How Digital Encryption Works

Brandishing your credit card in the middle of a Christmas shopping frenzy, surfing the Internet in your local Starbucks, or hiding your school photos so that your mum won't see the most delicate moments - what do all these things have in common? Right, they all have something to do with encryption. The 21st century is teeming with passwords and seething with encryption algorithms, and it is brimming over with ciphers pouring down on us from everywhere... And most of the time, we aren't even aware of it. How does encryption work? Which encryption tools can really help you? How long will the currently used encryption mechanisms last? These are good questions.

How does the encryption work?

I certainly don't want to initiate you into how the modern computer encryption works down to the smallest detail. Explaining immensely complex mathematical constructions applied for encryption purposes would be an infeasible task. I'll touch only the very general notions and ideas the encrypting specialists take advantage of.

Let's start with the key. Logically enough, if there's a cipher, there must also be a key you decode it with. The truth is, there can be more than one key.

Imagine a large chest for keeping money. This chest has got only one lock but two keyholes. Somebody puts the money into the chest, locks it, throws the key away and seals up the keyhole. The only way to get the cash out is now to open the lock with the second key. That's basically the idea behind the RSA-algorithm, the most secure encryption algorithm in the known Universe.

The only noteworthy difference between its principle and the imaginary chest with two keyholes is that the first key can merely 'lock' the chest, whereas the second can be used exclusively for 'unlocking' it. The lock key is publicly available in the RSA algorithm, i.e. everyone can lock the chest and send an encrypted message, while the unlock key is a private one and is known to the addressee only.

The two keys are actually big (VERY big) numbers, interconnected with each other by means of complex (VERY complex) math rules (more about it here).

The RSA creators: Ron Rivest, Adi Shamir, and Leonard Adleman at MIT

Since big numbers usually do no good to our computers, implementing the RSA in real interactions between computers can take a while. That is why the encryption makes use primarily of one-key algorithms, when the chest has only one keyhole. Obviously, using only one key, you will want to keep it secret from everyone. The security specialists didn't take much pain to develop the most sophisticated key-protection mechanism as they did already had one: the RSA. So that's how it came to be that these days the most common encryption procedure includes using one-key ciphers along with encrypting the key with the RSA.

How long will the current encryption last?

Not so long.

The problem is with the RSA. Without going too deep into its machinery, let us just state that the RSA keys, very big numbers, are both derived from an even bigger number, routinely having 309 digits. For the sake of simplicity, let us call it EBN (Extremely Big Number). The whole algorithm can be broken if you manage to factorize the EBN, i.e. find two primes that multiplied equal to that behemoth of a number. If you pull off this part, everything else will be a piece of cake: using the well-publicized RSA routines, you'll be able to find the cipher keys and thus decipher any text processed through them, including the key for other encryption protocols used in a system.

Thank goodness, the industry-used EBNs are so overwhelmingly big that factoring them is not practical for most of the hackers. On the other hand, even the theoretical feasibility of this task can have dramatic implications on the digital security. No-one would buy a car that can - purely theoretically - explode any moment or play poker with people who - theoretically - could be cardsharpers.

So far, the largest EBN factored was 1,061 bits long and contained 320 digits. This record was broken back in 2011, but the news about it wasn't met with much fanfare among the tech journalists. The reason is simple: the industry-used EBN length is 1024 bits or 309 digits. Just compare: 320 digits broken vs. 309 routinely used in the industry. Yessir, the digital security as we know it has already come to an end. No-one is secure anymore.

RSA: it's so easy!

First, don't even worry: factoring numbers that big requires so much computing power and time that you risk being hacked only if you are some high-profile fed official or a celebrity. Otherwise it would be just impractical to flush so many resources down the drain just to read something like, 'Howdy, Jim! Aunt Molly greets you!'

Second, the industry specialists are no fools as well and they realize that something needs to be done. Hopefully. It looks like they're left with two options. They can either increase the bit length of the EBNs used up to 2048 bits (it'll take several years before someone cracks it), or they can come up with a completely new two-key algorithm. Taking into account that the RSA has been around since 1977 and nobody has come forward with something new since then, the latter variant seems a bit... unlikely.

Ah, still the 2048-bit EBNs are big enough to keep the malicious hackers at bay for several years. Till then, you can stay calm and use the RSA.

Picture Credit: Carl Guderian

Do you feel digitally secure now?
Discussion

Comments

3 comments
You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <em> <i> <q cite=""> <s> <strike> <strong>

I just love the picture, if you zoom in you can see P=NP on the wall. Famous math and computer science problem that only a nerd like me would notice but it's there just the same.

Reply   |   Comment by  –  3 years ago  –  Was it helpful? yes | no (0)

I don't mind the idea of undermining the anonymity cult, the idea that since your identity is not all that secure you might as well go public on the Internet. What I do mind is some Chinese school kid nosing about in my financial records five years from now.

Reply   |   Comment by Jørgen Walters  –  4 years ago  –  Was it helpful? yes | no (0)

Remember, the only secure computer is the one that's turned off.

Reply   |   Comment by on_the_way_up  –  4 years ago  –  Was it helpful? yes | no (0)