Book Review: The Manga Guide to Cryptography

Manga de wakaru angou first came out in Japan in 2004, from Ohmsha Publishing, with the English subtitle, “The Comic Guide to Cryptology.” While I was looking around on the No Starch site for information on Cracking Codes with Python, I discovered that they also publish English translations of the Manga de Wakaru books, and that they had The Manga Guide to Cryptography, which came out in the U.S. in 2018. $25 for the print copy. I was able to find a used copy of the Japanese version from Amazon.jp for 500 yen ($5 USD), so I got that instead.

The book starts out with Det. Meguro investigating the theft of a painting from a famous museum. The only clue is a note with the picture of a tanuki (Japanese raccoon dog). The note reads, “hotakanbatashowa daitagosotaukotada”. The police are stymied until the newspaper reporter Rio Komeda shows up and points out it’s just a standard children’s puzzle. “Tanuki” can be read as “ta nuki” (nuki = remove). That is, scratch out every instance of the “ta” letter. This gives “hokan basho wa daigo sou koda” (look elsewhere). Meguro’s little sister, Ruka, is at the museum too, and she points out a big painting of a masked woman in a bunnygirl suit, signed Ms. Cipher. The title plate for the painting has the text “VDVIRCU”. Next follows a series of lectures on what ciphers are, and why they’re so important to modern life (password security, online shopping and banking, etc.) Ruka is a cryptology expert, so she sets out to educate her brother and Rio (and the reader). She starts with “man in the middle attacks” (an interloper intercepts an email, alters it and sends it to the recipient), and how encryption can foil this. There’s also a little blurb on Claude Shannon. She goes a bit into public key encryption, but this is too advanced for everyone, so she switches to writing “rekihietekesuu” which is “Ruka wa utsukushii” (Ruka is pretty) Caesar-shifted by one character in the hiragana alphabet (her brother laughs at this and gets a textbook to the face). There’s a further discussion on Caesar shifts, Caesar cipher wheels, and combinatorial statistics. By the end of the day, the group is tired and hungry, so they get dinner delivered from Usagi Foods (usagi = rabbit). The delivery girl is named Ran, and she wears bunny ears and glasses. (Yes, this is Cipher in disguise).

After dropping off the ramen, Ran says “oyasumi”, which can mean “good night.” Ruka connects “bunny” to “sleep” and realizes that this is the key to “VDVIRCU” – it’s a Caesar shift of 17. Before she can give the answer, for which she wants her brother to buy her a computer – a police officer bursts into the house to announce that Cipher has just stolen an emerald from a different museum. They go to the scene of the crime, and find the next clue – 00110001 00101011 00110001 00111101 00110000. Using the JIS code table (similar to ASCII, but for the Japanese character set), they find it comes out as: “1 + 1 = 0.” This implies the use of XOR logic, so we get a lecture on boolean logic, and more on Common Key, Symmetric Key and Secret Key cryptography. Which leads to Cipher Block Chaining, Horst Feistel, the Lucifer Cipher and IBM’s Data Encryption Standard (DES). There’s a very long discussion of DES, and a 20-page walkthrough of how DES encrypts and decrypts messages. Ruka again demands to get a PC, and her brother just gives her a cheap desk calculator (which is then thrown back into his face),

In chapter 3, we are introduced to Asymmetric Key systems (which is synonymous with public key), and the names RSA, Rabin-Miller, ElGamal, and DSA. To go any farther, we have to learn what prime numbers are, the Sieve of Eratosthenes, Fermat’s test for whether a number is prime (flawed because one number out of millions turned out to be nonprime), and the Rabin-Miller test for primality. We also get little blurbs on Eratosthenes and Fermat. Ran shows up with another order of ramen, and even she is stumped when asked to factor 10001 in her head (73 x 137). Ran and Ruka vow to be friends, and then we get a long discussion on modulus operations and modulus math tables. (To take the modulus of a number, just divide it and use the remainder. I.e. – 16 mod 5 = 1. Also shown as 16 % 5 = 1.) Eventually, we get to the Leonhard Euler pseudo-prime numbers, and the blurb on Euler. Which brings us to RSA encryption, which incorporates very large primes and modular multiplication. And Ruka gets her new PC.

There’s a detailed walkthrough of how to encrypt and decrypt messages with RSA, which helps a lot in understanding the public key encryption program in the Cracking Codes with Python book. At the end of the chapter, Ruka gets an email from Ran. The ramen delivery girl has decided to move away from Japan, but she hopes they can still be friends. Ruka becomes dejected, so Rio and Det. Meguro decide to go get dinner at the ramen shop. When they’re gone, Ruka spins to face the reader and asks “did you figure it out?” The email has 6 lines, which start with the characters:

sa
i
fu
a
wa
watashi = saifaa wa watashi = I am Cipher.

The chapter ends with 5 pages on ElGamal encryption, and a 4-page explanation of the Euclidean algorithm for finding the greatest common divisor (gcd, which also featured in the Cracking Codes book). There’s also an example of the modulus trick that’s used in RSA algorithms that the Cracking Codes book mentioned but didn’t go into.

Say you want to calculate 5^7 mod 11. We can write this out as:

= (5^2 * 5^2 * 5^2 * 5) mod 11
= ((5^2) mod 11) * ((5^2) mod 11) * ((5^2) mod 11) * (5 mod 11)
= ((3) mod 11) * (3) mod 11) * ((3) mod 11) * (5 mod 11)
= ((3 * 3) mod 11) * ((3 * 5) mod 11)
= ((9) mod 11) * ((4) mod 11)
= (9 * 4) mod 11
= 3

That is, 5^7 mod 11 can be broken down into smaller modular chunks that can be solved more easily, and then those modular chunks multiplied against each other. The Python pow() function was specifically written to employ this trick in modular multiplication.

Chapter 4 is a bit more theory heavy, but there’s less math, making it easier to skip over parts that I’m not as directly interested in. Det. Meguro, Ruka and Rio go to Usagi Ramen shop, where the owner is really slow in bringing out their orders. Meguro complains about being hungry, but when the owner comes out, he slams the bowls on the table and glares at them. Seems that Cipher has been faking online orders from other customers, and running off with 29 bowls of free food (she places another 30 orders the following day). The owner demands that Meguro do something about this. Ruka suggests using hash functions, MAC codes, non-repudiation, digital signatures, Certification authority, and to trust in the public key infrastructure. The chapter ends with the observation that PKI is just like modern digital money and banking – it only works when everyone trusts in the system. So, never stop trusting.

Eventually, Cipher sends Ruka another email, this time saying that she’s returning the painting and emerald, and going after a bigger target. The hint consists of the numbers 00001011 00000110 00000110 00000001 00010111 00000111 00001010 , and the word “liberty”. Ruka challenges the reader to try to solve the puzzle themselves using the JIS table and XOR on the key word.

liberty = 01101100 01101001 01100010 01100101 01110010 01110100 01111001

XOR'd
00001011 00000110 00000110 00000001 00010111 00000111 00001010
01101100 01101001 01100010 01100101 01110010 01110100 01111001
--------------------------------------------------------------
01100111 01101111 01100100 01100100 01100101 01110011 01110011 = goddess.

In Japanese, The Statue of Liberty is the “liberty goddess.” On the back copyright page, Det. Meguro spits out his ramen as he watches Cipher carrying off the Statue with several heavy-duty helicopters.

Over all, this book is kind of unbalanced. It starts out with easy concepts that seem to be aimed at school children, then it leaps into a fullblown walkthrough of how DES operates. Then it goes into a simple, yet thorough, look at prime numbers, boolean logic and modulus math, before disappearing into another walkthrough of RSA, and the final descriptions of digital signatures and the public key authority. It’s certainly the best presented, understandable book on the subject I’ve seen here in Japan so far, and it pairs up very nicely with the Cracking Codes in Python book (both from No Starch Press in the U.S.) If you can get The Manga Guide to Cryptography used, I highly recommend it. It was also fun solving the NULL cipher, and the JIS code ciphers.