CHAP TER 1

History of Secret Writing

INFORMATION IN THIS CHAPTER: CONTENTS

Introduction..................1
n Introduction
n Cryptology Cryptology....................2
n Steganography Substitution Cipher............3
Caesar.......................................... 3
Coded Radio Messages and
Morse Code................................. 5
Vigenere Cipher.......................... 6
Transposition Cipher..........8
INTRODUCTION Spartan Scytale........................... 9
The Difference Between
Data Hiding transcends nearly every aspect of our daily lives, whether it be for Substitution Ciphers and
good intent or evil. It stemmed from secret writing thousands of years ago, as Transposition Ciphers......10
cited by David Kahn and many historians. It originated in Egyptian civilization
Steganography...........10
in the form of hieroglyphs, intended as symbolic representations of historical Cardano’s Grille................11
timelines for particular lords. Other cultures of the time, such as the Chinese, Invisible Ink............................... 13
took a more physical approach to hiding messages by writing them on silk or Microdots.................................. 13
paper, rolling it into ball, and covering it with wax to communicate political Printer Tracking Dots............... 14
or military secrets. For added security measures, the ball was even be swal- Watermarks............................... 16
lowed during transit. As civilization evolved, forms of covert communications Summary....................17
became more sophisticated and cryptograms and anagrams advanced.
References..................17
David Kahn’s The Codebreakers is arguably the most comprehensive historical
book about Secret Communications through the ages. Below is a timeline of
some of the most notable innovations over the centuries dating back to Egypt
and China (see Figure 1.1).
As evident throughout history, secret writing evolved from the need for covert
communications. And what is used by our own militaries today to protect us
from evil intent, is also used by our enemies to attack our well being. As tech-
nology has evolved, so have the ways in which data hiding is used. Today, it is
commonly used in corporate espionage, spy communication, malware, child
exploitation, and terrorism. Malicious data hiding occurs daily all around us,
and many times undetected. 1
Data Hiding. [Link]
Copyright © 2013 Elsevier, Inc. All rights reserved.
2 CHAPTER 1:   History of Secret Writing

FIGURE 1.1 Data Hiding, Concealment, and Steganography Timeline

In this book we hope to enlighten you, the reader, with information about
the many ways in which data hiding is used, from physical mediums to digital
mediums. Although there is the ongoing threat of criminal activity, data hiding
is actually a very interesting and fun hobby and for some people, a career. Let’s
begin by reviewing the history behind what brought us to digital data hiding,
by reviewing many of the techniques of our ancestors and the basis behind
cryptography and steganography.

CRYPTOLOGY
Cryptograms and anagrams are commonly found in newspapers and puzzle
books. Cryptograms substitute one character for another. In terms of the alpha-
bet, one letter is substituted for another. The goal of the cryptogram is for the
 Cryptology 3

individual to determine what letters are substitutes for others, and use this
substitution to reveal the original message. In anagrams, the characters that
make-up a message are rearranged rather than substituted.
In either case, the message is made secret by the method or algorithm used to
scramble it. There is typically also a key known only to the sender and receiver,
such that no one else can read or decipher the message. This secret message is
commonly referred to as a cipher text. An eavesdropper cannot read the mes-
sage unless they determine the algorithm and key. The process of decoding the
message is referred to as cryptanalysis (see Figure 1.2).

FIGURE 1.2 Cryptography

Substitution Cipher
In cryptography, a substitution cipher is a method of encryption in which
plaintext is substituted with cipher text using a particular method or algorithm.
The plaintext can be replaced by letters, numbers, symbols, etc. The algorithm
defines how the substitution will occur and is based upon a key. Therefore,
the recipient of the message must know the algorithm and the key (or keying
mechanism) in order to decipher the message. When the recipient receives the
encrypted message, he/she will use this known substitution algorithm, to deci-
pher the message to reveal the plaintext message.

