The Code Book

For Christmas my brother gave me a copy of The Code Book, by Simon Singh, and I’ve already finished it. The book was published 15 years ago, but that doesn’t really matter.

Cryptography and Cryptanalysis are about as old as any field of research, because humans have always had a need to keep secrets. Throughout most of history, war and politics have been the primary drivers of encryption capabilities and decryption techniques. Perhaps the most famous instance of each is the Enigma machine used by the Germans (and deciphered by the British) during World War II.

What made Enigma so hard to decipher is in some ways similar to what makes modern RSA encryption hard to break: technology makes it possible to create such an overwhelming number of possibilities to check that it becomes impossible for the cryptanalyst to do so using known or theoretically foreseeable tools.

In fact, Enigma was unbreakable if used properly. The German naval division used it properly and it was never cracked (though code books containing the keys were occasionally stolen).

Today, however, crytopgraphy and cryptanalysis are shaped by different forces: an enormous amount of our communication today happens online, or digitally, in some form or another. Which means the NSA, and no doubt similar agencies from most other major governments, are effectively third parties to all of it.

Even the de facto privacy available to all humans throughout almost all of history (walk over somewhere away from other people) is no longer enough to keep a conversation private.

Yet despite the Snowden leaks, and the free availability of encryption options like PGP, few of us seem to care enough to protect our conversations from prying eyes.

Maybe it’s because we’re just lazy and that sounds like a lot of effort to hide what amounts to frivolous conversation, or at most, some work deals that foreign governments can’t possibly care about*. Maybe it’s also because it’s hard enough to be heard among billions of people anyway; it’s a little bit flattering to think anyone is listening at all. After all, my tweets aren’t private. I’m trying to get people to read them.

I think The Code Book is essential reading for anyone who wants to have an informed opinion on privacy and the role of the government in modern society.

I’ll leave you with one other interesting tidbit from the book. Until the 1970s, if two people wanted to send messages privately, they would have to agree on something called a”key,” and share that secretly between each other. That’s because keys work two ways (much like in your home): they encipher the message, and they decipher the message. 

If anyone else has the key, then the messages are not secure because this third party can read them just the same as the recipient. Worse: if intercepted, messages could be altered entirely.

In the 1970s, someone (three someones) figured out a way to have a pair of different keys work together. One key encrypts the message, and the other key decrypts it — so now if two people want to exchange a secure message, they don’t need to worry about securely sharing a key first: just share the key for locking a message, and keep the one for opening it private.

These encrypted messages are secure because in order to decipher them you’d need a whole bunch of computers doing the kind of math used for Bitcoin mining, through the life of the universe.

This is the system that modern encryption uses, and it is considered unbreakable.

*Obviosuly, encryption is alive, well, and robust in organizations that handle business deals that foreign governments would care about.

Back to all writing.