The History of Encryption: From Ancient Ciphers to Modern Cryptography

At this very moment, your smartphone is performing encryption operations non-stop. When you open your banking app, send a message, connect to a café’s WiFi, or even when your navigation app receives a GPS signal — behind all of it lies an encryption technology that has evolved over thousands of years. Even the signals broadcast from GPS satellites come in two varieties: the civilian C/A code, free for anyone to use, and the precision signal protected by military encryption technology called the P(Y) code.^[1] Why does a single satellite system carry both an encrypted signal and an open one?

To answer that question, we need to start with why humanity needed the technology to keep secrets in the first place. The history of cryptography is not merely a history of technology. It is a story of power and survival, war and diplomacy, and the endless clash between attacker and defender — spear against shield.

Secrets Began the Moment Writing Did

The history of cryptography is as old as writing itself. Around 1900 BC, a modified form of hieroglyphs was carved into a nobleman’s tomb in Egypt. The intent appears to have been less about secrecy and more about conveying dignity and mystery to the reader — yet this remains the oldest recorded example of cryptographic practice.^[2]

More systematic use of ciphers appeared in ancient Greece. Around the 7th century BC, the Spartan military used a device called the Scytale in battlefield communications. The method was simple: a strip of leather was wound spirally around a wooden rod, and the message was written across the length of the strip. Once unwound, the letters scrambled into meaningless sequences. Only a recipient with a rod of the same diameter could re-wrap the strip and read the original message.^[2] The idea that the rod’s diameter serves as the key is a primitive form of what modern cryptography calls the “key.”

Scytale — ancient Greek transposition cipher tool — *Scytale — a transposition cipher tool used in Sparta around the 7th century BC* Source: Wikimedia Commons (CC BY-SA 3.0)

Caesar’s Cipher: The Simplicity of Shifting by Three

In the 1st century BC, the Roman general Julius Caesar is said to have used a substitution cipher for military communications. The method was extremely simple: every letter of the alphabet was shifted three places forward. A became D, B became E, and Z became C.^[3] The message ‘HELLO’ would become ‘KHOOR’. Caesar reportedly used this cipher to correspond confidentially with his generals during the Gallic Wars.

According to the Roman historian Suetonius, Caesar also used the technique of substituting Latin letters with Greek letters, in addition to the three-shift method.^[3] Today, the Caesar cipher is classified as a “shift cipher” and has become the first example taught in modern cryptography education.

However, the Caesar cipher has a fatal weakness. The range of shifts is limited to the size of the alphabet — only 25 possible values with the Latin alphabet. This means anyone who intercepts a message can try every possibility and crack it quickly. This simple vulnerability would be formally demonstrated about 900 years later by a scholar in the Middle East.

The Arabic Mathematician Who Discovered Language’s Fingerprint

In 9th-century Baghdad, at the heart of the Islamic Golden Age under the Abbasid Caliphate, a scholar named Al-Kindi (801–873) made a revolutionary discovery. He noticed that in any language, each letter appears with a consistent frequency. In Arabic, certain letters appear very often while others are rare. In English, ‘e’ is the most common letter, while ‘z’ and ‘q’ appear least frequently.

Al-Kindi described this technique for the first time in his treatise Risalah fi Istikhraj al-Mu’amma (A Manuscript on Deciphering Cryptographic Messages), coining the method of frequency analysis.^[4] The approach involves counting how often each symbol appears in an encrypted text, then inferring that the most frequent symbol corresponds to the most common letter in the original language. This technique was capable of breaking any “monoalphabetic substitution cipher” — any cipher that simply replaces each letter with one fixed substitute, as the Caesar cipher does.

Frequency analysis became the central tool of codebreaking for centuries to come. And the emergence of this powerful tool created pressure to develop new encryption methods.

Renaissance Europe: Defeat Frequency Analysis with Complexity

What is the way to neutralize frequency analysis? It is simple: stop replacing each letter with the same symbol every time. If the same letter ‘A’ is sometimes encrypted as ‘Q’ and other times as ‘T’, frequency analysis loses its power.

