Cryptography is the science of encrypting information
The science of encrypting information is called cryptography. It is the method of storing and transmitting data in a form that only those for whom it is intended can read and process it.
The desire to conceal information in communications is nearly as old as written language itself. We first discovered how to share information with one another without actually being face-to-face. We wrote messages. Soon we also recognized the value of hiding information from others. How in the world do we do that?
The ancient Spartans were one of the first (400 B.C.) to apply encryption. They used a ribbon wrapped around a specific thickness cylinder, and wrote the message on the wrapped cylinder. Once unwrapped, the ribbon looked like random characters. The person to whom the message was intended could wrap the ribbon around a same-gauge cylinder to see the real message. This technique is an example of a transposition cipher, where the order of the characters in a message is changed.
The ancient Romans later (100-44 B.C.) devised a different technique. They would send encrypted communications into the battlefield by shifting any letter in the alphabet by a fixed number of positions. For example, if the shift is “three,” then an “A” becomes “D,” “M” becomes “P” and so on. Characters toward the end of the alphabet rotate around to the beginning. All that the commander in the battlefield needed to know was the shift value, and the message could easily be decrypted. This technique is called a shift cipher. It’s also sometimes known as its nickname, the Caesar Cipher.
An ancient Hebrew cryptographic method used two versions of the alphabet. One was the original alphabet and the second was a flipped and shifted version of the first. This method was called atbash. An example is shown below:
So here the word “peanut” would be “lvznfg.” This is an example of a substitution cipher, because each letter is substituted for another. This particular example is also a monoalphabetic substitution cipher because it uses only one alphabet. A polyalphabetic substitution cipher would use more than one alphabet.
So you see these types of ciphers were very simple to apply. They were quite effective in their time, partly because so few people were even able to read unencrypted text. Effective though they perhaps were, they were also easy to break. If the encrypted message were intercepted, it wouldn’t take very long to crack it if one guessed the technique being used.
As people got smarter and reverse engineering proved these simple ciphers vulnerable, more complex methods of encryption were needed.
In the 16th century, a Frenchman by the name of Blaise de Vigenere created a new cipher for Henry III. This was based on a monoalphabetic, Caesar cipher, but amped up the complexity of the encryption and decryption process.
The Vigenere cipher employs 27 shift alphabets. A two-dimensional table (you guessed it- the “Vigenere Table”) of the shifted characters comprises the core of the cipher (algorithm).
The evolution of cryptography continued through the years, and by the late 1800’s cryptography was commonly used by militaries all over the world. One of the most famous application was WWII Germany’s Enigma machine. The Enigma used several rotors, a plugboard, and a reflecting motor to instrument a sort of very complex substitution cipher. The operators at either end would need to know the settings and increments for proper decryption of the message.
Automation, and more trickery
The advent of electronic data processing exponentially expanded the possibilities for data encryption. One of the most well known electronic cryptography projects was called Lucifer, developed by IBM. The Lucifer project employed complex mathematical computations for encryption which were later adopted by the U.S. National Security Agency (NSA) for the federal Data Encryption Standard (DES). DES then has had a rich life of its own spanning over 25 years.
To say that cryptography experienced an arms race through the dawn of electronic data processing is an understatement. A majority of the protocols and processes used for data protection, email, web transactions, wireless communications, faxes, and phone calls have been upgraded to include cryptography.
Cryptoanalysis, and the crypto arms race
Cryptoanalysis is the science of studying and breaking encryption processes, compromising authentication schemes, and reverse-engineering protocols. As fast as new techniques are developed, “the bad guys” find ways to break them. It’s gotten to the point now that an encryption technique is declared flawed, not only when someone proves it can be broken, but also if it’s proven that the cost to break the code (in terms of computing resources, time, etc.) is sufficiently within the reach of criminal organizations. Indeed, even governments are in on the act, lowering the bar for when a technique can be declared as flawed.
Yes but the Key is the Key
If you’ve been paying attention as you’ve read this, you’re probably guessing there’s an elephant lurking in the room. All this encryption stuff is great, but how does the receiver know what the secret is for decoding? That is, how do we agree on the key for decryption?
An encryption key is a piece of information that enables operation of the chosen cryptographic function. In our Caesar code example above, the number “3” is the key. The alphabet characters are shifted by three places. How is it though, that the receiver knows that the key is “3?” How do the German U-boats know the settings on the Enigma machine?
This is one of the tricky bits about cryptography. Somehow, we have to get both the sender and the receiver to agree on what the key to the cryptographic code is. Otherwise, it just doesn’t work.
If the commanders are in the room with Caesar before any encoded messages are sent, they can just tell one another what the secret key is. But if the commanders are already in the field, how do I tell them what the key is for a new set of encoded messages?
This is one of the challenges with cryptography. The cryptographic function depends on both the sender and receiver knowing the secret key, but how do I send a secret key in a secure way? This is the subject of discussions in later chapters, because it’s a central topic of the types of cryptography chosen for an application.
Cryptography and the Datacenter
So why do we talk about cryptography in the context of datacenters? Well, if you agree that the datacenter is at its core a risk management device,… a building in which your business’ most valuable assets (data) are stored, then you’d have to recognize the value of cryptography to the datacenter.
Indeed, if not just for cyber security purposes, new legislation is emerging almost on a monthly basis, which aims to protect Personally Identifiable Information (PII). The new General Data Protection Regulation (GDPR) for example, strongly suggests pseudonymization of all PII. Encryption and tokenization are pseudonymization techniques that can help to accomplish compliance with such regulations.