Cryptography
Primarily, cryptography describes the art and science of sending hidden messages. As described by mathematician Simon Singh, in his book The Code Book, the field of encryption consists of a never-ending war between cryptographers, who hide information, and also cryptanalysts, who seek to read that information. Encryption has a long and colorful history, from its infancy in the days of ancient Greece and Rome, through maturity during World War II, to where it stands today, securing billions of dollars every day through the gleaming corridors of the Internet. The potential growth of encryption is no less changeable, as new advances in mathematics, computing and quantum theory bring encryption into an exciting future. These new methods and cryptographical techniques are driven further and faster by the actions of those who seek to break encryption. Every time cryptographers take a step forward, their methods are eventually cracked by cryptanalysts, and so encryption must evolve to a new, more secure form (Singh, 1999).
Looking back in history, encryption has existed ever since humans wished to communicate in secret. Some of the earliest methods of hiding messages sound like child’s play, but they were an important step in the evolution of encryption. Lawrence Smith, in his book Cryptography: The Science of Secret Writing, describes a method from the 5th century B.C., detailed by Herodotus in his Histories, where a Persian nobleman, Histiaeus, wished to send a secret message to his ally in Greece. Histiaeus took his most trusted slave and tattooed the message onto his shaved head. Histiaeus waited for the slave’s hair to re-grow, and then sent him to his ally with instructions to shave his head again when he arrived (Smith, 16). In this case, the message was not changed into secret code, but merely hidden from plain sight. This practice of hiding messages has evolved since the days of shaving the heads of slaves. Dorothy Denning, author of Information Warfare and Security, describes how during World War II, a German spy sent a secret message disguised as a press cable, where the message was hidden as the first letter of each word (Appendix A) (Denning 311). The latest evolution of this process is computerized programs that can hide text in seemingly innocent computer files, such as images.
Encryption techniques also allow for messages to be intercepted and still remain secret. In this scenario, it is assumed that the information will be captured, and so the text must remain indecipherable to everyone except the correct recipient. Secretcodebreaker.com describes the earliest known example of this method, the Caesar cipher. Caesar allegedly used an encryption method where he “substituted each letter of the alphabet with a letter three positions further along.” For example, the word DEVRY UNIVERSITY’ would become GHYUB XQLYHUVLWB’, rendering the text unintelligible to anyone who did know how to decrypt it. Again, cryptanalysts successfully attacked the method, and so it had to improve. For example, if the message is long enough, then statistical analysis can find single characters repeatedly on their own, which are likely to be the letters A or I. Better encryption would therefore leave out the spaces between words. Further analysis, however, could reasonably guess that three characters grouped together and repeated many times throughout the text would likely be the word THE’, or that the most frequent letter in the text would likely to be the letter E (Singh).
Against these challenges, encryption of this type evolved so far and became so sophisticated that by the time of the Second World War, the German army used it to communicate with their troops across the world, safe in the knowledge that there was not a person alive who could break it. Unfortunately for Germany, their code was being attacked by something that wasn’t human.
Secure communications being vital to any war, Germany’s troops in World War II communicated using an Enigma machine. The Enigma machine was a small device, about the size of a typewriter, on which officers would type their messages. The Enigma machine would encrypt the message, which would be sent openly over the radio and decrypted by a similar Enigma machine at the other end. At the heart of it, the Enigma machine was merely performing an alphabetic shift akin to the Caesar cipher, but its intricacies were staggering. The machine, described in detail at codesandciphers.org.uk, had 104,456 possible starting positions, and once started, passed each individual key pressed through one of 17,576 possible alphabets, shifting the alphabet for each key. This rendered all previous statistical cracking techniques useless. As the war progressed, however, Polish mathematicians developed a method for cracking the Enigma Code. Unfortunately, this method was laborious and took an inordinate amount of time (Douglas). When the Poles shared their techniques with their allies, British intelligence set to work on automating the Enigma cracking process. Out of this work, they produced arguably the world’s first digital computer, Colossus (Agar). Using Colossus and other techniques, the Allies cracked first the German, and then the Japanese codes, and set in motion the end of the war.
