21 | August | 2021 | Bring Up Science

It is pretty safe to say that we nowadays live in an era where gaining access to information is frighteningly easy. Sharing details of our life on unsecured channels can be a sure way to have our identity stolen, or potentially worse. And even on a secure channel, sharing personal information is a risky business as some people well-educated in cryptography can potentially hack into your account and decrypt all of this sensitive information. Of course, not all security protocols were created the same way, some might be much harder to decrypt, and some might be utterly simple. Thus knowing about the different cryptosystems out there is imperative.

I first learnt about cryptosystems in one of my undergrad courses, cleverly called (you guessed it) cryptography. The course was designed to ease us into the main concepts by first establishing the context. We must understand that a cryptosystem involves at least two agents (a sender and a receiver). The sender is, by convention, named Alice and the receiver, Bob. The system could also be infiltrated by a third agent, an eavesdropper, adeptly called Eve. So imagine you are suspecting your husband of cheating, you decide to grab his phone and attempt retrieving the messages sent between Alice (his mistress) and Bob (your husband). However, the phone is locked, and all you need is the key. You, portraying Eve in this situation, will attempt to retrieve the key to access the messages. Depending on the strength of the password, maybe you could break in, or perhaps you could not. That only depends on his carefulness and your wits.

Yet, Alice did not always send the encrypted message to Bob to hide information. In Egypt, about 1900 BCE, encryption was possibly intended as a game, like a puzzle or an enigma to solve. Only a sprinkling of people was actually able to read or write, which made the need to mask the written content futile. These few educated people were part of what we called the elite. Since they were so few, these people produced these word puzzles to decode for entertainment only. However, now that most of us know how to read and write, one must know how to hide critical information. Encryptions require a cryptosystem, where its most important part is the key. Therefore, for a cryptosystem to be successful, finding the key must be hard. The more difficult it is to retrieve the key, the better kept is the information. That is why information technology experts recommend using different passwords for each one of our accounts.

One of the easiest ways to encode text is to convert our traditional alphabet into a numerical one, for example, A=0 and Z=25. Thus, now you could say hello using this string of numbers 7 4 11 11 14. Now, a more secure way to hide this hello, which remains easy, would be to add a unique number to every single numerical letter. In this case, if we add 5, the string would become 12 9 16 16 19. This numerical series would then translate to ‘MJQQT,’ which evidently makes no sense. We would immediately know that the message results from encryption. In this case, decrypting the message may then be tempting. Luckily for us, there would be ways for us to find out the key. We would only need to exploit the existing flaws within the system. If we pay close attention to the series, we could notice the repeating letters. Then, without too much issue, we may be able to infer the initial message. With all this information, we could easily find out the key and decrypt all future messages. All you would need to do is look for words in the dictionary with repeating letters at the third and fourth positions. The chances are that you would find hello, and thus you could also find that the key is five, rendering this key useless for future discussion between Alice and Bob.

To fix this flaw, we could decide to use a set of different numbers as our key. For instance, if the key is composed of 5 entries, then every string of five letters in the text could be encrypted using the key. Additionally, if our initial message remains HELLO (7 4 11 11 14) and our key is LWAJF (11 22 0 9 5), then the final encrypted text would be SALUT (18 0 11 20 19). We did it. There is no longer any repeating number, the flaw is now corrected, and we made the codes that much harder to crack. This type of cryptosystem has been used by the Germans – between the First World War and the Second World War – for most of their international communications. For the best part of this period, the only hints into the codes emerged from the work of the brilliant and very competent codebreakers at Bletchley Park in England.

Luckily, by the beginning of the Second World War, a genius mathematician succeeded in developing a code-breaking machine able to decrypt the Enigma Code provided by the Enigma machine. The Enigma machine was a manufactured cypher machine, an awfully mighty encrypting machine. Its successes were related to the automatization of the encryption, which involved using three or four independent rotors. Each rotor could alter the initial letters by adding the corresponding number associated with the key. More importantly, this key was changed daily, rendering the output messages that much harder to decrypt. That was until the day that Alan Turing, the genius behind the Bombe machine, came into the picture. This new instrument was strong enough to decode any of the Enigma Codes. His work in cryptanalysis was crucial, and it helped gain grounds against the Nazis. Eventually, the collapse of the communication bridge between the Nazis everywhere helped turn the tide, leading the Englishmen and their allies to victory.

By all means, the advances in cryptography didn’t stop after the Second World War. Even though encrypting messages for communication was rendered somewhat obsolete, the progress in computer science has made the need for storing data and protecting sensitive information fundamental. So, the key got evermore complex, and instead of being different permutations, the keys became invertible matrices. And despite all these breakthroughs in encryption, a similar effort in decryption impelled the mathematicians to produce more advanced cryptosystems. To replace the invertible matrices, the encryption finally involved huge prime numbers as its key; the bigger, the better. The number 53 won’t suffice anymore, I’m afraid.

Even so, this was a pretty appealing solution when first adopted. Now, it has become ever more complex to find new prime numbers to use. The need to consistently come up with new prime numbers arose from computers becoming more and more powerful. Tools needed to discover increasingly huge prime numbers were then also more accessible. Soon, we were required to push the limit and reach for yet undiscovered prime numbers.

This quest for more secure encryption is not over, and only time will tell which new approach will take over. Still, encryption for storing data has made incredible leaps in the last few years. Recent advances made our most popular 8 GB flash drives pale in comparison to our new 2 TB flash drives. Still, 2 TB of data storage doesn’t provide enough storage power when dealing with enormous amounts of information. Some scientists may have found a way to resolve this issue by finding a new medium to hold the encrypted data. It turns out that synthetic molecules could be the key for storing megatons of data in very tiny spaces. This approach proves particularly promising as the system used would involve a hexadecimal code (16) instead of the binary system (2) used in all current storing devices.

Other scientists have even tried to code messages in bacterial DNA and were even successful in retrieving the initial information. From all these innovations, we can observe that our need for storing data is constantly increasing. Evidently, we live in a world where information is becoming overly abundant. Anything can get encrypted; what we write, how we speak, how we behave and potentially how we look. The grandeur of this scheme can only raise the question of how we deal with all this sensitive information put out there. One could suggest shunning the use of all electronic devices entirely. Alternatively, some others might opt to encourage, maybe even force, companies to be more transparent about their information acquisition and storage. Anyhow, we all must be careful about the potential risk associated with our online presence. At the very least, we must remember to stay alert against any possible phishing attempts, we should regularly change our passwords, and we must never share these passwords with anyone, no matter what.

I thank you infinitely for reading this post and if you would like to know more about the mysteries that surround us, please join my subscription list to keep up with my newest content. If you have any questions, please add them to the comment section and I’ll make sure to answer them as soon as humanly possible.