In this article,
- What is it?
- Origin of cryptography
- Why do we need it?
- Ciphers and Codes
- Caesar Shift Cipher
- Enigma Code
- Morse Code
- Public-Key Ciphers
- Why Cryptography?
What is it?
The DuckDuckGo community, in simple words, defines cryptography as 'the art of secret writing.' A more technical definition can be "the practice and study of techniques for secure communication in the presence of third parties called adversaries," as on Wikipedia. The word cryptography has derived from the Greek language, κρυπτός (Kryptos), meaning hidden and γράφειν (graphia), meaning writing.
“ Acknowledge with cryptography no amount of violence will ever solve a math problem.”
Remember when your teacher made you and your best friend on the far sides of the classroom because you couldn't keep hush for even a minute? And then you would start passing chits to communicate because you couldn't keep your crush on that cute girl or boy in your stomach? You would write it in a manner that curious minds could not figure out what in God's name you wrote on it. That secret code you used would be a code or a cipher if what you wrote was a unique language (not the 'ugly, not understandable' version of your handwriting). Although that time, the stakes were not that high (yeah, apart from the embarrassment), but now they are. While the world has shifted to the Internet Era, the information of the world has too. It's not just about protecting messages that are being sent but also about the data that has been stored in the cloud.
“One must acknowledge, with cryptography, no amount of violence will ever solve a math problem.”
-Jacob Appelbaum (Ex-core member of Tor Project)
Cryptography is about constructing such a protocol that helps the information sender keep his information inaccessible to the unwanted eyes. As coined on Wikipedia, it could be termed "the conversion of information from a readable state to apparent nonsense." As described on exploratorium.edu, to be useful, certain things should be known about a cipher at both the receiving and the sending ends.
- The algorithm or the method used to encipher the original message (a.k.a. plaintext).
- The key used with the algorithm to allow plaintext to be enciphered and deciphered.
- The period for which the key is valid.
Think about this. You and your master-thief friend manage to steal the key of some wealthy businessperson. Now, your objectives could be visualized as:
- ALGORITHM: You, locating the businessman's home and reaching his front door when it is the best time.
- KEY: The key you managed to steal is the cipher key.
- TIME: It won't be long before the businessman figures out that his keys are missing. This is the period for which your key is valid.
Origin of Cryptography
The word 'cryptography' emerged around the 19th century, in the novel The Gold-Bug, by Edgar Allan Poe. Cryptography emerged from the times when people got organized in tribes, groups, and kingdoms. Ideas of battles, supremacy, and politics. The first known evidence of cryptography can be traced to the Egyptian Civilization, about 4000 years ago. The kings used 'hieroglyph' to communicate with each other with the help of scribes. These scribes were the only ones who knew how to read and write these scripts, and it was through them that the kings exchanged messages.
As time passed by, similar codes were coming up, a little advanced than their predecessors. And finally, there came Codes and cipher these days that are so hard to crack that it's virtually impossible for an average human to crack them using brute force. Even with the help of massive supercomputers, it's tiresome to break coded and ciphered messages with brute force.
Ciphers and Codes
Well, the difference between a cipher and a code is quite simple. A cipher changes a message on a letter-by-letter basis, while a code converts the entire plaintext (the message) into other words or numbers.
Code: A code is a mapping from some meaningful message into something else, usually a group of symbols or characters that don't make any sense. The code also requires a codebook that lists out all the mappings. Codes usually make no meaning unless decoded using a codebook, which is like the key to every written symbol on the message.
Cipher: A cipher (or cypher) is a pair of algorithms that create the encryption and the reversing decryption. To decrypt the cipher, you need both the key, as well as the decrypting algorithm. A key is a secret passphrase that is used to run the algorithm to decrypt the cipher. Without the key, the algorithm is useless. It is like you opening someone's suitcase without knowing their combination. You end up trying all the possible combinations you can try.
What are examples of Ciphers and Codes?
Caesar Shift Cipher
In the year 753 BC, the world saw the rise of the Roman Empire. With the Romans, there came a new method into existence called The Caesar Shift Cipher. In this method, the ciphered message relied on shifting the letters by a number discussed and agreed upon beforehand. The receiver would then move the letters back by the decided amount to receive the original message. This was one of the simplest forms of ciphers one could find.
- Let's suppose that Luke Skywalker, along with his rebel alliance, decided to storm into the Death Star. Now, assume that there is a message that has to be conveyed to the rebel base and, at the same time, protecting it from Darth Vader: "ALPHA TEAM AT POSITION."
- Let's suppose that the agreed-upon decryption key is 5. So each alphabet in the message would be shifted by five digits, clockwise.
- "FQUMF YJFR FY UTXNYNTS" will be the ciphered text which the base would receive, and anyone who manages to capture the message. This would make no sense, but this method is old and can be easily cracked using processors as early as Intel 4004.
In this type of Cipher, the letters are moved around, with some regular pattern, to make a jumbled sentence, which would make no sense. Let's, for example, take the phrase; THE POLICE IS COMING FOR YOU. To convert this into a transposition cipher, we can use what's called a depth-two rail fence.