Encryption author Paul Garrett, in his book Making, Breaking Codes: Introduction to Cryptology, describes the breaking of the German codes during the Second World War as a critical event in the evolution of cryptography. Garret labels the period before 1940 as the classical period’ of cryptography. After 1940, he asserts, the field of encryption was changed for ever by the invention of the digital computer, bringing encryption to what he terms the modern age’ (Garrett.) Today, computers have been used to create encryption methods that are so secure that it would, according to a Microsoft security article, take ten million computers 10,000,000,000,000 years (1000 times longer than the estimated age of the universe) to crack (microsoft.com). These impenetrable techniques form the cornerstone of today’s information society.
Given the boom of the Internet and its proliferation of ideas, encryption methods, which are essentially nothing more than mathematical procedures, are now freely available to anyone around the world. The US government has, in the past, attempted to ban the export of so called strong encryption’, but due to the ephemeral nature of this technology, the government has capitulated (house.gov). Today, anyone can go to www.truecrypt.org and download TrueCrypt, a free program that creates a hidden area on a user’s computer that contains and hides all their secrets. TrueCrypt allows its users to encrypt their files with the same level of secrecy that the US National Security Agency decided in 2003 is “sufficient to protect classified information up to the Top Secret level” (truecrypt.org).
In 1991, Phil Zimmerman released Pretty Good Privacy (PGP), a computer program that allowed computer users to send secure and secret emails to each other. Some twenty-six years later, PGP is a booming company with encryption products that cover emails, instant messaging, or entire computer networks (pgp.com.) An article entitled The Encryption Revolution’ in the December 10 issue of Network World magazine, details corporate use of encryption products to secure vital information. PGP is described as being used by organizations as diverse as Standard Chartered Bank, Heartland Health Hospital and Career Education Corp. Figure 1, reproduced the article, shows the great extent to which organizations are using encryption products (Network World).
Figure 1 Organizational use of encryption products.
Vast libraries of freely available encryption products benefits not only corporations, but also individuals who have a need or desire to send messages in secret. Internet users who live in dictatorial regimes like China often use encrypted internet connections to escape their government’s repression (jmsc.hku.hk.) Reactionaries and those seeking revolutionary change can also use free encryption techniques to keep their communications private from their oppressors.
Encryption, however, treads a thin line between keeping secrets from an oppressive regime, and acting as a means to foster acts of crime or terrorism. As the Clinton administration said in 1994, quoted in Laudon & Laudon’s book, Information Systems, “Unfortunately, the same encryption technology that can help Americans protect business secrets and personal privacy can also be used by terrorists, drug dealers, and other criminals.” As an example, terrorists could use techniques described earlier to embed a password protected message in an image file, and post the image file on an innocuous eBay auction (nytimes.com.) Without careful analysis, nobody could notice the message was present, and even if detected, the message would remain secret without the correct password.
Many aspects of law enforcement are made much more difficult in a world where anyone can utilize government level encryption techniques. Legal approaches to this problem have faced mixed success. In the UK for example, the British government passed the Regulation Of Investigatory Powers Act (RIPA) which has, since October 2007, stated that when challenged, UK citizens must hand over the keys to their encrypted computer files to authorities (homeoffice.gov.uk.) This law was originally passed as a method to combat global terrorism. As reported in a BBC news article, however, the first use of the law has been to demand the secret keys held, not by international terrorists, but by animal rights activists. The article quotes cryptographers who oppose the RIPA, who point out that the penalty for not disclosing secret keys to the police is only two years. Terrorists or pedophiles, they indicate, would gladly suffer two years of imprisonment rather than face a much stiffer sentence if their secret files were revealed (bbc.co.uk). The RIPA can also be misused if an encrypted computer file is placed on an individual’s computer without their knowledge. As the individual has no awareness of the file, they would not know the key when challenged, and so would face a penal sentence. In contrast to the approach of the British judicial system, a judge in America recently ruled that a man suspected of possessing illegal pictures on his computer could not be compelled to reveal his password, as that would contravene his Fifth Amendment right to avoid self-incrimination (news.com.)
Encryption technologies, like many technologies, have the potential to heighten the rich/poor gap both within and between countries. As encryption and decryption methods often require years of research and immense computing power, those who can afford to pay can enjoy better protection. Developed countries undoubtedly have more resources to track and attempt to crack messages than do developing countries.
As mentioned in the introduction, encryption is a war between cryptographers and cryptanalysts. This war has produced not only ever-improving encryption techniques, but also increased knowledge of pure mathematics (cosic.esat.kuleuven.be). It has also been demonstrated that cryptanalysts working during the Second World War kick-started the computer revolution. The constant drive for secure communications ensures that encryption technologies are driven by continuous research.
Nowadays, the world of consumer shopping, especially in the Western world, has undoubtedly been changed by the spread of the Internet and the World Wide Web, but without secure encryption methods the market would be a fraction of what it is today. The latest statistics from global Internet information provider, comScore, show that Americans have spent more than 20 billion dollars in the period from November 1 to December 11, 2007 (comscore.com.) This huge market is made possible by the encryption that is built in to today’s Internet browsers. Using the Internet, shoppers can send their credit card details across the world, safe in the knowledge that their personal information is encrypted and unreadable (Denning, 307). Business practices also rely on secure communications over the Internet. A Morgan Stanley Dean Witter report entitled The B2B Internet Report,” describes how business-to-business (B2B) transactions should take advantage of the Internet as it “greatly reduces the spatial gap posed by geography by logically connecting businesses regardless of location” (morganstanley.com.) Such business transactions could not occur without secure, resilient encryption.
Additionally, beyond the applications of the Internet, encryption plays a role in many other functions of life. The GSM cell-phone standard, for example, used by over 2.1 billion people in 222 countries and regions across the world (coveragemaps.com,) relies on solid encryption methods to make it the “most secure mobile communication standard currently available” (hackcanada.com.)
Given the rampant rise in movie piracy, the latest generation of Hollywood movies is distributed on DVD, Blu-Ray and HD-DVD. All these formats use encryption techniques to stop criminals copying and distributing them. As an example of the relentless struggle between cryptographers and cryptanalysts, DVD encryption was broken in September 1999, and the encryption standard behind both Blu-Ray and HD-DVD was broken in February 2007 (lemuria.org, wired.com.)
Recently, the world of encryption has enjoyed a revival in the arts, thanks to Dan Brown’s bestselling book, The Da Vinci Code. In the book, the hero and his glamorous girlfriend cross the world, solving cryptographical riddles in an attempt to find the descendants of Jesus (Brown). Encryption has long been standard fare in literary works, as it allows the reader to involve themselves in solving the puzzles, much like a child uses a decoder ring to crack the secret code on a cereal box. In fact, a new genre of books has been created, where the story takes second place to the encrypted puzzles. The first of this kind, Masquerade, a book by Kit Williams published in 1979, contained a series of illustrations that led the reader to the location of a 22-carat gold hare buried somewhere in Britain (treasureclub.net.) The latest of the genre is A Treasure’s Trove, by Michael Stadther, a fantasy book that contains clues leading to jewels hidden across the United States, worth a total of $1 million (news.com.)
As a tool, encryption is neither inherently good nor bad. Certainly, like any tool, it can be used for any number of purposes. It can be used by hate groups to send illegal images to one another, or by young children to hide their diary from nosy siblings. As stated previously, the availability of free, ultra-secure cryptographic computer programs has meant that groups can communicate in complete secrecy across the world. To the consternation of governments and law officials, times have changed since, in the early twentieth century, Senator Henry Stimson uttered the quaint line, “Gentlemen don’t read other gentlemen’s mail” (Jones, Kovacich, Luzwick.) Today, government interception of mail is big business. The US government’s Echelon program is described in a European parliamentary report as “a global system for intercepting communications, operating by means of cooperation proportionate to their capabilities among the USA, the UK, Canada, Australia and New Zealand.” While this appears to be a sterling effort to combat global terrorism, the report also found that “the US intelligence services do not merely investigate general economic facts but also intercept detailed communications between firms, particularly where contracts are being awarded.” The concern of the European government is plain to see in the report, which opens with the question “Sed quis custodiet ipsos custodies”, or “Who is to guard the guards themselves?” (fas.org.) Although there is little that citizens can do to stop their communications being intercepted by such massive state-organized monitoring programs, encryption ensures that captured messages will remain secret from electronic eavesdroppers.
Discussing his ideas of mathematics and physics, “Prediction,” said physicist Neils Bohr “is very difficult, especially if it’s about the future” (brainyquote.com.) The future of encryption, while difficult to envisage in detail, is at least assured. Ever since the first digital computers were built to crack Germany’s wartime codes, the fate of encryption has been inexorably tied with that of computing. Current encryption techniques rely on keys that would take modern computers an inordinate amount of time to crack. Many computer experts, however, believe that the future of computing lies in quantum computers (nature.com). Using quantum techniques could be a boon to both sides of the cryptography battle. Cryptanalysts could harness the massive power of quantum computers to crack current encryption methods much faster than would be possible using conventional methods. (Siegfried, 83). Cryptographers can also use the quantum world to their advantage. An article in New Scientist details how cryptographers are using quantum encryption to secure election results. Using the unique properties of quantum mechanics, researchers have constructed a system that can send a message from one place to another, such that the message is irreversibly altered if it is intercepted along the way. This method is being used to transmit the results of Swiss elections to ensure that no-one is spying on the information transmitted (newscientist.com.)
Exact methodologies aside, as economies and governments are driven further and faster by the supply and demand of information and communication, encryption plays an inescapable role in keeping all of that data secure and secret. In addition, while the battle rages between cryptographers and cryptanalysts, human technology, knowledge and ambition are pushed ever and ever higher.
Appendix A.
In her book Information Warfare and Security, Denning explains a simple encryption technique that a German spy used in order to send secret information about a ship, The Pershing, during World War II.
The spy issued an innocuous looking press cable which read:
PRESIDENT’S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW, STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY.
Taking the first letter of each word, the message spells out:
“Pershing sails from NY June 1.”
-Denning (311)
Works Cited
Agar, Jon. “Secret giants. ” Rev. of: Colossus: The Secret of Bletchley Park’s
Codebreaking Computers . Nature 442.7104 (2006): 746. Research Library. ProQuest. DeVry University Library, Oakbrook Terrace, IL. 8 Dec. 2007 http://www.proquest.com.proxy.devry.edu/
“BBC NEWS | Technology | Campaigners hit by decryption law.” BBC NEWS | News Front Page. 12 Dec. 2007 .
Ball, Phillip. “2020 computing: Champing at the bits : Article : Nature.” Nature Publishing Group : science journals, jobs, and information. 22 Mar. 2006. 16 Dec. 2007 .
Beschizza , Rob. “The New HD-DVD/Blu-Ray Hack: What It Might Mean For Us | Gadget Lab from Wired.com.” Blogs Home – Wired Blogs. 13 Feb. 2007. 14 Dec. 2007 .
Brown, Dan. The Da Vinci Code. New York: Anchor, 2006.
Denning, Dorothy E.. Information Warfare and Security (ACM Press). New York: Addison-wesley Professional, 1998.
Douglas, John / The Grand Rapids Press. “‘Enigma’ account of Nazi code is fascinating ;
Brave Poles broke code, then smartly guard fact :[All Editions]. ” The Grand Rapids Press [Grand Rapids, Mich.] 24 Mar. 2006,D4. Business Dateline. ProQuest. DeVry University Library, Oakbrook Terrace, IL. 16 Dec. 2007 http://www.proquest.com.proxy.devry.edu/
Garrett, Paul. Making, Breaking Codes: Introduction to Cryptology. Alexandria, VA: Prentice Hall, 2000.
“Home Office | About RIPA.” Home Office | Home. 12 Dec. 2007 .
Johansen , Jon. “- The Truth about DVD CSS cracking by MoRE and [dEZZY/DoD] -.” – The Truth about DVD CSS cracking by MoRE and [dEZZY/DoD] -. 4 Nov. 1999. 14 Dec. 2007 .
