Think encryption is cryptic? It’s just good old crypto, really, and it’s here to stay

Sandesh Anand March 17, 2017 5 min

Story Highlights

  • In ancient times, crypto was a tool used mostly for tactical purposes by governments and militaries
  • With the advent of the internet, it is being used by every individual and organisation with a digital presence
  • Cryptography is set to move beyond privacy and security issues. For example, cryptocurrencies may usher in a new way of conducting financial transactions

It was the decryption of the Zimmerman Telegram by the British intelligence that helped drum up support for the US declaration of war on Germany during World War I. And Alan Turing’s breaking of the Enigma code — an enciphering machine used by the Germans to send messages securely — helped hasten the end of World War II. In both cases cryptography (or crypto) shaped the way history played out.

Crypto — the art of writing or solving codes — is not just part of history. It continues to influence our present, and is bound to play a big role in defining our future as well.

While in ancient times, crypto seemed to be a tool used mostly for tactical purposes by governments and militaries, with the advent of the internet, it is being used by every individual and organisation with a digital presence, whether or not they are aware of it.

While in ancient times, crypto seemed to be a tool used mostly for tactical purposes by governments and militaries, with the advent of the internet, it is being used by everyone with a digital presence  

Using Gmail to access your email? You are using transport layer security (TLS) to ensure no one can snoop on your emails. Using a password on a Windows 10 machine at work? Your company probably safeguards the contents using BitLocker. As we move towards a world of “smart-everything” (even a smart teddy bear, which was recently hacked), crypto will continue to play a crucial role in our digital, and real, lives.

Nothing explains the power of crypto better than how it affected the outcomes of the two of the biggest data leaks of our times — the Snowden leaks on the NSA and the Wiki Leaks expose on the CIA. While the NSA in 2013 could collect a sweeping amount of unencrypted data by simply grabbing it off Google’s and Yahoo’s wide-area networks, the CIA in 2017 has to carry out risky, targeted attacks to get information about individual users as it is unable to “bypass” encrypted messages.

For probably the first time in modern history, governments do not have the technical ability to eavesdrop on communication between her citizens. Depending on who you are, you can either thank or blame crypto for this  

So, how did this change occur? After the NSA leaks, technology companies upped their game and started encrypting everything. Messaging apps like WhatsApp and Signal started encrypting traffic end to end, which means even the companies which built the software cannot read the messages shared. For probably the first time in modern history, governments do not have the technical ability to eavesdrop on communication between her citizens. Depending on who you are, you can either thank or blame crypto for this.

Nothing cryptic about crypto

The use of cryptography by states and individuals to protect personal and sensitive information isn’t new. Evidence exists of people using scrambled text to hide information as early as 1600 BC in Mesopotamia. As old as cryptography is cryptanalysis, the science of breaking of ciphers and intercepting data. While popular tales such as the Turning machine breaking Enigma are well documented in books and motion pictures, not much has been written about cryptanalysis. It is, however, as complex and interesting as cryptography itself.

In its simplest form, encryption is quite intuitive. For instance, the ‘Caesar Cipher’ encrypts data by replacing a given letter with a different one, consistently. Say, if the sender of a message replaces each character with a letter four places ahead in the English alphabet (ROT4, as it is called), “Mary had a little lamb” becomes “Qevc leh e pmxxpi peqf.”

Encryption of the word ‘hello’ using Caeser Cipher (ROT 13)

For the intended recipient to read the message, they need two pieces of information: one, what kind of cipher the sender is using (Caesar Cipher) and two, the number of cyclical shifts each letter has taken (in this case four). Once the receiver has this information, it is pretty simple to shift back each letter by four places to decipher the original message. A cryptanalyst who wishes to “break” the cipher understands that there are only 26 possibilities for the rotation. The simplest way to break the code would be to compute all 26 combinations and examine which one makes sense.

However, modern day cryptography is (thankfully) not intuitive. Scientists spend many years building algorithms that stand up to scrutiny by the world’s best cryptanalysts  

However, modern day cryptography is (thankfully) not intuitive. Scientists spend many years building algorithms that stand up to scrutiny by the world’s best cryptanalysts. All well-adopted encryption methods are open source and heavily peer-reviewed. Even once they are widely in circulation, researchers make constant attempts at breaking them.

Recently, a method was developed to break SHA-1, a hashing algorithm used widely to maintain integrity of communication and establish identities of users on the internet. Since the attack is largely theoretical, researchers continue to work on making the attack practical. While this may seem like a way to make internet communication insecure, development of such attacks often lead to internet companies adopting safer methods faster (in this case, moving to the use the more secure SHA-256 algorithm).

Deciphering the future

The usage of cryptography is set to move beyond privacy and security issues. The advent of cryptocurrencies may usher in a new way of conducting financial transactions, maintaining ledgers etc.

In addition to making technological advances, cryptography has always attracted interest from governments. From the days of King Louis XIV of France, who had a chief cryptographer (Antoine Rossignol of the Great Cipher fame), states have always attempted to use cryptography to gain tactical and strategic advantages.

The usage of cryptography is set to move beyond privacy and security issues alone. The advent of cryptocurrencies may usher in a new way of conducting financial transactions, maintaining ledgers etc  

On one hand cryptography provides the state great powers, while on the other, it threatens to snatch away some of them. Encryption standards and best practices are relevant political issues with no clearly defined policies. Even within the security community, there is broad disagreement on how good cryptography is. In India, the central government is trying hard to bring back legislature which may weaken encryption and leave internet users vulnerable.

There is no doubt that cryptography will continue to play a huge role in society. As a byproduct, so will cryptographers and cryptanalysts. If you meet one, thank them or, even better, gift them a — hard to find — crypto puzzle. You will probably make their day.


               

Lead visual: Angela Anthony Pereira