The History and Mathematics of Codes and Code Breaking

Tag: Encryption Page 1 of 2

The Perils of Hubris in Cryptography

On page 41 of Simon Singh’s The Code Book, Singh makes the interesting assertion that “a weak encryption can be worse than no encryption at all.” This seemingly paradoxical statement reveals how hubris can be the downfall of any great cryptographic scheme. Best exemplified in the case of Mary Queen of Scots, when two parties deem a cipher or code secure and therefore write their messages freely with no fear of discovery, this overconfidence can ultimately result in their downfall. Had Mary’s messages not been so explicitly linked to the assassination plot of Queen Elizabeth, and instead been deliberately vague, the evidence against her would have been weak enough to possibly save her life.

The beheading of Mary Queen of Scots should serve as a cautionary tale to any modern cryptographer to remember the possibility that your enemy has already cracked your code, or that another part of the world is already much advanced in the art of code breaking. A good cryptographist should take extra precautions when crafting their message to ensure that, if the encryption fails, the implications of their message, should it land in the wrong hands, are as limited as possible. No code should be deemed unbreakable by its creators, and stenography and subtlety of language are just as crucial in encryption as a strong cipher or nomenclature.

The Need for using Strong Encryption

With the internet and its countless facilities constantly finding its way into our lives, it is getting more and more important to realize what we can trust it for and where it does more harm than good. Today, most of us think twice before we say something on the internet or before we share sensitive information online. Eventually, as our world gets more integrated with the digital world, it'll only make keeping information offline harder. Having strong encryption available to the public would make it safe and inspire confidence in the system of digitization. Additionally, I would like to expand on the parallel drawn between gloves and encryption by Ron Rivest. While it seems that the parallel drawn might be too far fetched and that a pair of gloves cannot be compared to encryption, we are slowly approaching towards a world where encryption might just be as essential as a glove or a shoe. Any item can technically be used with malicious intent but it is important to weigh the pros and cons of the range of its utility. Just because the government can control whether encryption can be made ubiquitous should not change the utility or the need we have for it in our lives.

Pretty Good Predictions

Before even seeing this question, I already had something to say about the predictions that Singh made in this paragraph. The one that stood out to me was that democracies will be using online voting. I found this funny because 20 years from the writing of this book, online voting still doesn't exist, and the idea appears to still be the cause of a lot of problems. Online voting is something that would most definitely be more convenient for many people. For me, the whole voting process took so much longer than I feel it needed to. First, I had to register to vote, by printing a form and filling it out. I had to send the form to my county's voting office, then they had to send me back a letter that said I was registered. Then, since I'm from Ohio, I had to request an absentee ballot. I had to first request a request for the ballot. They sent me a form that I had to fill out, then send back to my voting office again. Then, they sent me the absentee ballot, which I filled out, then sent back again. Overall, this process took a very long time, and online voting would have shortened this to minutes. I'm pretty sure it's a concept that wouldn't be very hard to implement, but there would most likely still be problems. Considering that in the 2016 election there were allegations of tampered ballots and they were done in person, I wouldn't be surprised if the problem was even worse if done online. This is where good encryption comes in. If there was extremely secure encryption during online elections, then hypothetically, there shouldn't be a problem with possible tampering. Considering that we can trust encryption enough to type in our social security numbers and credit card numbers and all our private information, I think it's reasonable to trust online voting.




Why Strong Encryption to General Public

In the age of digital technology, access to encryption is of similar importance as the access to free speech. While the arguments against public encryption technology are certainly valid considering public security, it's unreasonable to deny the public access to such a critical element of online communication, especially since most communications using encryption don't concern criminal activity.

First of all, if the public has no access to encryption, many online activities would be vulnerable: medical records, online transactions and addresses. While the lack of encryption makes wire tapping easier, it also makes criminal activity easier. Most people get online without knowing which system of encryption they are adopting. The existence of internet is making people more likely to share their personal information without the knowledge of cyber security. If public lack the basic methods to encrypt their information online, criminals can more easily obtain user information.