So this phrase now would be written as
T E O I E S O I G O Y U
H P L C I C M N F R O
Vigenère was considered one of the most robust ciphers to break and kept hackers on their toes for almost three centuries. Because of this, it earned the title of Le Chiffre indèchiffrable, which is French for 'the indecipherable ciphers. This method is similar to Caesar Shift Cipher. The only difference is the key. The key is, in this method, not a number but a series of interwoven Caesar ciphers. It is a form of polyalphabetic substitution.
Now, let's suppose the message that has to be sent is 'SENDMORETROOPS.' Now, say the cipher key was 'VICTOR.' The encryption is done in such a way that the word VICTOR is written below the plaintext and repeats it until it matches the length of the plaintext. The word from the plaintext and the word from the key is mapped to the grid, where each row starts with a key letter. Thus, we would get our encrypted message, which in this case would be 'NMPWAFMMVKCFKA'
Some people say that the Allied power won a part of the war when Turing broke the Enigma Code. The Germans used to communicate messages from this machine called the Enigma Machine.
The device looked like a typewriter, in which punching the letters would create the cipher letter. Now, there were several wheels inside the machine that were connected through wires to the letters. All Enigma Machines were identical, and knowing the initial configurations were essential to decipher the message. Also, the cipher key was not fixed; it kept on changing within a message. Each wheel would rotate after a certain number of letters were typed. Even if the Allies managed to procure a copy of the Enigma Machine, they would not be able to decipher any of the messages because they did to know the initial wheel configuration. What Alan Turing made to decrypt the Enigma code was considered to be the ancestor of modern computers.
Remember The Dancing Men case from Sherlock Holmes? These messages were nothing that made sense and looked as if the cavemen had returned to the world. But when Sherlock gets more of those messages, he understood that they were not someone fooling around, but coded messages. Think about this; you see a message that has been coded or ciphered. Now, if you are a curious mind, you would start decrypting the message with all your might. You may as well manage to get the real message out of it. This was not what the senders of the message would have wanted, did they? To prevent this type of situation, the sender of the message will hide this message in some form that would be invisible to the third party eye, such as in a picture or woodwork.
Such types of coded messages could be traced back to as far as ancient Greece. In this type of message, the actual message is concealed in some form so that it does not raise suspicion in third parties. If the software to decode the QR code was not public, it might as well had been an effective way to communicate coded messages. This is the perfect way to hide data or messages in an innocent-looking picture. No one could tell that this holds messages just by looking at it. A QR code can store a maximum of 177 rows and 177 columns, which means the maximum number of the module is 31,329. The arrangements of these modules help the store to date. The maximum amount of data a QR code can store is about 3Kb.
Morse Code is a way of transmitting messages in the form of signals. The text can be encoded in the form of short and long signals or the form of on and off. The two different signal durations are dots and dashes. The dot duration is the basic unit of time measurement in Morse Code transmission. The period of the dash is usually kept three times the period of the dot. Nowadays, Morse Code is more of an emergency helpline than a message encoding method.
Public Key Ciphers
Think about this. You have successfully created a procedure through which no human could ever break your cipher. There exists no device that can crack it without providing the code. It’s cool; you would share messages with extreme privacy. But then, what about the key? You cannot share your keys through your cipher, can you now? I mean, how would the receiver decode the message to get the key without the key? Sure! You would tell her the key in her ears, but don’t you know that the walls have ears too? What if the receiver is on the other side of the planet? Send a post? What if the postman or anyone in the postal network is the spy? You can trust no one. To overcome this limitation, the Public Key Ciphers were introduced.
This is considered to be the Ultimate Modern Cipher. Every Public Key Cipher has two keys, one public and one private. The two keys belong to the person receiving the message. One key is a public key and may be given to anybody. The other key is a private key and is kept secret by the owner. Your password, which you make for an account while setting it up, is your private key. The system automatically generates a public key for you once the account creation is successful. This public key is made available to anyone using the internet. The cool thing about this is that if something is encrypted using your public key, only you can decrypt it using your private key.
Now suppose you are sending secure mail to someone from work. Before submitting, the mail service gets the receiver's public key and encrypts the mail content using that key. When the receiver receives the mail, only his password (private key) can decrypt the content. So this is how it works.
Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, electrical engineering, communication science, and physics. Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Until modern times, cryptography referred almost exclusively to encryption, which is the process of converting ordinary information (called plaintext) into an unintelligible form (called ciphertext).
If you are still asking that question, let me create a scenario for you. "You live in a world where cryptography doesn't exist. You are finally buying that one thing that you have been waiting to buy for quite some time now. You log into an online store and click on the buy now option. You are redirected to a page where you have to enter your card details. You type your card number XXXX XXXX XXXX XXXX and then the Card Verification Value (CVV) XXX. That's done now. You have completed a successful transaction. You get your product shortly. A few days later, you get a notification from a bank about a transaction that you did not make. You check with your bank, and they tell you about your card being used. You immediately instruct them to block your card. They do as instructed but could not recover the spent money.
Since the payment gateway didn't use any encryption, a hacker nearby, who was snooping data packets, managed to get your packet and read it. He got your card number, CVV, and all the other information you sent to the payment company. This was possible for him because whatever details you sent over the internet were in plaintext, not hashes.
Similarly, a lot is at stake when encryption is not used. Military secrets, medical information, bank details, passwords on servers, texts, emails, and phone calls are all encrypted for security. Right to privacy is even a thing in most of the countries in the world. Hence, encryption is one of the primary necessities in this digital age.