Whether for secure communication, or for private storage of data, there are occasions when individuals and organizations have a need to make their data unreadable to general users.
The technology that makes this possible is known as cryptography, which comes from the Ancient Greek words, kryptos, that translates to “secret or hidden,” and graphein which means “to write.” Cryptography is a process that converts the text of a message or data, into a scrambled message, that obscures the original message, and then the recipient can convert the scrambled message back to the original.
Cryptography can be traced back to the ancients, with the first documented use dating to 1900 BC in ancient Egypt with substituted hieroglyphics. A more modern approach with a substitution cipher can be found with Julius Caesar in 100 BC, where each letter was substituted with another letter to scramble the message, in what became known as a ‘3 cipher’ that moved each letter three ahead in the alphabet to keep it secure.
This ‘Caesar Cipher’ was used to send secure messages to the Roman generals on the front line, but is considered less secure by modern standards as it only used an encryption method, and did not utilize an encryption key, and therefore is subject to being easily decrypted based on the frequency of the letters.
A more modern approach to cryptography is from Blaise de Vigenère, a Frenchman in the 16th century, and represents an early approach to encoding the message via an encryption key in what became known as the Vigenère cipher. In this approach, an encryption key is used, and the letters get encrypted via this key, however this simplistic approach can also be easily broken.
Seeking greater security, cryptography has benefited from technological advances, with electro-mechanical approaches being taken in the early 20th century, starting with the Hebern Rotor Machine. This used a single rotating disc, with a secret key embedded and was based off of an electrical typewriter. The cryptography is based on a substitution table, but the advance was that the next letter, the rotor advanced, thereby changing to a different substitution table used after each letter, while maintaining efficiency as no manual lookup was required to encode or decode the message.
Rotating disc technology then formed the basis of the famous German Engima machine, which was invented by Arthur Scherbius. It debuted at the end of World War I, and was relied upon heavily by the German military during World War II.
The advance over the Hebern Rotor Machine was that it used multiple discs, three for the German Army, and the Navy, that implemented their Enigma Code later, used four rotors for additional security. It took a process over years to crack the German Enigma code, with initial progress made by the Polish Cipher Bureau, which used their close ties to the German engineering industry for the initial decryption, and had a fully reconstructed an Enigma machine in the 1930’s. The Germans were quite confident that their Enigma code could not be broken, and used it throughout all of their branches of the military, including all secret communications.
Facing a German invasion, the Poles shared their knowledge of Enigma with the British at their now famous Government Code and Cipher School, better known for their location at Bletchley Park, including their reconstructed Enigma machine that was a detailed replication down to the internal wiring.
The British, faced with the challenge of deciphering Enigma code messages in a timely fashion to generate actionable intelligence, devoted considerable resources including their top mathematicians, for a faster method to decrypt the German Enigma communications. This resulted in the Colossus Mark 1, which was the world’s first programmable, and electronic computer- purpose built for codebreaking. From the origins of these vacuum tube code decrypting behemoths started the computing revolution.
Computers have continued to be central to cryptography today. In the 1970’s, IBM developed a cipher known as Lucifer to encrypt corporate communications, that subsequently was adopted by the US’ National Bureau of Standards as the Data Encryption Standard (DES) for the protection of sensitive government data.
With a 56-bit key size, as computing power increased it was broken via brute force attacks, and this was demonstrated in 1999 when it was decrypted in under 24 hours. Shortly thereafter, in 2001, the shift was made by NIST to a new more secure block cipher, which became the Advanced Encryption Standard (AES), which features a block size of 128-bits, and multiple different key lengths of 128, 192 and 256 bits, which is currently still in use.
AES uses symmetric encryption, which means that the same key is used for both encryption as well as decryption. This is also known as shared-secret key encryption, and the weakness is that any user with the key can decode the message making the security of the key quite paramount. This type of encryption is commonly used for securing data stored on a hard drive.
The alternative is asymmetric encryption, which is also known as public key encryption. In this method, the code to encrypt the message can be shared, as it cannot be used to read the message, and is known as the public code. A second code, known as the private code, is necessary for decrypting the message. Asymmetric encryption is applied to many internet protocols, including the RSA security algorithm, that forms the basis of the SSL/TSL Protocol, which secures our computer networks.
While symmetric and asymmetric encryption are thought of as separate entities, in practice they are also used in combination across the internet. For example, symmetric and asymmetric encryption is combined for digital signatures, where both public and private keys are utilized for verification of the sender of the message, and to keep the message secure, and unaltered.
Cryptography also gets applied to secure browsing, via the encrypted tunnel that gets created via VPN technology. While there are several security protocols that can be used for the creation of an encrypted tunnel of a VPN, the state of the art choice is OpenVPN, which uses asymmetric encryption with both public and private shared keys, via an open source algorithm, and 256-bit encryption via OpenSSL.