Secondly, the right to encrypt a message online is no different from encrypting a written message that's sent physically. If the government had no right to interfere with that type of encryption, they shouldn't be granted the authority solely due to the change in communication methods. While policies should adapt to the changing world, underlying concepts and guidelines should remain the same.

While it's important to consider public security, we have to take in mind the basic needs of encryption. If people are in domestic violence situations or other situations that demand secure and anonymous conversations, having no encryption would put people (without any criminal intention) at risk.

Not making the world a better place

Admittedly, restricting strong encryptions by the law enforcement and national security agencies do have some advantages toward crime fighting. However, the law enforcement and national security agencies can’t deny people’s right to protect their own privacy.

Singh noted: ”Civil libertarians argue that the widespread use of encryption is essential for guaranteeing the right to privacy.” Without strong encryption, people’s data will be exposed to everyone. People’s personal information online or the messages they sent all rely heavily on encryption to be kept as their own privacy. Would the world be better if the database of the giant companies is put online without encryption? Will that be beneficial for fighting crimes? Definitely not. Criminals will have more targets to attack. Also, with knowledge of encrypting, the public can even help the police or national security agencies to fight the crime. Restricting encryption on the public can’t stop the criminals from using them due to the high level of technology they have nowadays as Singh claimed in the book. In general, restricting encryption methods from the public is definitely not making the world better or safer.

On the other hand, the government can’t just forbid others to use or learn encryption and monitor the public at the same time. Singh wrote about the unjustified wiretaps utilized by Presidents Lyndon Johnson and Richard Nixon. Edward Snowden also showed the wiretapping ways used by the government to control the public. Under these circumstances, people should have their rights to learn about these encrypting methods used by the government instead of being restricted to getting in touch with it.

Why Encryption is for All

At this point, the cat is out of the box with regards to encryption. Available to all internet users are extremely secure encryption systems, and this is why trying to limit their use is a mistake. Strong encryption should be available to all internet users. Pretty much as it stands, terrorists or people engaging in nefarious activities will be able to encrypt their data, and there is no way to take these keys back off the internet. We bank on their complacency at this point, and there is no practical way for us to stop them from communicating securely. However, we as a society can lose a lot if we don't allow encryption to be available to everyone. There are advantages for big business to have access to extremely strong encryption because they are vulnerable to attacks and hacks. Strong encryption is also beneficial for individuals because it protects their privacy. There is a lot of extremely sensitive information online, and every month we see that certain websites have been hacked and that user data has been stolen. With stronger encryption, people' bank accounts, photos, personal history, and social security numbers can be kept more secure. Also, their communication can be more secure, which is good, because people always feel at the back of their mind that they are being spied on by people, and this would ensure their privacy. This is why I believe that strong encryption should be available to everyone.

An invention to win the war

When you think about the World War, there must be a scene or a voice in your mind that broadcasts the radio talks. The classic voice with electronic noises in the movies probably has made an impression. I didn’t know about the source of the noise before. I used to thought that the voices were not clear because of the lack of technology to communicate efficiently; but after the podcast, I learned that those noises were created for data encryption.

The podcast explained clearly how the machine works. The machine can break down a human voice into basic components; then transmit those basic components so that the receiver can recreate the voice on the other side. This invention was marvelous enough to create a new generation. For the first time, sounds can be digitized and transmitted over a long distance. What’s more, it also mixed noises with those components to make the encryption unbreakable. These two innovative ideas were combined together, led to the success of the war.

The producer used different soundtracks so that we can hear different people telling the whole story. This new approach creates a sense of warm and inspiring. We all have the terrible experience of losing focus after hearing a stable and unchanging sound for a long time. This podcast can easily catch the audience’s attention. It feels like having a conversation in front of a bonfire with several knowledgeable scholars. Besides, the producers also presented the original radio sound back to the time of war. When those clips were related to the sound people often hear in the movies, the audience can better understand the ways Voder are used. The lecture will not be complex and boring principle telling in this way, but be a vivid presentation.

After hearing this episode, I’m probably going to consider more about the audience for the podcast episode. Audiences’ interest is always the first thing to think about while making an episode.

