By Paul Rosenzweig, The George Washington University
To avoid surveillance, some people turn to encryption. They code their communications into undecipherable gibberish, to hide it from government scrutiny. But they aren’t always successful. Encryption, as a defensive mechanism, is not a perfect solution. But what it can do is ensure that your information is confidential, and can’t be read by anyone else, without your permission. So how does it work?
The Components of Encryption
Conceptually, encryption involves three separate components: plaintext, algorithm, and key. The plaintext is the substance of the message that the sender wants to convey.
Of course, this information doesn’t really have to be text, at all. It can be any data in any form that is more valuable to the sender if kept unknown to someone else. The algorithm is a general system of encryption. In other words, it’s a general set of rules for transforming a plaintext.
Algorithm and Key
One example of an algorithm is a cipher where, let’s say, each letter of the plaintext might be replaced with another letter. The algorithm here is, “replace each letter with another”. The third and most essential component of an encryption system is the key. That is the specific set of instructions that will be used to apply the algorithm to a particular message.
A cipher key, for example, might be used to replace the original letter with the letter that is five letters after it in the English alphabet. Using this simple algorithm and key, the plaintext CAT could then be converted to the gibberish HFY, and the result would now be known as the ciphertext.
The critical feature is that only someone who has the algorithm, and the key, can decrypt the ciphertext. So even if the ciphertext is physically intercepted, the contents remain confidential.
Learn more about the tension between surveillance and the rule of law.
History of Ciphers
We’ve been creating ciphertexts for quite a long time. One of the earliest recorded instances of encryption is in The Histories by Herodotus, who described how clandestine communications played a part in saving the Greeks from being conquered by Xerxes, the King of Persia. A Greek, witnessing the buildup of the Persian fleet, sent a message to Sparta warning of Xerxes’s plans. To keep the message from being intercepted, it was concealed beneath the wax covering of a wood tablet.
Other early mentions of coded writing can be found in the Kama Sutra, which counseled women to record their liaisons in secret writing. Julius Caesar’s use of code was so common that the type of algorithm he used—the letter-shift system just mentioned—is sometimes called the Caesar cipher.
This is a transcript from the video series The Surveillance State: Big Data, Freedom, and You. Watch it now, on Wondrium.
If we restrict ourselves to shifting letters of the alphabet, there are only 25 possible keys—one for each successive shift of the alphabet before we get back to the start. That’s pretty weak protection. All you have to do is try each of the 25 possible keys, and one of them is going to work.
If we loosen the algorithm a bit, however, and instead of a shift rule, apply a rule that allows any rearrangement of the 26 letters of the English alphabet, then the number of potential keys increases astronomically to well over 400 septillion different possible arrangements. That’s a four followed by 24 zeros. That makes a brute force effort to discover the key by trying every possible one difficult, indeed.
Breaking the Cipher
In the 9th century, Arab scholars established that a cipher can be broken by something known as frequency analysis. Frequency analysis rests on the knowledge that, for example, in English the letter “e” is the most common vowel. Other common letters in regular usage include “a”, “I”, “n”, “o”, and “t”. With this, deciphering ciphertext becomes much easier. It is far more likely than not, that the most frequently used cipher letter represents one of these common English letters.
In a ciphertext of any reasonable length, there is virtually no chance that, for example, the most common cipher letter would be the one that was used to signify a “q” or a “z”. This sort of knowledge makes decryption easier, and it reduces the need for a brute force approach. Indeed, it is a fair assessment of the art of cryptography that, until the dawn of the computer era, decryption was quite effective.
The keys themselves could be stolen, or they could be decrypted, using such techniques like frequency analysis. Even the notoriously difficult German Enigma code from World War II yielded to frequency analysis by English cryptographers at Bletchley Park.
Learn more about espionage and surveillance.
Mathematics and Cryptography
However, in the late 1970s, enterprising cryptographers developed a way to encrypt information using the multiplication of two extremely large prime numbers, and certain one-way mathematical functions. Most mathematical functions, like addition and subtraction, work in both directions. You can get the results from the precursors, or the precursors from the results, so to speak.
In contrast, with one-way functions, someone who wants to receive encrypted messages can publish the result of an extremely large multiplication as a public key. People who want to send this person a message can use the public key to encrypt their message. And since only the creator knows how to break down his exceedingly large number to its original primes, only he can decrypt the message.
Today, you can embed this type of encryption into your e-mail system with an expensive software program. If the users at both ends of a message use this form of public key encryption, the message they exchange between themselves becomes, effectively, unbreakable by anyone other than the key’s creator. Unless, of course, a hacker attacks the creation of the key at its source.
Modern algorithms can also provide you with a means of confirming that the information you received has not been tampered with in any way. Advances in cryptographic technology have made it difficult, increasingly, for individuals to crack a code. Code breaking is as old as code making, naturally. But encryption increasingly has advanced beyond decryption, to the point where decryption is in some cases almost impossible. This has the positive benefit of enabling legitimate users to protect their lawful secrets.
Common Questions about Encryption and Its Types
The substance of the message that the sender wants to convey is called plaintext. This doesn’t have to be text at all. It can be any data in any form.
The algorithm is a general system of encryption. In other words, it’s a general set of rules for transforming a plaintext into something that can’t be understood easily.
The two most common decryption methods were brute force and frequency analysis.