Cryptography

1. Cryptography is the invisible foundation of digital security.

To establish the basic elements of digital security, cryptography is pretty much the only game in town.

Ubiquitous tool. Cryptography is not just for spies or secret messages; it's deeply embedded in our daily digital lives, securing everything from mobile calls and ATM withdrawals to online shopping and messaging apps like WhatsApp. It protects billions of devices and transactions globally.

Essential for cyberspace. Unlike the physical world where we rely on senses, context, and physical barriers, cyberspace is non-material, unfamiliar, and lacks situational constraints. Cryptography provides the fundamental tools needed to build security mechanisms in this abstract environment.

More than secrecy. While historically focused on keeping information secret (confidentiality), modern cryptography also provides tools for verifying information hasn't been altered (integrity) and confirming who you are communicating with (authentication). These are the bedrock of digital trust.

2. Keys and algorithms are the core tools, but keys are paramount.

In using cryptography to support our security in cyberspace, algorithms are important, but keys are key.

Recipes and ingredients. Cryptography relies on two fundamental components: algorithms (the computational "recipes" or processes) and keys (special, often secret, pieces of data or "ingredients"). The algorithm is typically public knowledge, while the key is what provides the unique security capability.

Keys grant access. Just like a physical key unlocks a door, a cryptographic key grants an entity (human or computer) the special capability to perform a specific task, such as decrypting data or verifying authenticity. Access to the correct key is everything.

Keys are secrets. Cryptographic keys are usually large, randomly generated numbers, impossible for humans to memorize, and are stored on devices like SIM cards or bank card chips. Unlike passwords, which are often submitted and exposed, cryptographic keys are used to demonstrate knowledge without revealing the key itself.

3. Symmetric encryption keeps data secret efficiently, but sharing keys is hard.

Symmetric encryption works, as long as, somehow, everyone who needs the secret key can get hold of it.

Same key locks and unlocks. Symmetric encryption uses a single secret key for both encrypting plaintext into unintelligible ciphertext and decrypting ciphertext back into plaintext. This method is computationally fast and efficient, making it ideal for encrypting large amounts of data.

Widely used. Symmetric encryption is the most common type of encryption used today for securing data at rest (like on your laptop) and data in transit (like on Wi-Fi or mobile calls). Algorithms like AES (Advanced Encryption Standard) are the state of the art.

The distribution problem. The major challenge with symmetric encryption is securely sharing the secret key with everyone who needs it, especially with strangers over potentially insecure networks. Sending the key itself requires protection, leading to a "chicken-or-the-egg" dilemma.

4. Asymmetric encryption solves key sharing, enabling secure connections with strangers.

Asymmetric encryption seems like magic. And it is.

Public and private keys. Asymmetric encryption uses a pair of mathematically related keys: a public key that can be freely shared and used by anyone to encrypt data, and a private key that is kept secret by the recipient and used only for decryption.

Digital padlocks. This public/private key structure acts like a digital padlock: anyone can use the public key to "lock" (encrypt) a message, but only the holder of the corresponding private key can "unlock" (decrypt) it. This elegantly solves the key distribution problem for strangers.

Relies on hard math. Asymmetric encryption algorithms like RSA are based on computational tasks that are easy to do in one direction (like multiplying two large prime numbers) but extremely hard to reverse (like finding those prime factors from the product) without the private key.

5. Hashing and digital signatures ensure data integrity and authenticity.

Cryptography can be used to detect whether data has remained whole and undivided since the moment it was created.

Integrity checks. Data integrity ensures that information has not been altered since its creation. Cryptographic hash functions act like digital "juicers," taking data of any size and producing a small, unique "digest" or hash. Even a tiny change in the data results in a completely different hash.

Beyond accidental errors. While simple checksums detect accidental errors, cryptographic hash functions are designed to make it computationally infeasible for an attacker to deliberately alter data and produce a matching hash. However, a hash alone doesn't prove who created the data.

Digital signatures. Digital signatures use asymmetric cryptography to provide strong data integrity and data origin authentication (nonrepudiation). The sender uses their private key to "sign" a hash of the data, and anyone can use the sender's public key to verify the signature, proving the data's integrity and its unique origin.

6. Knowing "who's out there" is vital, but passwords are a weak link.

On the internet, not everyone thinks carefully enough about the implications of the fact that you’re not a dog.

Entity authentication. Determining who or what you are communicating with in cyberspace is crucial for security. This process, called entity authentication, is challenging because digital interactions lack the physical cues we rely on in the real world.