Jones, Andy, Gerald L. Kovacich, and Perry G. Luzwick. Global Information Warfare: How Businesses, Governments, and Others Achieve Objectives and Attain Competitive Advantages. chicago: Auerbach, 2002.
Kolata, Gina. ” Veiled Messages of Terror May Lurk in Cyberspace – New York Times.” The New York Times – Breaking News, World News & Multimedia. 13 Dec. 2007 .
Laudon, Kenneth C., and Jane Price Laudon. Information Systems. A Problem-Solving Approach. Third Edition.. New York: Harcourt School, 1995.
Margrave, David. “GSM Security and Encryption.” Hack Canada – We’ve been *very* naughty.. 13 Dec. 2007 .
Marks, Paul. “Quantum cryptography to protect Swiss election – tech – 15 October 2007 – New Scientist Tech.” Technology news and new technology highlights from New Scientist – New Scientist Tech. 15 Oct. 2007. 16 Dec. 2007 .
Mccullagh, Declan. “Judge: Man can’t be forced to divulge encryption passphrase | The Iconoclast – politics, law, and technology – CNET News.com.” Technology news – CNET News.com. 14 Dec. 2007. 15 Dec. 2007 .
Messmer, Ellen . “The Encryption Revolution.” Network World 10 Dec. 2007, 24: 20.
“Niels Bohr Quotes.” Famous Quotes and Quotations at BrainyQuote. 15 Dec. 2007 .
” Online Retail Spending Surges on Green Monday’ and Sets New Record with $881 Million in Sales, Up 33 Percent Versus Year Ago.” comScore, Inc.. 15 Dec. 2007 .
“PGP Corporation – Products – PGP Encryption Solutions.” PGP Corporation – Hard Disk Encryption, File Encryption, Secure ftp Server, Hard Drive Encryption, Enterprise Data Protection. 16 Dec. 2007 .
“REPORT on the existence of a global system for the interception of private and commercial communications (ECHELON interception system) (2001/2098(INI)).” EUROPEAN PARLIAMENT. 11 July 2001. 13 Dec. 2007 .
Reynard, Robert. “Cipher that Caesar Used.” Secret Code Breaker Online. 10 Dec. 2007 .
Sale, Tony. “The Enigma – 1.” WW II Codes and Ciphers. 16 Dec. 2007 .
Siegfried, Tom. The Bit and the Pendulum: From Quantum Computing to M Theory-The New Physics of Information. New York, NY: Wiley, 2000.
Singh, Simon. The Code Book. London: Fourth Estate, 2000.
“Smith (WA09) – Technology & Economy Press Release – Smith Fights To Eliminate Encryption Software Export Ban.” United States House of Representatives, 110th Congress, 1st Session. 8 Sep. 1997. 14 Dec. 2007 .
Smith, Laurence D.. Cryptography: The Science of Secret Writing. New York: Dover Publications, 1955.
Souradyuti, Paul. “Cryptology: A Mathematician’s Quest for Making and Breaking the Code.” Cryptology: A Mathematician’s Quest for Making and Breaking the Code. 1 Sep. 2005. 13 Dec. 2007 .
“Symetric Key Length.” Microsoft TechNet. 10 Dec. 2007 .
Terdiman, Daniel. “Treasure hunt yields unexpected trove | CNET News.com.” Technology news – CNET News.com. 14 Dec. 2007 .
“The Armchair Treasure Hunt Club – Masquerade.” The Armchair Treasure Hunt Club – Home. 13 Dec. 2007 .
“TrueCrypt – Free Open-Source On-The-Fly Disk Encryption Software for Windows Vista/XP/2000 and Linux – Documentation.” TrueCrypt – Free Open-Source On-The-Fly Disk Encryption Software for Windows Vista/XP/2000 and Linux. 16 Dec. 2007 .
“Working From Mainland China.” New Media Workshop. 12 Dec. 2007 .
“coveragemaps.com – Publications – World Coverage Map.” coveragemaps.com – Innovators in mobile/cellular coverage mapping. 14 Dec. 2007 .