Leon Battista Alberti of 15th-century Italy had exactly this idea and proposed a new cipher system. He invented a cipher disk using two concentric rotating discs, introducing a method of periodically switching the encryption alphabet while writing a message.^[5] This was the origin of the “polyalphabetic cipher.”

The idea was refined by several scholars over time. In 1553, Italian cryptographer Giovan Battista Bellaso formalized the use of a keyword to apply a different alphabet shift to each letter.^[5] This technique later became known as the Vigenère cipher, named after the French diplomat Blaise de Vigenère (in fact, it was Bellaso who developed it first, but the cipher was misattributed for a long time).

The Vigenère cipher made frequency analysis considerably more difficult. It maintained its reputation as an “unbreakable cipher” for roughly 300 years, from the 16th to the 19th century. However, in 1863, Prussian military officer Friedrich Kasiski published a method for systematically breaking it by determining the key length, and the fortress finally fell.^[5]

*Vigenère square (tabula recta) — the key tool for polyalphabetic substitution ciphers* Source: Wikimedia Commons (Public Domain)

Between Diplomacy and War: Europe’s Cipher Wars in the Early Modern Era

Through the Renaissance and Reformation periods, cryptography became a central instrument of statecraft. The courts of Europe established dedicated departments to encrypt diplomatic correspondence, and operated “Black Chambers” dedicated to breaking enemy codes. The Habsburg monarchy in Austria, the French Bourbon dynasty, Britain, and others engaged in sophisticated espionage — secretly copying and deciphering foreign diplomatic dispatches before resealing and delivering them.^[6]

The tragic case of Mary, Queen of Scots illustrates how catastrophically a cipher failure can end. In 1586, Mary participated in the Babington Plot — a conspiracy to assassinate England’s Queen Elizabeth I and seize the throne — and exchanged letters with her conspirators using a complex homophonic substitution cipher. However, Francis Walsingham, Elizabeth I’s chief spymaster, succeeded in cracking the code. Armed with this evidence, Mary was executed.^[6]

The Age of Machines: Enigma and the Second World War

The most dramatic leap in encryption technology came during the two World Wars of the 20th century. The appearance of mechanical encryption devices pushed the complexity of ciphers to a level that human computation could simply not keep pace with.

Enigma: The Pinnacle of Electro-Mechanical Encryption

*Enigma cipher machine — a rotor-based encryption device used by the German military during World War II* Source: Wikimedia Commons (CC BY-SA 2.0 FR)

Enigma, invented in 1918 by German engineer Arthur Scherbius for commercial purposes, became the primary communications encryption tool of the German military in World War II. Enigma resembled a typewriter: pressing a key sent an electrical signal through multiple rotating rotors, substituting each letter with a different one.^[7]

Enigma’s strength lay in the sheer number of possible configurations. Taking into account the combinations of 3 to 4 rotors, the plugboard (Steckerbrett) wiring, and the day’s initial settings, the theoretical number of configurations reached approximately 1.59 × 10^20 (159 × 10^18).^[7] The German military re-initialized the machine with new settings every day, meaning the previous day’s decryption breakthrough was worthless by morning.

Bletchley Park and Alan Turing

The first attack on the German Enigma came from Polish mathematicians. Marian Rejewski, Jerzy Różycki, and Henryk Zygalski reverse-engineered the structure of Enigma in the 1930s and developed a mechanical device to identify its daily settings.^[8] The fruits of this Polish team’s work were passed to Britain and France just before the outbreak of war in 1939.

The British government established a top-secret codebreaking center at Bletchley Park, a country estate in Buckinghamshire. Mathematicians, linguists, chess champions, and crossword puzzle experts all gathered here; at its peak, around 10,000 people worked at the site.^[8]

At the center of it all was Cambridge mathematician Alan Turing. Drawing on ideas from the Polish team’s device, Turing worked with colleague Gordon Welchman to develop an electromechanical codebreaking device called the Bombe.^[8] The Bombe systematically filtered through Enigma’s settings combinations to identify the day’s key within a viable timeframe. In the latter stages of the war, Bletchley Park was decrypting thousands of German messages per day.^[8]

Historians estimate that the codebreaking at Bletchley Park shortened the duration of the war by up to two years.^[8] Yet the entire operation remained classified for roughly 30 years after the war ended. Turing himself died in 1954, long before his contributions were officially recognized.

