21
Thu, Nov
1 New Articles

As Old As Secrets

Commentary
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Encryption is one of those words in the contemporary lexicon that is freely tossed about to describe something that is part mystery and part act of faith. For millions of computer users, encryption is little more than a hopeful abstraction, steadfastly assumed to protect our most confidential data.

Few people outside of those directly concerned with data security need to understand how encryption works. Fewer still know much about its origins or of the colossal obstacles surmounted by brilliant, if largely anonymous, mathematicians. But to study the history of encryption is to enter a world of intrigue, espionage, and mathematical wizardry. For thousands of years, people have found it necessary to disguise their communications. And for an equal number of years, those with patience and skill have found ways of deciphering hidden messages. Encryption is almost as old as secrets, and its evolution is superbly chronicled by Simon Singh in The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography. The earliest techniques for sending confidential messages were more a matter of cleverness than coding. Singh recounts an incident chronicled by Greek historian Herodotus in which a messenger’s head was shaved and the message written on his scalp. The sender then patiently waited for the messenger’s hair to regrow before he dispatched him with the missive. This was, as Singh notes, “clearly a period of history that tolerated a certain lack of urgency.”

Giving new meaning to the word “urgency,” the Chinese inscribed messages on fine silk, rolled into tiny balls, then covered with wax. Messengers were obliged to swallow the container before swiftly setting off to deliver its contents. Although Singh delicately avoids speculation, this system had some obvious retrieval drawbacks.

But hiding a message, no matter how adroitly, leaves the sender vulnerable to discovery or betrayal. Cryptography was developed to disguise not the existence but the meaning of a message so that even if it were intercepted, it cannot be understood.

Disguising communications employs two principal methods: transposition and substitution. Transposition involves rearranging the order of the letters that comprise a message. Its virtue is simplicity and a staggering amount of possible encryption choices, even for a very short message. For example, the message “Meet Paul at the train station at midnight” contains only 35 letters, but, as Singh notes, “there are more than 50,000,000,000,000,000,000,000,000,000,000 distinct arrangements of them.” The world’s entire population working day and night would require “more than a thousand times the lifetime of the universe to check all the arrangements.” That, of course, was before computers significantly shortened the task.



Substitution entails replacing each letter of a text with a different letter, so that “meet Paul” may appear as “bvvq Rmwd.” Jumbling the letters of the alphabet can create a ciphertext of even greater variety than transposition. But since certain letters are used more often than others, educated guesses can be made according to the frequency and positioning of characters. When transposition and substitution are used in tandem, however, they make a formidable cipher. The encryption procedure itself is called the algorithm; how the algorithm is applied becomes the key. As the name suggests, the key is the essential component for unscrambling an encrypted communication.

Before World War II, the Germans developed a brilliant encryption device called Enigma, a mechanical computer that employed three levels of transposition and substitution believed (erroneously) to be unbreakable. But one of the difficulties in producing complex encryption is that both the sender and the receiver had to use the same key to encode and decipher the message. Every Enigma operator had to be issued a monthly code book that contained daily encryption keys. During the war, with troops constantly on the move and ships and submarines patrolling the sea lanes, disbursement became a logistical nightmare.

In cryptography circles, this is known as the problem of key distribution. The dilemma is how to transmit a key to the recipient without compromising the message. If the key is transmitted along with the message, it can be intercepted and the message decoded. One option is to deliver the key separately, perhaps by messenger—a viable solution if transmissions are infrequent and recipients are nearby. But as the number of transmissions grows and becomes geographically dispersed, dispatching messengers becomes highly inefficient and cost-prohibitive.

With the growth of business computing, the problem of key distribution intensified. Banks, Singh recounts, would “dispatch riders...across the world with padlocked briefcases” to deliver decryption keys. But the reliance on third parties as delivery vehicles for decoding private communications was rightfully seen as both oxymoronic and a security risk. For decades, mathematicians labored unsuccessfully to solve the quandary of key distribution, and many concluded it was unsolvable.