Caesar
Julius Caesar (100–44 B.C.) initially created a substitution cipher for military
purposes that involved substituting Greek letters for Roman letters, thereby
4 CHAPTER 1:   History of Secret Writing

making the message unreadable to the enemy. Caesar later created the more
commonly known Shift Cipher. Caesar simply shifted the letters of the alpha-
bet by a specified amount. This shifted alphabet was then used for the substitu-
tion cipher. In both cases, the original alphabet was substituted by a different
character substitution, also referred to as a cipher alphabet or monoalphabetic
cipher. For example:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
FGHIJKLMNOPQRSTUVWXYZABCDE

Using the cipher alphabet we can generate a ciphertext message:

Plaintext Message = STEGANOGRAPHY RULES
Ciphertext Message = XYJLFILWFUMD WZQJX

Although considered a weak cipher by today’s standards with the computing

power available today, it still exists today primarily in the form of entertainment
from everything from newspaper cryptograms to children’s secret decoder rings.
For example, one of the promotional items from the Johnny Quest cartoon was
a secret decoder ring. Children could use the ring to encode secret messages in
a substitution cipher format. A little known fact about the decoder ring is that
it also included a secret compartment, as well as a sun flasher (see Figure 1.3).

FIGURE 1.3 Johnny Quest Decoder Ring.1

Caesar’s language substitution cipher approach was also used in WWII by the
Navajo code talkers. At the time, the Navajo Indians spoke in a dialect unfa-
miliar to most other people, including other Indian tribes. As a result, the 29
Navajos were recruited into the Marine Corps to support the war effort. The
Marine Corps used the Navajo Code as a secure means of translating English to
Navajo for communications while on the battlefield. Since Navajo speak was
1 Johnny quest ring. Stephen A. Kallis, Jr. & Metro Washington Old Time Radio Club.
 Cryptology 5

unknown to anyone except Navajo tribe members and a handful of Americans,

it was practically impossible to impersonate.

Coded Radio Messages and Morse Code

In the 1830s, Samuel Morse created a code for sending messages over telegraph.
Morse substituted a series of dots and dashes to represent each letter of the
alphabet. This code commonly known today as Morse code, was a simple substi-
tution of a character for a letter of the alphabet and punctuation (see Figure 1.4).
An example of the Morse code substitution cipher is used in the Rush song
“YYZ.” Interestingly enough YYZ is the airport code for Toronto, Canada,
Rush’s home town. In Morse code, the letter Y is “-. - -” and the letter Z is “-
-. .” Coverting YYZ to Morse code you have: YYZ = “-. - - -. - - - -. .” or “dash
dot dash dash dash dot dash dash dash dash dot dot.” Unbeknownst to most
people, this is the basis for the intro to the song.
Some argue that Morse code is not a substitution cipher, because its intentions
were not to hide the message, but rather use it as a form of communications at
a time when telephone was yet to be invented. Yet it is a form of substitution

FIGURE 1.4 Morse Code Table

6 CHAPTER 1:   History of Secret Writing

and represents a form of code substitution. And transposition forms of it were

used during the last few wars. In fact, most people listening to the song YYZ
have no idea that it even begins with Morse code, thereby making this a form
of message hiding (steganography).

Vigenere Cipher
The Vigenere cipher was originally created by a group of intellectuals but was
finally organized into a cipher by the fellow whose name it acquired Blaise
de Vigenere. Rather than base the substitution on a single alphabet of letters,
Vigenere created it based on 26 alphabets (see Figure 1.5).
Using only one column in the Vigenere table would be the equivalent of the Cae-
sar Shift Cipher. Therefore the Vigenere table is designed such that multiple rows

FIGURE 1.5 Vigenere Cipher.2

2 Fields, B. T. Vigenere cipher photo. Public domain (original author).

 Cryptology 7

are used. A different row is used for each letter to be ciphered. This is performed by
assigning a keyword to the ciphering approach. For example, if we chose a keyword
of “combo” and use the Vigenere table we could cipher the following message:
Message: thekeyisunderthedoormat
Keyword: combo
Ciphertext: vvqlsawevbfsduvgamu

This form of substitution cipher is known as polyalphabetic, because it uses

multiple alphabets to perform the ciphering, as opposed to the monoalpha-
betic Caesar Shift Cipher. When released, the Vigenere cipher was impenetra-
ble. For example, the Caesar Shift Cipher could be cracked by a cryptanalyst
using frequency analysis, whereby certain letters such as e and n are more com-
monly found in words, whereas x and z not. Understanding this flaw allowed
cryptanalysts to decrypt a message. Figure 1.6 outlines English language letter
frequency from highest frequency to lowest frequency of occurrence.

