As we use the Internet more and more, for everything from sharing family photos to financial transactions, cyber security becomes paramount. The science of keeping information secret and safe, cryptography, is now heavily based on mathematical theory and computer science practice.
Before the computer age, cryptography was mainly used in warfare and espionage. This ancient endeavor goes all the way back to biblical times, but perhaps the most famous example is the German Enigma machine. The device was used for both writing secret messages (encryption) and reading them (decryption).
The secret codes from Enigma machines were supposed to be unbreakable, but efforts by Polish cryptanalysts and the British secret service—including work by Alan Turing—showed otherwise. This had a tremendous impact on the outcome of World War II. Though we often think of the Enigma machine as ahead of its time, the underlying principles can be seen in codices, coding ‘machines’ that go back to the Middle Ages.
Cryptanalysis: The Science of Breaking Secret Codes
The science devoted to breaking secret codes is called cryptanalysis. The contents of a cryptanalyst’s toolbox range from basic tools like frequency analysis (which can be traced back to Al-Kindi, an Arab mathematician in the tenth century) to elaborate techniques like analyzing electromagnetic signals emitted from a target device.
Cryptographers use a wide variety of mathematical techniques to create secret codes, but for the most part they fit into two categories: symmetric and asymmetric. Symmetric systems, like the Enigma machine, rely on a (pre-established) secret key among the communicating parties.
With asymmetric systems, encryption and decryption rely on multiple keys: a public key that enables anyone to encrypt messages, and a secret key that only the owner can use for decrypting messages.
One-Way Functions Now and Then
Vital to these processes are one-way functions; these are mathematical formulas that are easy to compute in one direction, but difficult in the other. For example, if f is a one-way function, then it would be easy to calculate f(x) for a given x; but given the value f(x), finding x (or any other value x’ with f(x) = f(x’)) is hard.
When applied to asymmetric systems, this means that it’s easy to encrypt a message but practically impossible to decrypt one without knowledge of the secret key.
Diffie and Hellman presented the first usable publicly known one-way function in 1976. Their function, which relied on the discrete logarithm problem, led to the Diffie–Hellman public-key exchange protocol that is still in use today. Surprisingly, it was later revealed that Ellis, Cocks, and Williamson discovered the same method while working for the British secret service years before.
“Diffie and Hellman presented the first usable publicly known one-way function in 1976.”
Subsequently, ElGamal showed how to build on the Diffie–Hellman key exchange to develop an asymmetric encryption system. A year after Diffie and Hellman’s work, Rivest, Shamir, and Adelman proposed a one-way function that became the basis for the RSA public-key encryption system, one of the most popular asymmetric encryption schemes in use today.
Mathematicians have explored other ideas for asymmetric encryption. Though some improvements have been made, many of the original ideas from the 70s are still in use.
From Elliptic Curves to Quantum Computing
One of the most influential modifications of the original Diffie–Hellman protocols came from Koblitz and Miller in the mid-80s, who showed how to use elliptic curves in asymmetric cryptography. These curves provide an algebraic structure that is sufficient to implement Diffie and Hellman’s solution, but with a lower data complexity than the original platform considered.
Interestingly, elliptic curves not only help to build efficient cryptosystems but are also of great use to the cryptanalyst. Lenstra showed in the mid-80s how the algebraic structure on these curves can be exploited to recover quite large factors from products of prime numbers, which helps to crack RSA encryption.
In the 90s, quantum computing prominently entered the cryptographic stage: Shor showed that a quantum computer can efficiently solve the discrete logarithm problem and can also efficiently decompose large integers into its prime factors.
“With a large-scale quantum computer, Shor’s algorithms could break many of the cryptographic systems in place today.”
Both problems fall into the category of the so-called Abelian hidden subgroup problem—a type of mathematical problem that is well-suited to quantum computing. With a large-scale quantum computer, Shor’s algorithms could break many of the cryptographic systems in place today. Luckily for anyone who ever uses the Internet, nobody has managed to build an effective quantum computer yet. However, once someone does, many of the most popular cryptosystems will be rendered insecure.
Finding efficient quantum-safe alternatives is an area of ongoing research called post-quantum cryptography. Shor’s algorithms proved successful against cryptosystems building on Abelian groups, a type of structure where the order of adding elements does not matter.
For this reason, one line of research in post-quantum cryptography aims to exploit the trickiness of problems relating to non-Abelian groups—structures where the order of adding elements does matter. Other approaches try to leverage problems related to lattices, a type of high-dimensional algebraic structure, or systems of nonlinear equations, where we lack efficient solution techniques. And a variation of elliptic curves called isogenies also looks promising. Right now, the best solution is far from clear.
Cryptographers have a lot to do in the coming years
It may well be that a current standardization effort by NIST leads to a number of promising candidates relying on different mathematical platforms.
However, one of the most promising candidates for asymmetric post-quantum encryption is a construction from McEliece which dates back to the 70s and is similar to the methods used by Diffie and Hellman and by Rivest, Shamir, and Adleman. Previously, issues around the public-key size required to make McEliece’s construction work were a concern, but with today’s technology and with quantum computing on the horizon, this has become less of a worry.
Lattices turn out to be not only of interest for quantum-safe cryptography, but they also enable fully homomorphic encryption—computation on encrypted data. However, to bring this potential to full fruition and commercial use, efficiency improvements are still needed. Cryptographers have a lot of work to do in the coming years.
Want to learn more about cryptography? Also see the book Group Theoretic Cryptography by Maria Isabel González Vasco and Rainer Steinwandt.
[Title Image by Kirbyphoto via gettyimages]