Our story features one of the folkloric computer security characters that you have probably all already met. If not, it’s only a matter of time…
During a casual conversation, a popular video or an innocuous blog post about data security, the Forbidden Invocation is pronounced (inadvertently or maliciously) and he answers the call to correct the clumsy innocent of his unworthy error before returning in rage and disgust to his purifying crusades.
On dit chiffrer, et pas crypter. :-)
In the kingdom Daemonium (demons), he class with the Troglodytam (Trolls), in the family of the Impatiens Grammerian (commonly called Grammar Nazi). This very specific genus mainly occurs in secured natural environments and is easily recognized by its insatiable appetite for cryptography. Or cryptology because there are several species that cohabit more or less peacefully.
The possessed subjects are generally young (µ = 25 years old, σ = 2.5 years old) but sacred texts suggest the possibility of spontaneous possessions (i.e. without invocation) at much older ages. The commonly accepted conjecture among specialists postulates that these Argentum Dorsum are more seasoned, more powerful and therefore capable of creating a dimensional breach on their own.
Il faut noter que le seul terme admis en français est celui de chiffrement.
ANSSI, « Mécanismes cryptographiques » of the « Référenctiel Général de Sécurité », version 2.03, page 32. Available on line
Old research suggests the influence of a viral agent. Indeed, all the possessed subjects had previously been in contact with another symptomatic possessed subject. After an acute phase, a chronic phase generally sets in with invoked possessions, whose frequency decreases over time and have long led to belief in a possible immune response. However, this necessary exposure is not sufficient because many people will never develop any symptoms afterwards.
For the novice, these possessions are disturbing. The lack of evolution following possession shows a very clear relationship with the no less famous Punctum Deusvincit but its speed of execution leaves you speechless. The novice wonders about its usefulness; why so much effort? why so much hate?
Crypté ou encrypté Termes généralement utilisés par les personnes qui n’y comprennent rien. Vous devriez cesser de l’utiliser après la lecture de cet article.
Marc Framboisier (January 12th 2018), « Cryptographie expliquée aux Michus » Available at framboisier.com.
Etymologically, we should say to encrypt
Because the novice, as his name suggests, is not yet initiated into the Arcana, he bases his spiritual research on his inevitably fragmentary knowledge of Collective Wisdom, which obviously includes etymology, or the subtle art of infering the meaning of words from their relationship to other known words.
To code, translate into symbols
The english verb to code comes from the old French codex, derived from the Latin caudex which means (among other meanings) a register, a book made from the assembly of tablets. In its purified form, to code has the following meaning:
Translate information into symbols.
When we speak, when we write, we code our thought into signs (sound or visual) which will be decoded by our interlocutor into thoughts in his mind. Someone who does not have the convention, that is to say the code, can neither send nor receive information. Hence the efforts of all self-respecting states to teach their codes to their population since childhood.
When the convention is secret, when the goal is to restrict communication to insiders only, we then speak of secret code and it is now accepted that this is a bad way to proceed because the protection of the system falls as soon as the convention is known, which requires incessant inventions of new codes and updates in the target population.
This is the case with diplomatic and military missives from previous centuries, but also with certain social conventions that allow a group to recognize each other through the use of more or less subtle codes (signs of dress, accents, use of the subjunctive, spelling, etc.).
To encrypt, make a message unreadable
The verb crypt and the action encryption derive from the Latin crypta itself from the ancient Greek κρυπτός, an adjective meaning hidden, secret. It gave by adaptation the terms of cryptography (art of secret writing), cryptology (science of secret messages), cryptanalysis (art of breaking secret writings), or even cryptomorphisms (applications between two sets whose principle of action is far from obvious). In its pure form, to encrypt has the following meaning:
Modify a message to make it unreadable to anyone who does not have the right to understand it.
Thus, to encrypt has a more general meaning than to code. We can encrypt by coding but not only. One can, for example, add noise to the message sent, making it unreadable during transmission, then subtract this noise on reception to discover the hidden message (sender and receiver must have agreed beforehand on the noise to add).
Modern cryptography takes account of this globality. Protection of important missives involving codes, message modifications and the addition of noise, multiple times and in varying orders.
To encipher, translate into digits
The verb cipher in english comes from the french word chiffre derived from medieval Latin cifra itself from the Arabic صفر which initially means zero. In its pure form to cipher has the following meaning:
Translate into digits.
We use this verb in cryptography when we translate a message into digits or numbers.
The most emblematic case is the Grand chiffre invented by Antoine Rossignol in the service of Richelieu then Mazarin. This is a repertoire of 587 different numbers encoding syllables (and sometimes words) along with some instructions intended to hinder cryptanalysis (i.e. “ignore the previous syllable”).