Nonetheless, a solution was eventually devised in the mid-1970s, and Singh describes it as “the greatest cryptographic achievement” in over 2,000 years. The resolution employed so-called “one way” mathematical functions, operations that are simple to perform but difficult or impossible to reverse. Singh likens these functions to mixing two colors of paint: easy to do, hopeless to undo. Imagine that the sender and the recipient both have a gallon of white paint, to which each adds a secret color; the sender adds orange and the recipient adds purple. They exchange mixtures, to which each then adds his own secret color. They now both have identical mixtures. The end product is the key by which a message can be both encrypted and decrypted. Even if an unscrupulous party learned that white was the base color, or was able to intercept the exchange of mixtures, it would do him no good without knowing the two secret colors.

This process, however, had limitations; namely, the sender had to contact the recipient to exchange the results of mathematical calculations, which, when processed through a series of modular arithmetic functions, would yield the key. The breakthrough was that the information could be exchanged remotely, over an unsecured phone line, for example, and it would be meaningless if intercepted.

The method, although revolutionary, was labor-intensive and could not hope to sustain the volume of encrypted data that now flows across the Internet. Imagine having to contact every recipient to work out an encryption/decryption scheme each time you wanted to send encrypted emails or a credit card number to a vendor.

The solution required an “asymmetric” cipher, one that did not require both parties to have an identical key and therefore eliminated the need to exchange information. Such a theory had been proposed by others, but Ron Rivest, a computer scientist, “had a revelation” one night after drinking “significant amounts of...wine.” His insight marked the birth of public key cryptography, a system that allowed a person to post a public encryption



key that would be available to anyone wishing to send him a coded message, while the private decryption key would remain known only to him.

The system required multiplying two prime numbers—the larger the better—the results of which become the public key, while the original prime numbers act as the private decoding key.

On the surface, reversing the multiplication of two numbers seems a fairly trivial task. But factoring prime numbers is, as Singh points out, “very time consuming.” Just how difficult is it? When the cipher was introduced in a Scientific America article in 1977, the magazine offered a $100 prize to anyone who could decode a ciphertext of modest length. The author even provided the public key used to encrypt it. Singh reports that it took a team of 600 volunteers 17 years to break the cipher.

Public key cryptography is the basis for the fully automated encryption systems that are now available for use on the Internet. One system, developed in the early ‘90s, that achieved a level of notoriety was PGP, which modestly stands for Pretty Good Privacy. Actually, the level of privacy was so good that the National Security Agency, which employs more mathematicians and computers than any agency in the world, demanded a limit on key lengths, fearing it had insufficient horsepower to crack intercepted ciphers.

From a national security perspective, algorithms were becoming annoyingly sophisticated even before PGP. In 1976, IBM announced its Data Encryption Standard (DES), which caused an uproar in security agencies. Singh likens the encryption process to “kneading a slab of dough”:

First, the message is translated into a long string of binary digits. Second, the string is split into blocks of 64 digits, and encryption is performed separately on each of the blocks. Third, focusing on just one block, the 64 digits are shuffled, and then split into two half-blocks of 32, labeled Left0 and Right0. The digits in Right0 are then put through a “mangler function” which changes the digits according to a complex substitution. The mangled Right0 is then added to Left0 to create a new half-block of 32 digits called Right1. The original Right0 is relabeled Left1. This set of operations is called a “round”....This
process is repeated until there have been 16 rounds in total.

Algorithms became even more complex in the ensuing years. But the long battle between code-makers and code-breakers is heading toward a climax. In the near future, the state of computing may reach a point of impasse where no prior encryption would be unbreakable and all future encryption would be absolutely undecipherable. A quantum computer would be capable of massive, nearly instantaneous parallel processing. No cipher would be complex enough to confound it. And to encrypt messages, quantum computers would use polarized photons, whose behavior is unpredictable and therefore impossible to divine.

Governments naturally fear total, inviolate privacy. Without the ability to snoop, governments lose control of their citizens. “A quantum computer,” Singh predicts, “would jeopardize the stability of the world.” But if stability comes at the cost of privacy, perhaps it’s overrated.



BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: