Sometimes the things you most need to protect aren’t objects, people, or places: they’re pieces of information.
There are three primary ways to do this. The first is to hide the physical medium of the message itself, the paper or whatever it’s written on. Remember the hidden compartments we mentioned before? These come into play again here, especially because the hiding spot doesn’t have to be large. Curling a slip of paper inside a pen is a common notion, but my favorite method is something I didn’t believe was possible until I saw it done: hiding a message inside a raw egg. You soak the egg in vinegar until its shell becomes pliable, then cut a small slit and push in your paper (using iron gall ink to write with, so it won’t run), then soak the egg in clean water until it hardens again. Hey presto, a basket full of ordinary-looking eggs, and who would think to crack them open to find a note inside?
Steganography, aka “hidden writing,” isn’t about keeping someone’s eyes from falling on the message; it’s about keeping them from realizing that what they’re looking at is a message. These days we have highly technological ways of doing that with digital media, but it goes back a good deal further than that. The classic here is invisible ink, which can’t be seen until you apply the right effect. If you ever wrote a hidden message with lemon juice, then used heat to reveal it, you’ve done steganography! Or you can use the separate ingredients of the aforementioned iron gall ink: write with an extract of oak gall, then apply vitriol of iron (iron sulfate) to reveal it. Nor is this purely an old-fashioned thing or a childish trick; “security markers” can be used to label your belongings, with the writing only becoming visible under UV light.
But that’s only one way to hide a message. Morse code lends itself very nicely to steganography, though often in forms that aren’t usually considered writing per se; a pattern of blinking or a design embroidered into a garment can actually be text. Or you can distribute the elements of your message throughout another text, either with a null cipher or by marking the key bits in some other fashion, e.g. by pricking the paper, using a subtly different color or typeface, and so forth. Anything that attempts to conceal the existence of the message even when someone looks right at it falls under this header.
Which makes it different from cryptography, aka (and here we’re about to fall down a technical rabbit hole) codes and ciphers — which are not the same thing, though we often use the words interchangeably. Passphrases, e.g. to get into a speakeasy or cue rebels to set off the bombs, are extremely simple one-time codes; others amount almost to made-up languages, with a vocabulary of words, phrases, or numerical sequences that indicate particular places, people, items, or actions.
One of the strengths of such a thing is that it can be very difficult to break without getting hold of a codebook, the dictionary that translates all the terms. One of the weaknesses of such a thing is that if your enemy gets hold of a codebook, you’re screwed. You can also break a code by building up a large enough corpus of examples and looking at their context; from that you may be able to suss out the meaning of particular elements. In this sense the decipherment of codes may not be much different from the decipherment of dead languages; the cracking of both Egyptian hieroglyphics and Linear B used many of the same techniques to identify the proper names of people and places, thereby opening up the relevant phonetic systems.
The decipherment of Linear B also used a great deal of math — and that brings us around to ciphers, whose making and breaking can both involve way more math than the layperson might expect. (Unless they’ve paid attention to WWII history and the work done at Bletchley Park.)
Historically speaking, most ciphers were of one of two basic types. A substitution cipher replaces letters or groups of letters with other letters or groups of letters. Rot 13, or “Rotate 13,” is an example most commonly used nowadays for hiding spoilers. By contrast — or sometimes in addition — a transposition cipher changes the order of elements within the plaintext, using a variety of methods.
Simple forms of these are fairly easy to crack. A cipher like Rot13 can be solved by the brute-force method of trying out different substitutions until you get a readable message. Even more complex forms are vulnerable to frequency analysis: if you know what letters or letter combinations are common in the source language, you can count the frequencies of letters and letter combinations in the ciphertext and try to match the most common ones. Transposition ciphers tend to require the use of a key: either a physical one like a grille or a one-time pad, or instructions for how to rearrange the letters to return the plaintext. The former can be stolen and the possibilities for the latter are often finite, which means that analysis can again break the cipher.
It’s possible to get more complex . . . but the problem with that is, the more complex the cipher, the more likely it is that somebody’s going to screw it up, rendering the message unreadable on the far end. Nowadays we rely on computers to do our ciphering for us, which allows for systems that no human analysis can hope to break — but another computer might be able to. There’s a reason cryptography is a major field of study in the modern world.