FIGURE 1.6 English Language Letter Frequency

In addition to frequency analysis, cryptanalysts also used linguistic characteris-

tics to decipher messages. For example, the combination of “io” appears quite
commonly in a word in the English language, whereas the combination of “oi”
is rare. Ancient cryptanalysts would actually use lists of letters that are never
found together in a word, thus allowing certain combinations to be eliminated
immediately. But this assumes that you know the language that the message is
written in, which is not always the case. Could it be Spanish, French, or some-
thing else? This distinction is critical to the cryptanalyst.
The Vigenere cipher had far more keys in its substitution implementation,
making it practically impossible to crack using frequency analysis or linguistic
analysis. Vigenere also included the complexity of the vast number of possible
keys and key lengths. It is for this reason that the Vigenere cipher endured
hundreds of years of secure use until 1854 when Charles Babbage was credited
with performing successful cryptanalysis on the Vigenere cipher.3 Many tools
exist today on the web for enciphering messages using the Vigenere cipher.
These tools are commonly found on the Internet, thus allowing virtually any-
one the ability to encode a message (see Figure 1.7).

3 The Code Book, by Simon Singh, p. 78.

8 CHAPTER 1:   History of Secret Writing

FIGURE 1.7 Internet-based Vigenere Ciphering Tool

Even though the Vigenere cipher is considered inherently weak by today’s

standards and computing power, it is still found in many ciphering imple-
mentations. For example, a hybrid of the Vigenere cipher is used in the Cisco
IOS found on routers and other networking devices. Although MD5 (Mes-
sage Digest Algorithm) hashing is a supported option within the IOS, many
Cisco devices still use the Password 7 hashing (a hybrid of the Vigenere
cipher). There are a plethora of tools available for decoding the Password
7 hashing for the Cisco IOS. Therefore it is highly recommended that net-
work administrators change the default hashing mechanism from Password
7 to MD5, since the weaknesses in the Vigenere cipher are well known (see
Figure 1.8).

Transposition Cipher
Another form of enciphering technique is known as a transposition cipher.
This involves rearranging the letters of a plaintext message. The letters them-
selves remain intact, but are rather simply repositioned. Transposition ciphers
are also commonly found in newspapers and puzzle magazines and are com-
monly referred to as “jumbles” or anagrams. For example,
Hiddenmessage => dihegassemned
These types of transposition ciphers can be relatively easy to crack. So let’s take
a look at some more complex implementations of transposition ciphers.
 Cryptology 9

FIGURE 1.8 Online Cisco Password Decrypter.4

Spartan Scytale
Probably one of the oldest known implementations of the transposition cipher
was the Spartan Scytale (also commonly spelled as Skytale). In ancient Greece
(around 475 B.C.), the Spartan army commanders created a Scytale, a device
they designed for sending secret messages (Figure 1.9). The army command-
ers would wrap a strip of parchment or leather around the Scytale wooden
staff. They would then write the secret message along the length of the staff.
The message would then be unwound from the staff and delivered to another
commander. If intercepted by the enemy, the message would be meaningless
without the correct size wooden staff, and would appear as a jumble of letters.
The receiving commander would then take his identical Scytale and would
wrap the message strip around it to reveal the secret message. This reposition-
ing technique is one of the earliest known transposition ciphers.

FIGURE 1.9 Spartan Scytale.5

4 Cisco password decrypter—[Link]

5 Gualtieri, D. M. Spartan Scytale—[Link]
10 CHAPTER 1:   History of Secret Writing

Repeatedly running a message through a transposition cipher is one way of

increasing the complexity of cracking the message, effectively a transposition
of a transposition, or as it is commonly known, a Double Transposition.