Solving an Encryption is Easier Said than Done

I believe that the examples in the book would be harder to decipher when no assistance is given. It would be hard to decipher the message while not knowing what type of cipher it is. Telling the readers what kind of code the message is encrypted as gives a hint in how to solve it. If there was no hint, the receiver of the message would have to just guess on how to decipher the message. There are ways to get clues on what type of code is used such as frequency analysis; however, frequency analysis may not be very helpful depending on what type of code was used.

It is easy to understand Singh’s examples in the book because he is trying to teach the readers how to decode the message. The examples that Singh gives are also easy to crack since no one is trying to keep the message hidden anymore. It is easier to decode the messages now than it would be during the time of war. I think that it is harder to decipher codes when in certain situations. The idea that the contents of a message can help alleviate impending war can put an enormous amount of pressure on a person’s shoulder. When I am in stressful situations, an exam, for example, I often make silly mistakes because of how nervous I am. That feeling is a thousand times worse during the times of war because it is not a grade that is at stake, it is the livelihood of a country.


The Race Between Cryptanalysis and Encryption

The status quo of cryptography can be accurately represented by a game of tennis between two equally good players. When a strong cipher is developed, the ball moves to cryptanalysis. Upon development of better decryption techniques, the ball returns back to the court of the encryptors. The period in which an event happens in the world of cryptography is heavily influenced by who has the power between cryptanalysis and encryption.

During the time of Mary Queen of Scots, the users of cryptography had little to no faith in the abilities to decrypt, causing them to have  undue faith on their abilities to encrypt. By not giving sufficient credit to cryptanalysis, they did not bother with either reinforcing the difficulty of the cipher  or any sort of counter measures in case the cipher was broken, leaving them in a worse position had they chosen not to encrypt. On the other hand, the situation before the Vigenère cipher was the exact opposite as the strength of any cipher was presumed to be weak. Encryptors were motivated to fortify their ciphers and even after encryption, they would communicate in  ways that would seem senseless without context. Some would even avoid cryptography altogether and find other ways to convey the desired message.

I also believe that during the period of Mary Queen of Scots, cryptography itself was fairly new and unheard of. This meant that almost no one had any idea how to encrypt (and naturally, decrypt) ciphers. After cryptography became more popular, more people explored the avenue and cipher breaking became more ubiquitous. This was another reason for encryptors to strive to strengthen their ciphers.

Different Applications of Cryptography Over Time

The only records we have of cryptography used in the past come from people with the resources and technical skills to encrypt and decrypt messages, whether they were World War II spies, Arab scholars, or Greek military leaders. Although not all of the encryption methods mentioned by Singh in Chapter 1 required exceptional resources (the Spartan scytale method used only a staff and parchment), they all required an understanding of the concept of encryption, which was a largely unused technique prior to the development of each cultures' breakthrough cryptography methods. Additionally, it's a reasonable assumption that cryptographers would have wanted to keep their methods secret from the general public, as knowledge of the code would have weakened the encryption. Therefore, I believe that the reason so few records of cryptography exist outside of well-resourced people is because they closely guarded the secrets to their specific codes after development, which, once revealed, often turned out to be simple and did not require exceptional resources.

However, this only applies to encryption and the building of ciphers. The techniques the Arabs developed for the decryption of substitution ciphers required extensive knowledge on linguistics and math, as frequency analysis only works if the cryptanalyst is familiar with the mechanics of a language.

Over time, techniques for encryption and decryption have been constantly improved in an arms race to create more secure codes and ways to break them. Nowadays, the most secure encryptions are created using supercomputers and unique encryption keys, which arguably requires more exceptional resources than simply deciding on a certain substitution cipher. However, the most significant difference between cryptography now and then is that very secure encryption is available to the general public, while people in the past who weren't involved in the encryption and decryption process had very limited access to effective cryptography. Although only the developers of specific encryptions know the specific mechanics, they are made available for anyone to use.


Page 1 of 2

Powered by WordPress & Theme by Anders Norén