What Is Encryption?
Encryption is the process of transforming data such that it can only be deciphered and understood by specific parties. Encryption protects sensitive data or information by making it incomprehensible to all unauthorized parties. Decryption is the opposite of encryption; it transforms previously incomprehensible data into a meaningful message.
Encryption uses an encryption key to transform the data from a plaintext message to a ciphertext, and decryption uses a decryption key to transform the ciphertext back to the original message.
The goal of strong encryption is to ensure that any plaintext message can be encrypted into ciphertext, which can then only be decrypted by those who control the decryption key. No other data, including the ciphertext and any metadata about the message, should allow someone to decrypt the message without the decryption key.
Encryption Throughout History
Different types of encryption, called encryption schemes have been used to protect all types of secrets since antiquity. Early uses of encryption include the protection of trade secrets and, most significantly, the secure transmission of military secrets.
An early example, the Caesar Cipher, was used by the Roman military. A cipher is a simple encryption scheme which substitutes every letter of the alphabet with another letter. Ciphers were relatively simple to encrypt and decrypt by hand, as long as the sender and receiver used the same substitution set. However, as technology and cryptographic knowledge advanced, ciphers were revealed to be insecure due to frequency analysis.
Since almost all languages use some letters more than others, a simple substitution cipher such as the Caesar Cipher is vulnerable to frequency analysis. By counting the occurrences of each letter in the ciphertext, an attacker can easily determine which ciphertext letters correspond to which plaintext letters.
In English for example, the letters E, T, A, and O are most common, while X, Q, J, and Z are least common. Thus, if a ciphertext uses the letter M the most, M likely corresponds with E, T, A, or O. This method makes all substitution ciphers insecure.
Cryptanalysis is the study of how to break encryption schemes and decipher encrypted messages without the decryption key. Cryptanalysis employs a wide variety of techniques based on the type of encryption used. Some methods of cryptanalysis, such as frequency analysis, can be performed by hand. Other methods of cryptanalysis require powerful computers and complex math.
Governments and militaries remained the dominant users of encryption into the 20th century. During World War II, many advances in encryption and cryptography were realized. Nazi Germany employed the Enigma machine, a physical device which encrypted messages based on a constantly changing key. The Enigma code was eventually broken in two fashions: a physical Enigma machine was captured and dissected, and, more importantly, Alan Turing invented a computer capable of cracking the code.
Turing’s computer broke the Enigma code primarily using a brute force attack, meaning the computer tried every possible decryption key for the Enigma system until a coherent message was found. Before modern computing, brute force attacks were practically impossible, but today, all encryption schemes must consider brute force attacks in their design.
Data Encryption Standard (DES)
Turing’s innovations advanced the field of computing and encryption simultaneously. In the following decades, increasingly complex cryptosystems were constructed. Substitution ciphers, even ones as complicated as those used in World War II, were rendered obsolete.
After World War II, encryption also diffused to businesses and private citizens. In 1975, the United States government declared the Data Encryption Standard (DES) to be a public standard for secure encryption. DES was invented by IBM researchers, and was a dominant encryption scheme for more than 30 years.
Brute Force Attacks and Breaking DES
The security of modern encryption schemes and other cryptosystems are measured by the effort required to brute force them, which is called entropy. A strong encryption scheme must make brute force attacks impractical, as they are almost always strictly possible.
The Data Encryption Standard used an entropy of 56 bits. This means there were only 2^56 possible decryption keys. Even in the 1970s, this was not sufficient to withstand a brute force attack from state-of-the-art computers.
Because the security of DES was subpar, Triple DES gradually replaced DES as a standard. Triple DES simply applied the DES algorithm to a message three times, protecting it from brute force attacks and “meet-in-the-middle” attacks.
Advanced Encryption Standard (AES)
In 2001, the Advanced Encryption Standard (AES) replaced DES and Triple DES as the standard encryption scheme. AES uses an entropy of 256 bits, making it significantly more secure than DES, and AES is widely used today. However, as with DES, the NSA fiddled with the AES algorithm before it was established as a standard, and has never published an explanation.
Public Key Cryptography
Almost at the same time as the establishment of the DES standard, two researchers named Diffie and Hellman invented an entirely new type of encryption: asymmetric encryption.
Prior to this point, all encryption schemes used encryption keys and decryption keys that were identical. The same algorithm that encrypted a message could decrypt it.
This placed a bottleneck on all encryption schemes: the encryption/decryption key had to be distributed through a secure channel, so that only the desired parties could use the scheme. For example, if Alice and Bob wanted to communicate securely, they first had to securely share a key that they would use in the future. This sharing process endangered the security of the scheme.
Public key cryptography eliminated the need for an initial secure channel. Now, Alice could publish her public key (encryption key) to anyone, and Bob could use the public key to encrypt a message such that only Alice could decrypt it using her private key (decryption key). Most importantly, this method does not require Alice to reveal her decryption key to anyone.
PGP and Open Source Encryption
During the Cold War, the United States and Europe classified encryption technology as a munition, and the export of encryption and other cryptographic technology was heavily restricted. However, as private citizens and businesses increasingly conducted their financial activities using computers, they needed strong encryption. Many Western governments crippled the security of their citizens by requiring licenses to use any encryption scheme which used more than 40 bits of entropy.
In 1991, Phillip Zimmerman publicly released Pretty Good Privacy (PGP), which gave the general public access to strong encryption. Direct action and legal battles between cryptographers and governments has successfully afforded individuals with access to strong encryption, although government agencies continue to actively undermine encryption and other privacy tools.
- Encryption is the process of transforming data such that it can only be deciphered and understood by specific parties.
- Cryptanalysis is the study of how to break encryption schemes and decipher encrypted messages without the decryption key.
- Encryption technology is constantly evolving as new encryption schemes are created and broken.
- Encryption is used to protect digital secrets such as Bitcoin private keys and other data.