The verb to encrypt has therefore been used since the 17th century to describe the transcription of information using numbers, i.e. to code it in numbers. In this sense, ciphering is more restrictive than coding since one can code other than with numbers.
One might think that this thorny question is typically english-speaking, but it nevertheless affects our French-speaking neighbors who have the same three magical nuances:
- Coder: to code, same Latin root,
- Crypter: to encrypt, same Greek root,
- Chiffrer: to encipher, same Arabic root.
Socially, we should say to encrypt
If we focus on the primary meaning of the words, it is obvious that encryption includes coding which itself includes enciphering and that cryptography therefore consists in encrypting messages…
But why are these dark forces expending so much energy on such a futile crusade? Try the experiment if you want to play: leave the Invocation lying around on the Great Internet and He will certainly come to bite, sometimes followed by his offspring.
The official version
As you can imagine, there are several degrees in horror, several versions which will explain the differences observed in vivo.
The ISO 7498-2 standard. Which could be described as moderate. Published in 1989, then revised in 2000, describes the general elements of computer architecture of secure systems. Its section 3 contains the famous Definitions.
- Encipherment for rendering unreadable but the term encryption is considered synonymous.
- Decipherment for the reverse operation, the term decryption is considered synonymous.
- Cryptanalysis for the action of finding confidential information by analysis.
- Ciphertext for a message rendered unreadable.
The RGS of ANSSI. The Référentiel Général de la Sécurité was published much later; version 1 in 2010 and version 2 in 2014. It has the same goal as ISO 7498-2 (to set the reference elements) but these years of maturation have enriched its hermetic reflections which are therefore sharpened.
You will find the Paragraph in appendix B1 (section A.1.1 on page 32) which we reproduce here _as is_not to distort the revealing message:
Il faut noter que le seul terme admis en français est celui de chiffrement. On entend cependant souvent parler de « cryptage » qui est un anglicisme, voire de « chiffrage », mais ces mots sont incorrects. L’opération inverse du chiffrement est le déchiffrement. On désigne par « décryptage », ou « décryptement », l’opération qui consiste à retrouver le clair correspondant à un chiffré donné sans connaître la clé secrète, après avoir trouvé une faille dans l’algorithme de chiffrement.
the Official Paragraph
The exegesis of this founding text (because it is cited as a reference during French-language corrections) is provided in the following table where, for each term commonly used, corresponds the official term of the myth.
|To encrypt||To encipher|
|To decrypt||To decipher|
|To cryptanalyze||To decrypt|
The novice will quickly point out the shift in meaning for to decrypt in the official version (and will wonder if to crypt describes the opposite operation, namely to encipher without knowing the key), as well as the inconsistency of roots, sometimes Greek (crypt-), sometimes Arabic (cipher-) and that in all linguistic logic, the science of ciphers should be called cipherology.
Some forbidden legends mention novices that got lost by noticing that the justification of the verb cipher would come from the fact of using mathematical operations…
The emergence of alphabetical languages allowed the use of the first ciphers, in the sense that the alphabet is used as a mathematical object on which one can apply transformations.
Matthieu Lequesne, « Analysis of code-based post-quantum cryptosystems », phd, Sorbonne Université 2021
These misguided people pointed out that a digit is a meaningless glyph and that mathematics deals with Number Theory (from latin _numerus). They then issued the daring heresy that since it was a question of performing mathematical operations on numbers from texts, following logical reasoning, we should rather speak of numerology…
But this is a simplistic reduction that ignores all of the subtle cryptological complexity and demonstrates especially among their authors, as we will see later, a lack of in-depth studies or their cognitive limitation (or both).
A social marker
In his bible “Applied Cryptography”, Bruce Schneier tries to explain the victory of to encipher over to encrypt because recalling the crypt (place where the dead are hidden) would invoke the image of corpses and thus shock certain cultures…
It seems that some cultures find the terms “encrypt” and “decrypt” offensive, as theyr refer to dead bodies.
Bruce Shneier, « Applied Cryptography », Wiley, second edition.
Our interpretation is much simpler and follows a generally shared opinion as spontaneously related by this witness of many possessions:
My anecdotal experience here is that this is one of those case in English where the casual conversationalist will use the terms almost interchangeably, while the pedant will insist on the distinction.
Cobaltduck, april 10th 2018, english.stackexchange.com
The use of the Official Language of the Myth therefore does not hide a better understanding of the Arcana of the subject (as evidenced by the internal inconsistencies in the myth) but rather a means for the elite to distinguish themselves from the plebs. What is commonly called in sociolinguistics a “language register”.
