With cybercrime a daily headline, encryption is the buzz word of a defensive generation, but what is it exactly? Encryption is our bread and butter here at NOS Microsystems, but to most people it’s just some abstract term that sounds all mathematical and codey or something. But don’t fear, here is a brief history of encryption so you can make more sense of those cyber security headlines.
It’s not as complicated as it sounds. Encryption is just coding information so only authorized parties can access it. It is not a lock and key that prevents entrance to the data, it just mixes up the data so it can only be read if decrypted. An encryption key scrambles and unscrambles data, unlocking the information and turning it back to its original form.
It seems modern, but cryptography in some form has been around since ancient times. The first instance is in a tomb of a nobleman in Egypt dating from 1900 BC, and The Arthashastra, an ancient Indian text on statecraft, mentions assignments given to spies in “secret writing”. Julius Caesar was also known to use a form of encryption to convey secret messages to his army generals.
Like end-to-end (E2E) encrypted messaging of its time, Spartan generals sent and received sensitive messages using a thin wooden cylinder called a scytale. The general would wrap a strip of paper around the scytale and write his message along its length. When the strip is removed the writing appears as a jumble of nonsense written down the length of the paper strip. The receiver would then wrap it around his own scytale of similar size, and read the horizontal message. The Greeks also used codes. As long as both generals had the correct code, they could decode any message the other sent.
Machine cryptography became significant during the Second World War with military forces across Europe tasked with breaking Germany's Enigma code. The German forces had been using their Enigma Machine and it was a doozy. It used multiple rotors which rotated at different rates as a message was typed on a keyboard. The output was the encrypted message and the key was the initial setting of the rotors. The rotors were changed every day, so the code too constantly changed. Popular culture credits Alan Turing and the team of Brits at Bletchley Park as the code breakers, but it was actually Polish mathematicians who gave the Brits a massive head start and deserve 90 percent of the credit.
Back in 1932, the Polish Cipher Bureau was created in response to the rising German threat. Three young mathematicians, Marian Rejewski, Henryk Zygalski, and Jerzy Różycki were hired and tasked with solving the logical structure of the military Enigma, whose security was increased in 1930 by the addition of a plugboard. To help them, French Military Intelligence provided two German documents and two pages of Enigma daily keys which had been stolen by a French spy who worked at Germany's Cipher Office in Berlin.
With these clues, Rejewski was able to crack the code using the mathematical theory of permutations and groups — along with a lucky guess that the non-commercial version of the Enigma typewriter featured keys in alphabetical order. Subsequently, the Polish cryptographers were able to construct 'Enigma doubles' to help them transcribe coded messages. Prior to the onset of the war, the Germans added another two rotors to the system, increasing the possible wheel orders from six to 60. Rejewski and his gang of geniuses were busy trying to crack this new spanner in the works when Germany invaded Poland. The Polish government handed the research to the British who continued working on it, resulting in the full cracking of the Enigma code during the early stages of World War II.
In the computer age, encryption began in the early 1970s when IBM designed a cipher called Lucifer. In 1973, the Nation Bureau of Standards (now called NIST) in the US put out a request for proposals for a block cipher which would become a national standard. Lucifer was accepted and had its name changed to Data Encryption Standard or DES. In 1997, and in the following years, DES was no longer considered safe as it used a 56-bit key. Because computers have become faster, an attack of brute force (simply trying every possible combination in order to find the right key) could easily decipher encrypted data in a short while.
In 1997, NIST put out another request for proposal for a standard encryption method. It received 50 submissions and in 2000 it accepted the Rijndael cipher—developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen. It was christened AES or Advanced Encryption Standard and this is the encryption standard of today. It uses 128-, 192- or 256-bit keys—get2Clouds prefers the 256-bit option. If 50 supercomputers could check a trillion AES keys per second (no such device exists) it would still take trillions upon trillions of years for them to exhaust the 256-bit key space on AES encryption. It is the encryption algorithm favored by the US government, the National Security Agency, and International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC).
When you send a message or file our E2E encrypted app get2Clouds, the file or message is wrapped in AES 256-bit code, scrambling it and creating an encryption key. It can then only be unlocked by the recipient of the message. A new set of encryption algorithms is created each time two users communicate with one another. As an added layer of security, users can include a password. This keeps it safe from not only hackers in the cloud, but would be phone spies.
In the computer age, encryption does not stop at just data. For security, the means of how the data is sent should also be encrypted, but that’s material for another blog.