The Difference Between Substitution Ciphers and

Transposition Ciphers
Substitution ciphers differ from transposition ciphers. In a transposition
cipher, the plaintext is repositioned, but the letters are left unchanged. In con-
trast, a substitution cipher maintains the same sequence of the plaintext and
modifies the letters themselves. As demonstrated earlier, transposition ciphers
are limited by their limited principle of repositioning. There’s simply only so
many ways you can reposition the letters of a message, therefore most of these
techniques can be cracked by hand without the necessity for a computer. Sub-
stitution ciphers have literally thousands of different implementations, some
of which include serious complexity.
Today, the complexity of substitution ciphers has increased tremendously since
the creation of the computer. This computing power also allows the ease of
combining substitution and transposition into one ciphering technique. For
example, Data Encryption Standard (DES) “applies 16 cycles of transposition
and substitution to each group of eight letters.”6 Impractical hundreds of years
ago, brute-force attacks on keys are also commonplace with today’s computing
power. Today, the computer is a cryptanalyst’s strongest weapon.

STEGANOGRAPHY
Commonly people confuse or overlap the definitions of cryptography and
steganography. People commonly refer to steganography as hidden or secret
writing , but that’s technically incorrect. The difference comes about from the
definitions of the Greek word “crypt” versus the greek word “steganos.” Or in
English terms, the difference between hidden writing versus covered writing. In
cryptography, hidden writing refers to scrambled text that is visible to the naked
eye or observer, but unintelligible without analysis. Steganography is writing
that is not visible to the naked eye or observer, also known as covered or invis-
ible writing.
The confusion could be from the English definition of hidden, which according
to The Random House College Dictionary means “concealed, obscure, covert.”7
As a result, it’s understandable why there have been misappropriations of defini-
tions by people when describing cryptography and steganography. This English

6 Cryptography Decrypted by H.X. Mel and Doris Baker, p. 24.

7 Random House College Dictionary, 1979.
 Steganography 11

definition would imply an overlap between cryptography and steganography,

which is simply not the case. When deciphering the differences between cryp-
tography and steganography, ask yourself “is the message scrambled or invis-
ible?” If it’s scrambled it’s cryptography, if it’s invisible it’s steganography.

Cardano’s Grille
Italian (actually Milanese) Girolamo Cardano is credited with creating the first
known grille cipher. It involves using a stiff sheet of paper, metal, or otherwise,
with windows cut into random, yet planned, locations of the sheet. This sheet
is known as a grill. An otherwise visibly normal message would actually have
strategically placed letters that within itself make up another message, hidden
within the visible message. The example in Figure 1.10 at first glance appears
as a normal message.

FIGURE 1.10 Cardano Grille with Hidden Message

But if the intended recipient knew to look for a hidden message contained
with the normal message, he could use his Cardano Grill to identify the rel-
evant letters that makeup the hidden message. By taking the sheet or grill with
strategic holes cutout, he could lay the sheet over top of the message to reveal
the hidden message. In this case the message reveals that “Troops arrive Mon-
day” as illustrated in Figure 1.11.
The Cardano Grille cipher is still used today. For example, the Spam Mimic
website uses this technique. But rather than use a grille to reveal the message, a
program performs the hiding (encoding) as well as the decoding (Figure 1.12).
The goal here is to create what appears to be a spam message, but is actually a
message encoded within another message. People receive countless spam mes-
sages every day. Unless some knew that a particular spam message contained
12 CHAPTER 1:   History of Secret Writing

FIGURE 1.11 Cardano Grille with Overlay Revealing Hidden Message

FIGURE 1.12 Spam Mimic Encoding

an encoded message, they would simply pass it off as another spam message.
But intended recipient though could go to the Spam Mimic site, input their
message, and decode the hidden message.
 Steganography 13

