April 10, 2021

The science magazine of Imperial College

# Keeping private messages private

How has cryptography enabled us to communicate secretly? Julia Lorke and Signe Klange investigate

Do you remember back in school when you urgently needed to share the latest gossip with your best friend during the Maths lesson? To avoid that embarrassing moment of your teacher intervening and reading out your private message in front of the whole class, you could have adapted the ancient techniques of cryptography.

The word cryptography is of Greek origin – crypto meaning secret or hidden and graphein meaning writing. Its basic principle is encrypting the original message (plaintext) by using a specific key resulting in a ciphertext. Cipher texts look like gibberish to anyone who does not have the key to decipher it. This symmetric method relies on both the sender and receiver knowing the same key to understand each other.

Julius Caesar used a simple method for his private conversations: shift ciphers, also called Caesar ciphers. This means each letter of the plain text is substituted by a letter of a fixed number after the original letter in the alphabet. Here is what the key would look like if this fixed number is three.

Plain text:    ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher text: DEFGHIJKLMNOPQRSTUVWXYZABC

A becomes D, as D is the third letter after A in the alphabet. For the message to your best friend about your new BOYFRIEND, your teacher would only be able to read out ERBIULHQG, hence, your secret stays secret.

Not a big fan of Caesar? No worries, there are other traditions to follow: Mary Queen of Scots (although maybe not the most successful example), Egyptian hieroglyphs or Scandinavian runes.

As long as the key is unknown to outsiders, your communication is safe. If your teacher knows the rune alphabet or figures out your key for the Caesar cipher, the code is broken.

Cryptography has been used historically during wartime to prevent the enemy learning about future tactics and goals, as depicted in the recent movie The Imitation Game. The Enigma, an impressively complex, yet elegant cryptograph used by the Germans during the Second World War, was ingenious because the code could switch infinitely. The probability of the enemy guessing the correct code by chance was 1 in 158,962555,217826,360000, that’s almost 159 million million million. Amazing efforts by the codebreakers at Bletchley Park based on the work of Polish codebreakers led to the invention of the cryptanalytical bombe machines. Combined with figuring out the human element of making errors and repetitions, which influenced the encrypting process, this led to breaking the Enigma code – a success that is said to have shortened the Second World War by two years.

Today encryption is not just used in the military. Every time we send an email, or buy an item using the internet, the message is transmitted using an insecure channel – the internet – and is therefore encrypted and decrypted using a public key encryption scheme; this happens every time the “s” in https appears in your browser. This encryption method is multi-layered and much more complex than what is described above.

The method uses asymmetric keys: here different keys are used for encryption and decryption – the public and the private key. To generate the asymmetric keys, incredible large prime numbers p and q (each more than a hundred digits long) are generated randomly. These prime numbers are then multiplied with each other, resulting in pq. Multiplying prime numbers is easy, but figuring out which factors led to the product is quite hard. This is called a “trapdoor”: a function easy to perform one way, but difficult the other way. As this is a very slow process, it is usually not used to encrypt messages, but rather to authenticate sender and receiver. After this authentication both systems negotiate a symmetric session key that is only valid for a single communication and discarded afterwards, but allows to communicate much faster than using asymmetric keys. Such systems that combine symmetric and public-key cryptography are called hybrids. So prime numbers are the protectors of privacy.

Progress in quantum computing may be the next challenge for cryptography. In addition, the future of cryptography is largely dependent on what regulations governments put on encryptions. Prime Minister David Cameron has stated that “modern forms of communication should not be exempt from being listened to”. There seems to be a constant struggle between the public’s right to privacy and government’s request for surveillance as part of anti-terror and security services, called the Crypto War. Extra encryption for secure communication have emerged as a direct consequence of this, encrypting data with PGP (Pretty Good Privacy) and GnuPG (GNU Privacy Guard) helps to keep private messages private, for now.

Our society relies on keeping secrets secret and trying to listen in on rivals at the same time. From the ancient past till now, the methods have been through an arms race of secrecy, resulting in the surveillance society we have today.

Julia Lorke and Signe Klange are studying for an MSc in Science Communication

Images: Scytale (Wikimedia Commons); Rune image by Signe Klange; Bombe: Signe Klange and Julia Lorke; Public/private keys (Wikimedia Commons); Featured image: Bombe detail by Garrett Coakley (Flickr)