The ignorant say encrypt, the initiated say encrypt.
For the initiate, this one small word allows him to determine with precision the social class of his interlocutor without the novice noticing it. Unstoppable.
The assimilation of a myth
Learning the official language has a significant cognitive cost. Unlike vulgar terms, which are all logically constructed from a common prefix, their official version is not consistent; some words change meaning and multiple prefixes are used.
This is called cognitive dissonance. An uncomfortable state in which our mind finds itself when confronted with a situation that contradicts its cognitions. To find inner peace, he needs to resolve the conflict.
Since there can only be one good word, the outcome is manichean…
Either the correct verb is to encrypt. And so ANSSI, ISO, teachers and other experts are wrong. The etymology and the social marker provide a simple and satisfactory explanation for the phenomenon but implies that using to encrypt excludes us from the dominant group, which would be the case.
Some hermits follow this path and obtain inner peace at the cost of the exclusion of their fellows, but those who want to work in the field will learn to disguise themselves by saying to encipher while preferring to say to encrypt and it will cost them, every time.
Hence the economic interest of the second solution.
Either the right verb is to encipher. And there must be a reason, of course. Some will be satisfied to follow dogma taught with authority. Others will look for traces of older uses or other more or less esoteric justifications.
In this path, there is adherence to the Myth. Once converted, one feels part of the great family of experts in computer security, the Elected Holders of the Arcana, Illuminated by the Revelation. We know what to do, it’s reassuring: You have to say encrypt because it’s the only word allowed.
At first, the presence of to crypt will generate discomfort, resolved by viewing it as the mark of a novice. Then, step by step, the resolution will be done automatically by ignoring this error of the interlocutor and thus, over time, the initiated is converted.
The frequency of possession, which decreases over time, is therefore not due to the immune system which is fighting, but on the contrary to the assimilation of the agent by progressive desensitization.
But as long as the belief is fragile, each Forbidden Invocation recalls the cognitive dissonance and corresponding discomfort. Each occurrence of to encrypt makes the novice doubt, in his initiatory journey, forcing him each time to fight against the Heretical Etymology.
In some spirits, this permanent struggle provokes a missionary injunction to convert the greater part of the pagan population and bring them back to the Truth. Every opportunity is used to deliver the official message: blog posts, popular videos, or even standards and other Référentiels.
The missionary hopes that once the people around him are converted, no longer hearing the injunction, he will finally find the peace he’s waiting for.
But this path is doomed to failure. Because with the Internet, the whole planet lives around him and the flow of novices is inexhaustible because of the effectiveness of the Etymology. He knows it and faced with this impossible challenge, some give up the fight.
Others, on the contrary, will redouble their devotion.
So what happens when a devout spirit tortured by doubt meets the injunction online?
Unlike the real world where the skin provides a physical and psychic border to its Being, sifting the information that enters or leaves. In cyberspace, information directly reaches his consciousness, without interpretation, and above all without filter.
The blasphemy is then formulated in the tortured spirit as if it emanated directly from it. To the usual cognitive dissonance is added this time the guilt of having sinned. The anger is too great and provokes a reaction of rejection and destruction of this impure thought.
And unlike the real world where the skin contains its violent thoughts, in cyberspace, its intentions are expressed freely, without restraint, and therefore without filter.
This is why the invocation, pronounced in cyberspace, finds such a sounding board there. Possessions are not only easier but also much more numerous. Where you would only risk an angry look in a mundane conversation, this time you will face a veritable army of cyber-ghosts determined to tear everything down.
When we talk about making a message unreadable for those who do not hold the key (in the metaphorical sense), Etymology and scientific precision tell us to say to encrypt but by doing so, we take the risk of summoning tortured spirits who want to convert you to cipherment to obtain the inner peace to which they aspire so much.
Diplomacy would therefore require you to say to encipher at the cost of more or less pronounced cognitive dissonance depending on the stage of conversion of your audience. Among initiates this word will make you recognize as one of them but you risk losing the novices who listen to you (unless that is the goal).
So what to do?
It is up to you to choose according to your objectives and the context of your communication. For our part, here is how we decide according to the audience.
When we popularize or teach in school, the audience wants to understand how the world works. We then say to encrypt (and if we have time we mention that some say to encipher). The goal is for them to understand and encryption is more effective in achieving this.
In higher education, students mainly want a job at the end of their training. We therefore say to encipher (and if we have the time we explain the why and how). The goal is for them to integrate into the world of work and encipherment is more effective in achieving this.
The rest of the time, we don’t think about it because our life is not about talking about cryptography and above all, we assume that everyone says and believes what they want.