Encryption

• It is not unreasonable to assume that all digital communications have the potential to be stored indefinitely and analyzed.
• Is there anything you can do to secure your data?

Encryption

• YES! -> ENCRYPTION
• Cryptography is the science of designing systems for encoding information so that only certain parties can access it / understand it.
• A set of algorithms and procedures for encoding and decoding information is known as a cryptosystem.
• The practice of "cracking" codes is known as cryptanalysis.

Encryption

Basic components:

• Sender (Alice); Receiver (Bob); Attacker (Eve); Message
• Alice wants to send a message to Bob without Eve listening.
• The plaintext message is encoded into ciphertext while it is transmitted (so Eve cannot understand), and then decoded back into plaintext.
• Alice and Bob both share a key that they use to decode the ciphertext.

Cryptosystems

• Ancient example: The Shift Cipher (Caesar Cipher):
  • Take each plaintext letter and "shift" it by N letters to get the ciphertext.
  • The key is the number N.
  • To decode, "unshift" the letters by N.
• This cryptosystem has many weaknesses.

Cryptosystems

• The One-Time Pad (OTP):
  • Create a key that is as long as the plaintext (e.g. 20-character message has 20-character key)
  • The key is like a shift cipher that is different for each letter in the message.
• This cryptosystem is perfect - unbreakable without the key.
• But, totally inefficient.

Cryptosystems

• Modern cryptosystems generally take some binary data and perform a lot of computations/transformations on it, so that it appears totally random.
• Most cryptosystems have vulnerabilities, but a good cryptosystem can only be attacked through brute force.

Cryptosystems

Brute Force Attacks

• A brute force attack is one where you simply try every possible key until you decode the message.
• For a 4-digit password, there are 10^4 (1000) possible combinations. (A few seconds to crack)
• Advanced Encryption Standard (AES) 256-bit key: effectively impossible to break through brute-force

Cryptosystems

Brute Force Attacks

"I’m estimating that, as an extremely fast estimate, all of the computing power on Earth turned to trying AES keys couldn’t check more than 2^75 keys per year (and really that is a very very high estimate). At that rate, it would take more than half a million times the age of the universe to go through half of the 2^128 possible AES keys." - (blog.agilebits.com)

Cryptosystems

Cypherphunks

"Similarly, the universe, our physical universe, has that property that makes it possible for an individual or a group of individuals to reliably, automatically, even without knowing, encipher something, so that all the resources and all the political will of the strongest superpower on earth may not decipher it. And the paths of encipherment between people can mesh together to create regions free from the coercive force of the outer state. Free from mass interception. Free from state control."

Cryptosystems

Cypherphunks

"While nuclear weapons states can exert unlimited violence over even millions of individuals, strong cryptography means that a state, even by exercising unlimited violence, cannot violate the intent of individuals to keep secrets from them. 

Strong cryptography can resist an unlimited application of violence. No amount of coercive force will ever solve a math problem."