Invisible Ink
One of the first written accounts of secret ink dates back to the first century A.D.
where Pliny the Elder wrote about his discovery that the milk of the tithymalus
plant (a type of cactus) could be used for invisible writing.8 This is noted as
one of the first accounts of science around hiding the existence of a message
(steganography).
Probably one of the most common forms of invisible ink is lemon juice. It can
be used to write a message on a piece of paper, and when it dries it’s invisible
to the naked eye. But put the paper to warm source such as a light bulb, and the
message will slowly appear. Many other acid based substances will oxidize and
reveal themselves when exposed to heat include; urine, vinegar, wine, onion
juice, milk, and even rain water combined with sulfuric acid.
Samuel Rubin’s 1987 book, “The Secret Science of Covert Inks”9 is probably
the most comprehensive book on the subject. It details supposedly secret CIA
invisible ink techniques which have been largely disclosed by the non-profit
organization known as the “James Madison Project.” For a list of these recipes,
see the James Madison Project website [Link]
It should be noted that the specific government agencies believe that some of
these “formulas must remain hidden from the public,”10 which is why they’re
not reproduced in this book.

Microdots
It’s difficult to approach the subject of steganography without discussing
microdots. It’s mentioned in practically every book that discusses steganogra-
phy or secret writing. It involves shrinking a photograph to the size of a period
on a typed page. The dot could be a period, or a dot in a dotted “i”, or hidden
in a variety of other ways on the page.
Although the idea of microphotographs dates back to Paris in 1870, the
F.B.I. got a tip from a double agent in 1940 that the Germans had perfected
the technique to create a microdot.11 It took them until 1941 to detect their
first microdot on an envelope intercepted from a suspected German agent.
Soon after, tiny strips of film were discovered under stamps. It was later
discovered that the technology was being used for espionage. A variety of
stolen information was discovered including uranium design information,
production statistics, building plans, schematics, etc. At the time, the small
Minox Camera was commonly used by spies to take pictures of documents
(see Figure 1.13).

8 The Puzzle Palace by James Branford, pp. 503–504.

9 Samuel Rubin’s 1987 book “The Secret Science of Covert Inks.”
10 [Link]
11 The Code-Breakers by David Kahn, p. 525.
14 CHAPTER 1:   History of Secret Writing

FIGURE 1.13 Minox “Spy” Camera.12

The process of creating the microdot involved take the thumbnail sized print
from the camera and photographing again through a reverse microscope. This
would shrink it to a diameter of 0.05 inches. It was then developed and a hypo-
dermic needle was used to lift the dot and drop it over a period in a typed letter.
The dot was then affixed in place using collodion (a common photography
chemical).13 Various magnification tools could be used by the recipient to view
the contents of the microdot.
The only problem with using microdots was that the special ink they were
written with was very shiny; a letter suspected of containing microdots could
be held up to a light and viewed at eye-level, looking across the page. Held in a
certain way, the microdot ink would shine while normal ink would not.
Although the specific inventor of microdot steganography is unknown, it is
commonly credited to someone named Professor Zapp, inventor of the Minox
subminiature camera. Thus, World War II microdot kits were often called Zapp
outfits by British intelligence.
It also is important to note that microdot technology is more useful for send-
ing an entire document, versus invisible ink which is more useful for sending
a short message. The microdot could be used for documents that included dia-
grams & drawings, something invisible ink was just not capable of. Microdots
are commonly used today by casinos for marking chips as well as automobile
manufacturers for marking the authenticity of cars.
Printer Tracking Dots
Back in 2004, PCWorld14 published an article raising awareness that printer
manufacturers were printing hidden yellow dots to every page printed.

12 CIAMinox Camera—[Link]
13 ThePuzzle Palace by James Branford, p. 503–504.
14 Government uses color laser printer technology to track documents—[Link]

com/article/118664/government_uses_color_laser_printer_technology_to_track_documents.
html.
 Steganography 15

FIGURE 1.14 Printer Tracking Dots

The Electronic Frontier Foundation (EFF) picked up the story and cracked the
codes for the DocuColor (Xerox) printers. EFF discovered that the yellow dots
represented the serial number for the printer, as well as the time and date the
document was printed. Interestingly enough, the dots are not visible to the
naked eye. But with blue light and magnification, one can reveal the hidden
dots (see Figure 1.14). The EFF then deciphered the grid to reveal the cipher
behind the dots shown in Figure 1.15.