Japan’s PURPLE Cipher

In the Pacific theater, the PURPLE cipher machine used by the Japanese Foreign Ministry drew significant attention. The U.S. Army Signal Intelligence Service (SIS), without ever obtaining an actual PURPLE machine, reverse-engineered its mechanism through mathematical analysis alone, succeeding in decryption in August 1940.^[9] This decryption achievement, codenamed “MAGIC,” provided the United States with an enormous intelligence advantage throughout the Pacific War.

Navajo Code Talkers: The Language Itself as a Cipher

A completely different kind of “code” was also at work on the same Pacific front. In 1942, the U.S. Marine Corps deployed 29 Navajo (Diné) Native Americans as the first cryptologic communicators. The Navajo language was an oral language with no written system, its tonal structure and grammar were extraordinarily complex, and at the time there were virtually no non-native speakers outside the tribe who could understand it.^[10] The Code Talkers developed a Navajo-language code system for military terminology. For example, a submarine was called an “iron fish” (besh-lo), and a fighter plane was a “hummingbird” (da-he-tih-hi). By the end of the war, approximately 400 Navajo Code Talkers had served, and during the Battle of Iwo Jima in 1945, six Code Talkers transmitted and received more than 800 messages without error in just the first two days.^[10]

Strictly speaking, this is closer to a “code” than to “encryption” based on a mathematical algorithm. In traditional cryptography, a cipher transforms letters or bits according to mathematical rules, while a code substitutes at the level of words or phrases. The Navajo code was fundamentally different from conventional cipher systems in that the rarity and complexity of the language itself provided the security. Nevertheless, the Japanese military never succeeded in breaking the Navajo code until the end of the war — proof that this approach was extraordinarily effective in the field.^[10]

The Navajo Code Talker program remained classified after the war and was not declassified until 1968. In 2000, the U.S. Congress passed the Honoring the Navajo Code Talkers Act, formally recognizing their contributions, and in 2001 the original 29 Code Talkers were awarded the Congressional Gold Medal.^[10]

The Digital Revolution: Computers and the New Era of Encryption

When the war ended and computers appeared, encryption entered an entirely new phase. Mechanical rotor devices were replaced by digital algorithms, and the speed and complexity of encryption grew beyond all previous comparison.

DES: The First Public Encryption Standard

In 1973, the U.S. National Bureau of Standards (NBS, now NIST) issued a call for the development of a standard encryption algorithm to protect civilian and government digital data. An algorithm developed by IBM was selected, and in January 1977, DES (Data Encryption Standard) was officially announced as a federal standard.^[11]

DES was a symmetric-key cipher that processed data in 64-bit blocks using a 56-bit key. Its historical significance was considerable as the first publicly available government-sponsored encryption standard. However, from the moment of its announcement, there was debate about whether a 56-bit key was sufficiently secure. By the mid-1990s, as computer performance advanced dramatically, those concerns proved justified. In 1999, dedicated hardware called the “DES Cracker,” built by the Electronic Frontier Foundation (EFF), decrypted a DES-encrypted message in just 22 hours and 15 minutes.^[11]

Public-Key Cryptography: Separating the Lock from the Key

DES was a symmetric-key system, meaning the same key was used for both encryption and decryption. The fundamental problem with this approach is the “key distribution problem.” Before sending an encrypted message, how do you securely share the same key with the recipient? If you cannot hand the key over in person, the key itself risks being intercepted.

