Getting older, not necessarily wiser!
Today we will start the discussion about encryption, which has been around as long as as there have been people interested in things that are none of their business (aka prying eyes). Encryption has been one of the tools to keep these snoops at bay.
In this post we will take a short look at the history of encryption, and symmetrical vs asymmetrical encryption, without any hi brow technical speak.
The encryption process starts with what is referred to as plain text, the data before encryption. This plain text is encoded in some fashion creating what is referred to as cipher text. Ideally only people who know the how the plain text was encoded (often referred to as the cipher key) can read the cipher text. To everyone else the cipher text will be meaningless.
Over the years there have been several methods used for encoding plain text. The earliest known form of encoding a message is symbol replacement. What is referred to as the Caesar Cipher is an example of this. Anyone who has played with a decoder ring or decoder wheel as a kid has used this type of cipher.
In this cipher each letter in a message is shifted by a certain number up or down the alphabet. For example if you shift forward two then A becomes C, D become F, and so on. Anyone knowing the alphabet used and the shift number (the cipher key) can decode cipher text encrypted in this manner.
This type of cipher is symmetrical, that is the say you use the same process (key) to encrypt and decrypt.
Lets try a short example. Out alphabet is listed below. It includes numbers and the space. We will use a shift value of 8. Below is the plain text and the cipher text. This sort of replacement cypher is shown below. Basically pick a letter form the top row, then use the corresponding shifted letter form the bottom row.
The results of using this replacement cipher are sown in the following plain and cipher text.
RENDEZVOUS AT 165 BLEAKER STREET
ZMVLM62W1 7I079ED7JTMISMZ7 0ZMM0
A fun project is to write some code that can encrypt/decrypt this type of cipher. It is pretty easy to do.
Unfortunately this type of cipher is not to difficult to crack. There have been many variations of this type of cipher aimed at making it harder to crank. The Enigma Machine from World War II is probably the most well known example of this.
In the 1970’s Whitfield Diffie and Martin Hellman published their work on the asymmetric key cryptosystem. This made asymmetrical encryption available to the public. In the 1990’s Phil Zimmermann published the Pretty Good Privacy (PGP) program using asymmetrical encryption, making it publicly available.
Asymmetrical encryption improves on symmetrical encryption in that it adds a second key. One key is only used to encrypt a message, while the other different key is only used to decrypt the message. The keys are different and unique. The encryption key is referred to as the public key, and the decryption key is referred to as the private key.
Generally you make your public key available, so anyone can send you an encrypted message using it. Your private key is kept secure, so only you can decrypt messages encrypted with your public key.
Without knowing a lot of the details of how the key pair was generated, it is extremely difficult to derive the private key, making asymmetric encryption much more secure.
This has been a high level look at encryption. It lays some of the foundations for future discussions about encrypting your internet traffic. We still need to talk about certificates and chains of trust before we can move on to actual implementation.
There is lots of interest in your private data for all sorts of nefarious reasons, worse than your sibling wanting to read your diary. So, yes you need all this security stuff on the Internet.