FIGURE 1.15 EFF DocuColor Dots Deciphering Program

16 CHAPTER 1:   History of Secret Writing

It is strongly believed that these were designed for law enforcement forensics
purposes. The EFF maintains a list of printers known to print these dots. The
list can be found here, [Link]
do-not-display-tracking-dots. And if your printer is not listed, you can take
your own printed page and use their online decoder to decipher the dots
(Figure 1.15).

Watermarks
Watermarking is a technique with similarities to steganography. It has been
around for centuries and is commonly used in money and stamps to assist in
identifying counterfeiting. The idea behind watermarking is to create a trans-
lucent image on the paper to provide authenticity. Since mailing letters was far
more expensive centuries back, it was common for people to use counterfeit
stamps on their mail. For example, a translucent elephant watermark was used
on stamps in India to deter counterfeiting.
Various watermarks are also added to money at the time of manufacture. For
example, many denominations of paper money in the United States contain a
watermark of the individual printed on the money. For example, on the $100
dollar bill, you will find a watermark of Benjamin Franklin if you illuminate
the bill from behind (see Figure 1.16).
Digital watermarking is used to maintain ownership and authenticity of digital
media such as music and videos.
It is important to note that although watermarking has many similarities to
steganography in terms of embedding data, but the intent of watermarking is
not to make it difficult to detect that embedded data, but rather make it dif-
ficult to remove the embedded data so as to prevent the unauthorized reuse of
the file.

FIGURE 1.16 $100 Bill Translucent Watermark

 References 17

SUMMARY
Secret communications encompass an interesting history throughout civi-
lizations, wars, and cultures. Many of the highlighted cryptographic and
­steganographic secret communication methods are replicated in digital form
today. Join us in this journey of digital data hiding as we explore many of
the latest data hiding techniques across operating systems, mobile devices,
­multimedia, and other digital formats.

References
Branford, J. (1983a). Invisible Ink. The puzzle palace (1st ed., pp. 503–504). Brandford Books (Sep-
tember 29).
Branford, J. (1983b). Collodion. The puzzle palace (1st ed., pp. 503–504). Branford Books (Septem-
ber 29).
CIA – Minox Camera. <[Link]
CIAPhoto Stream – German Microdot. <[Link]
#photo_5416242829>.
Cisco password decrypter. <[Link]
Fratini, S. (2002). Cardano’s Grille. Encryption using a variant of the turning-grille method.
Mathematics Magazine, 75(5), 389–396. 398. Article Stable URL: <[Link]
stable/3219071>.
Government uses color laser printer technology to track documents. <[Link]
article/118664/government_uses_color_laser_printer_technology_to_track_documents.
html>.
James Madison Project. <[Link]
Johnny quest ring. Stephen A. Kallis, Jr. & Metro Washington Old Time Radio Club.
Kahn, D. (1967). Microdot. The codebreakers (p. 525). Scribner (revised and updated, 1996).
Luciano, D., & Prichett, G. (1987). Caesar cipher. Cryptology: From Caesar ciphers to public-key
cryptosystems. The College Mathematics Journal, 18(1), 2–4. Article Stable URL: <[Link]
[Link]/pubs/Calc_articles/[Link]>.
Mel, H. X., & Baker, D. (2000). DES. Cryptography decrypted (1st ed., p. 24). Addison-Wesley Profes-
sional (December 31).
Microdot Mark IV camera. <[Link]
Samuel Rubin’s 1987 book “The Secret Science of Covert Inks”. Breakout Publications, January
1987.
Singh, S. (1999). The code book. Anchor Books, A Division of Random House, Inc.. (p. 78).
Gualtieri, D. M. Spartan Scytale. <[Link]
Fields, B. T. (1979). Vigenere cipher photo. Public domain (original author). Random House
Dictionary.