In 1976, Stanford University mathematicians Whitfield Diffie and Martin Hellman published a revolutionary paper titled “New Directions in Cryptography” that solved this age-old dilemma.^[12] The core of their proposed public-key cryptography concept was this: separate the lock (public key) from the key (private key). Anyone can encrypt a message using the publicly available public key, but only the person who holds the paired private key can decrypt it. The reason it is safe to publish a public key to the world is that computing the private key from the public key is mathematically extraordinarily difficult.

In 1977, MIT researchers Ron Rivest, Adi Shamir, and Leonard Adleman published the RSA algorithm, a practical implementation of this concept.^[12] RSA exploits the mathematical property that multiplying two very large prime numbers is easy, but factoring the result back into those original two primes (prime factorization) is extraordinarily hard. When the RSA algorithm was introduced in Scientific American in 1977, the largest RSA challenge problem of the day was estimated to require approximately 4 × 10¹⁶ years for a computer to solve.

There is an interesting historical footnote. It was later revealed that Clifford Cocks, a cryptographer at Britain’s GCHQ intelligence agency, had independently discovered the same principle as RSA as early as 1973.^[12] However, his research was classified, and it was not made public until 1997.

AES: The Algorithm That Became the World Standard

As DES’s vulnerabilities became apparent, NIST held an open international competition in 1997 to find its successor. The requirements were strict: a 128-bit block cipher supporting three key lengths — 128, 192, and 256 bits.^[11]

After five years of evaluation, in November 2001, the Rijndael algorithm developed by Belgian cryptographers Joan Daemen and Vincent Rijmen was selected as the new standard. This algorithm was given the name AES (Advanced Encryption Standard).^[11]

AES is currently the most widely used symmetric-key encryption algorithm in the world. It is found everywhere: banking networks, classified government communications, VPNs, disk encryption, and more. For AES-256, which uses a 256-bit key, calculations show that even if every atom in the observable universe were enlisted as a computing element, it could not be cracked within the universe’s lifetime.

Encryption in Daily Life: The Invisible Shield Around Us

Today, encryption is not the exclusive domain of computer security specialists. Everyone who connects to the internet uses encryption dozens of times each day.

HTTPS and TLS: The Web’s Lock

The padlock icon at the front of a web address indicates that TLS (Transport Layer Security) is in operation. TLS’s predecessor is SSL (Secure Sockets Layer), developed by Netscape in 1994.^[13] The insecure SSL 1.0 was used only internally, SSL 2.0 was released publicly in 1995, and then in 1999 the IETF published TLS 1.0 based on SSL.

This is how HTTPS works: when a browser and server first connect, they use public-key cryptography (RSA or Diffie-Hellman) to securely exchange a session key. Actual data transmission then uses a far faster symmetric-key cipher such as AES. This combination — using public-key cryptography to solve the key distribution problem, and symmetric-key cryptography for processing speed — is the foundational architecture of modern internet security.

WiFi Security: Encryption Through the Air

In wireless networks, where signals travel freely through the air, encryption is especially critical. The early WiFi standard WEP (Wired Equivalent Privacy), introduced in 1999, was already broken by 2001 due to serious design flaws.^[14] Its replacements, WPA (WiFi Protected Access) and then WPA2, emerged in succession, with WPA2 adopting AES to substantially improve security. WPA3, announced in 2018, enhanced individual encryption so that other users on the same network cannot eavesdrop on your communications.

GPS’s Two Faces: C/A Code and P(Y) Code

Let us return to the GPS signal encryption story mentioned in the introduction. GPS satellites simultaneously broadcast two types of signals.

The first is the C/A code (Coarse/Acquisition code), the civilian signal freely used by smartphones and car navigation systems. It transmits pseudo-noise code at 1.023 MHz per second.

The second is the P(Y) code (Precise/encrypted Y-code), the high-precision military signal.^[1] The P code is transmitted at 10.23 MHz per second — ten times faster and more precise than the C/A code. Since 1994, the U.S. military has activated an Anti-Spoofing (AS) feature on this signal. A secret code called the W-code is XOR-combined with the P code to create the P(Y) code, making it impossible to decode the precise signal without the encryption key.^[1] Thanks to this encryption, military receivers are far more resistant to spoofing (attacks that trick receivers with false signals).