Passwords are flawed. Passwords are the most common authentication method, but they are weak. They are susceptible to:

• Guessing and dictionary attacks (due to poor user choices)
• Theft (via phishing, keyloggers, or insecure storage)
• Lack of freshness (they are often used repeatedly)

Stronger methods exist. Cryptography enables more robust authentication techniques, such as:

• Using cryptographic keys stored on secure tokens (like bank cards)
• Perfect passwords generated uniquely for each login using cryptographic algorithms and shared secrets
• Challenge-response protocols where entities prove knowledge of a secret by transforming a random challenge.

7. Cryptosystems fail due to implementation and key management, not just algorithms.

When cryptography breaks, what has really happened is that some part of the cryptosystem has failed to work as intended.

Beyond the math. While designing strong cryptographic algorithms is difficult, most security failures in real-world systems (cryptosystems) are not due to flaws in the algorithms themselves. Modern algorithms like AES are considered highly secure.

Implementation matters. Cryptographic algorithms must be implemented perfectly in software or hardware. Subtle coding errors or side-channel vulnerabilities (like timing or power analysis attacks) can leak secret keys, bypassing the algorithm's theoretical strength.

Key management is critical. The entire lifecycle of cryptographic keys—generation, distribution, storage, rotation, and destruction—is a major source of vulnerability. Poor key management practices, such as using weak passwords for key derivation, storing keys insecurely, or failing to manage public key authenticity (via certificates), are common points of failure.

8. The "crypto dilemma" pits privacy against state access to encrypted data.

If society allows widespread use of encryption, then cryptography will be used to protect data relating to illegitimate activities. If, on the other hand, society somehow tries to restrict the use of encryption, then attempts by honest citizens to protect data relating to legitimate activities might be thwarted.

Dual-use technology. Encryption is immensely beneficial for protecting personal and commercial data, but it also hinders law enforcement and intelligence agencies investigating criminal and terrorist activities. This creates a fundamental societal dilemma.

Confidentiality is the issue. While cryptography offers multiple security services, the political debate primarily centers on encryption and anonymity tools (like Tor), as these are the functions that allow individuals to hide information and identity from the state.

No easy balance. Authorities often call for a "balance" between security and privacy, suggesting ways to allow legitimate access to encrypted data (e.g., via backdoors or compelled decryption). However, finding a technical solution that allows state access without compromising overall security for everyone is extremely challenging.

9. Attempts to control encryption often create problematic "breakable" systems.

What is required is a “breakable unbreakable” cryptosystem.

The magic wand problem. Proposals to allow state access to encrypted data essentially require building a "magic wand" capability into cryptosystems. This means the system must be unbreakable by ordinary attackers but breakable by the state under specific circumstances.

Backdoors are risky. Introducing backdoors into cryptographic algorithms or implementations is a historical approach (like rigged export devices) but is highly problematic today. In a world of open standards and widespread expertise, hidden backdoors are likely to be discovered, becoming "front doors" for any attacker, not just the state.

Regulation is difficult. Attempts to control encryption through regulation (like export controls or compelled key disclosure) face challenges in a digital world where software is easily distributed globally. Such measures can be cumbersome to enforce and may push malicious actors toward unregulated, truly unbreakable methods.

10. Quantum computers pose a future threat, requiring new cryptographic algorithms.

Quantum computers present a genuine threat to the cryptography we use today.

Future computational power. While current quantum computers are rudimentary, future, more powerful quantum computers could efficiently solve mathematical problems that underpin today's asymmetric cryptography (like factoring large numbers).

Impact on algorithms. This means current asymmetric encryption (RSA) and digital signature schemes would become insecure. Symmetric encryption (AES) would also be affected, requiring longer key lengths (e.g., 256 bits instead of 128 bits) to maintain security.

Post-quantum cryptography. Researchers are actively developing new cryptographic algorithms designed to be resistant to attacks by quantum computers. These "post-quantum" algorithms will be needed to replace current asymmetric schemes to secure future digital communications and data.

11. Trust in cryptography is built through transparency, standards, and secure practices.

If there is no belief in the reliability of cryptography, what hope is there of establishing meaningful trust in cyberspace?

Trust is paramount. Cryptography is essential for building trust in cyberspace, but cryptography itself must be trusted. This trust was challenged by revelations of potential state interference and widespread implementation flaws.

Building confidence. Trust in cryptography is fostered through:

• Open standards and public scrutiny of algorithms
• Secure implementation practices and addressing side-channel vulnerabilities
• Robust key management processes
• Transparency from technology providers about how cryptography is used.

Informed users. Understanding the basics of cryptography empowers individuals to make better decisions about their digital security, evaluate the security of technologies they use, and contribute to societal debates about privacy and surveillance.

Last updated: May 8, 2025