher

The history of cryptography begins thousands of years ago and contains a variety of different types of encryption. Earlier algorithms were performed by hand and are substantially different from modern algorithms, which are generally executed by a machine.

### Historical ciphers

Historical pen and paper ciphers used in the past are sometimes known as classical ciphers. They include:

Historical ciphers are not generally not used as a standalone encryption solution because they are quite easy to crack. Many of the classical ciphers can be cracked using brute force or by analyzing only ciphertext.

### Modern ciphers

Modern ciphers are more secure than classical ciphers and are designed to withstand a wide range of attacks. An attacker should not be able to find the key used in a modern cipher, even if he knows any amount of plaintext and corresponding ciphertext. Modern encryption methods can be divided into the following categories:

• Private-key cryptography (symmetric key algorithm): the same key is used for encryption and decryption
• Public-key cryptography (asymmetric key algorithm): two different keys are used for encryption and decryption

In a symmetric key algorithm (e.g., DES and AES), the sender and receiver must have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption, and the receiver uses the same key for decryption. In an asymmetric key algorithm (e.g., RSA), there are two separate keys: a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables only him to perform correct decryption.

Symmetric key ciphers can be divided into block ciphers and stream ciphers. Block ciphers operate on fixed-length groups of bits, called blocks, with an unvarying transformation. Stream ciphers encrypt plaintext digits one at a time on a continuous stream of data and he transformation of successive digits varies during the encryption process.

## Cryptanalysis

Main article: Cryptanalysis

Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key. Cryptanalysis is also referred to as codebreaking or cracking the code. Ciphertext is generally the easiest part of a cryptosystem to obtain and therefore is a important part of cryptanalysis. Depending on what information is available and what type of cipher is being analyzed, crypanalysts can follow one or more attack models to crack a cipher.

### Attack Models

• Ciphertext-only: the cryptanalyst has access only to a collection of ciphertexts or codetexts.
• Known-plaintext: the attacker has a set of ciphertexts to which he knows the corresponding plaintext.
• Chosen-plaintext attack: the attacker can obtain the ciphertexts corresponding to an arbitrary set of plaintexts of his own choosing.
• Batch chosen-plaintext attack: where the cryptanalyst chooses all plaintexts before any of them are encrypted. This is often the meaning of an unqualified use of "chosen-plaintext attack".
• Adaptive chosen-plaintext attack: where the cryptanalyst makes a series of interactive queries, choosing subsequent plaintexts based on the information from the previous encryptions.
• Chosen-ciphertext attack: the attacker can obtain the plaintexts corresponding to an arbitrary set of ciphertexts of his own choosing.
• Indifferent chosen-ciphertext attack
• Related-key attack: like a chosen-plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys. The keys are unknown, but the relationship between them is known; for example, two keys that differ in the one bit.

The ciphertext-only attack model is the weakest attack because it implies that the cryptanalyst has nothing but ciphertext. Modern ciphers rarely fail under this attack.[3]

## Famous ciphertexts

Main article: List of ciphertexts
• The Babington Plot ciphers
• The Shugborough inscription
• The Zimmermann Telegram
• The Magic Words are Squeamish Ossifrage
• The cryptogram in "The Gold-Bug"
• Beale ciphers
• Kryptos
• Zodiac Killer ciphers

## References

1. Template:Cite book
2. Template:Cite book
3. Template:Cite book