What is interesting is that this GPS encryption is directly connected to the history of modern cryptography. The key distribution system protecting GPS precision signals is built on the principles of public-key cryptography and AES-family algorithms. The concept of the “key” — which first appeared when a Spartan soldier wrapped a leather strip around a wooden rod to hide a message — has carried through all the way to the encryption of satellite signals in orbit.

End-to-End Encryption in Messaging Apps

Many messaging apps today offer End-to-End Encryption (E2EE). This means a message is encrypted on the sender’s device, travels through servers without ever being decrypted, and is only deciphered on the recipient’s device. Even the service provider cannot read the contents. The Signal Protocol has established itself as the standard in this field, and has been adopted by WhatsApp, Telegram’s Secret Chats, and others.^[14]

The Future Threat: Quantum Computers and Post-Quantum Cryptography

The greatest threat to modern cryptography is the quantum computer. While ordinary computers operate on bits (0 or 1), quantum computers use qubits, which can represent 0 and 1 simultaneously through superposition. A theoretically sufficiently powerful quantum computer could use Shor’s algorithm to solve the prime factorization problem — the mathematical foundation of public-key cryptography such as RSA — in a practically viable timeframe.^[15]

Some experts believe that quantum computers capable of threatening current encryption could emerge by the mid-2030s.^[15] This means that today’s encrypted communications may already be at risk. A strategy known as “Harvest Now, Decrypt Later” — intercepting and storing encrypted communications today to decrypt them using a future quantum computer — may already be in use.

NIST’s Post-Quantum Standards

In response, the U.S. National Institute of Standards and Technology (NIST) launched an open global competition in 2016 to develop new encryption algorithms that even quantum computers cannot break. After eight years of evaluating candidate algorithms submitted by cryptographers from around the world, in August 2024 NIST announced the first three finalized Post-Quantum Cryptography (PQC) standards.^[15]

ML-KEM (FIPS 203): Lattice-based key encapsulation mechanism
ML-DSA (FIPS 204): Lattice-based digital signature standard
SLH-DSA (FIPS 205): Hash-based digital signature standard

These standards are based not on integer factorization or discrete logarithm problems, but on new mathematical problems that are difficult even for quantum computers to solve. NIST plans to phase out existing quantum-vulnerable algorithms by 2035.

Homomorphic Encryption: Computing on Encrypted Data

Another future technology attracting significant attention is Homomorphic Encryption. Traditional encryption required decryption before any processing of data could take place. Homomorphic encryption makes it possible to perform computations on data while it remains encrypted, and to receive results that are also in an encrypted state.^[16] For example, a hospital could run statistical analyses on patient data in the cloud without ever decrypting it. Processing speed remains slow for general use, but research is advancing rapidly.

Conclusion: The Endless Battle Between Spear and Shield

From a Spartan rod in antiquity to quantum-resistant algorithms today, the history of encryption repeats one pattern: whenever a new cipher is devised, efforts to break it inevitably follow. Al-Kindi’s frequency analysis rendered the Caesar cipher useless; to evade frequency analysis, the Vigenère cipher was born; the Vigenère cipher was broken by Kasiski. Enigma was the most powerful cipher machine of its era, yet it was dismantled by the mathematicians of Bletchley Park. And now, RSA — which has guarded the internet for decades — stands before a new challenger: the quantum computer.

The day this contest between spear and shield ends will never come. Encryption is not a technology that is ever “finished” — it is always in the process of evolving. The encryption systems that protect GPS signals, secure banking transactions, and guard the messages of billions of people today are the product of human ingenuity and competition that has continued unbroken since the day a Spartan soldier wrapped a leather strip around a wooden rod to conceal his message.

References

[1]: Wikipedia, “GPS signals” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/GPS_signals); Penn State University GEOG 862, “The P and C/A Codes” (factual reference; https://www.e-education.psu.edu/geog862/node/1741)

[2]: Wikipedia, “History of cryptography” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/History_of_cryptography); IBM, “The History of Cryptography” (factual reference; https://www.ibm.com/think/topics/cryptography-history)

[3]: Wikipedia, “Caesar cipher” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Caesar_cipher); Britannica, “Cryptology - Ancient, Codes, Ciphers” (factual reference; https://www.britannica.com/topic/cryptology/History-of-cryptology)

[4]: Wikipedia, “Al-Kindi” and “Frequency analysis” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Al-Kindi; https://en.wikipedia.org/wiki/Frequency_analysis); Entrust, “The History of Cryptography” (factual reference; https://www.entrust.com/resources/learn/history-of-cryptography)

[5]: Wikipedia, “Vigenère cipher” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Vigenère_cipher); Wikipedia, “Polyalphabetic cipher” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Polyalphabetic_cipher)

[6]: MIT Press Reader, “A History of Cryptography From the Spartans to the FBI” (factual reference; https://thereader.mitpress.mit.edu/a-history-of-cryptography-from-the-spartans-to-the-fbi/); Wikipedia, “Babington Plot” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Babington_Plot)

[7]: Wikipedia, “Enigma machine” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Enigma_machine); Britannica, “Enigma” (factual reference; https://www.britannica.com/topic/Enigma-German-code-device)

[8]: Wikipedia, “Bletchley Park” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Bletchley_Park); Imperial War Museums, “How Alan Turing Cracked The Enigma Code” (factual reference; https://www.iwm.org.uk/history/how-alan-turing-cracked-the-enigma-code); National WWII Museum, “Alan Turing and the Hidden Heroes of Bletchley Park” (factual reference; https://www.nationalww2museum.org/war/articles/alan-turing-betchley-park)

[9]: Wikipedia, “Purple (cipher machine)” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Purple_(cipher_machine)); Wikipedia, “Magic (cryptography)” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Magic_(cryptography))

[10]: Wikipedia, “Code talker” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Code_talker); CIA, “Navajo Code Talkers and the Unbreakable Code” (factual reference; https://www.cia.gov/stories/story/navajo-code-talkers-and-the-unbreakable-code); National WWII Museum, “American Indian Code Talkers” (factual reference; https://www.nationalww2museum.org/war/articles/american-indian-code-talkers)

[11]: NIST, “The Cornerstone of Cybersecurity – Cryptographic Standards and a 50-Year Evolution” (factual reference; https://www.nist.gov/blogs/cybersecurity-insights/cornerstone-cybersecurity-cryptographic-standards-and-50-year-evolution); Wikipedia, “Data Encryption Standard” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Data_Encryption_Standard); Wikipedia, “Advanced Encryption Standard” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Advanced_Encryption_Standard)

[12]: Wikipedia, “Diffie–Hellman key exchange” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange); Wikipedia, “RSA cryptosystem” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/RSA_cryptosystem); Nexus Group, “Who Invented Public Key Cryptography?” (factual reference; https://nexus.ingroupe.com/who-invented-public-key-cryptography/)

[13]: Wikipedia, “Transport Layer Security” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Transport_Layer_Security); Acunetix, “TLS Security 2: A Brief History of SSL/TLS” (factual reference; https://www.acunetix.com/blog/articles/history-of-tls-ssl-part-2/)

[14]: Wikipedia, “Wi-Fi Protected Access” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access); Wikipedia, “Signal Protocol” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Signal_Protocol)

[15]: NIST, “NIST Releases First 3 Finalized Post-Quantum Encryption Standards” (factual reference; https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards); World Economic Forum, “Why the new NIST standards mean quantum cryptography may just have come of age” (factual reference; https://www.weforum.org/stories/2024/10/quantum-cryptography-nist-standards/)

[16]: Wikipedia, “Homomorphic encryption” (CC BY-SA 4.0; https://en.wikipedia.org/wiki/Homomorphic_encryption); IBM Research, “Homomorphic Encryption” (factual reference; https://research.ibm.com/topics/homomorphic-encryption)