Skip to main content

What is cryptography?

Enigma machine
The field of cryptography has evolved dramatically since the days of Enigma machines, the infamous cipher-generators used by the Germans in WWII. (Image credit: Shutterstock)

Since ancient times, people have relied on cryptography, the art of writing and solving coded messages, to keep their secrets secure. In the fifth century, enciphered messages were inscribed on leather or paper and delivered by a human messenger. Today, ciphers help protect our digital data as it zips through the internet. Tomorrow, the field may make yet another leap; with quantum computers on the horizon, cryptographers are tapping the power of physics to produce the most secure ciphers to date.

Historic methods of secret-keeping

The word "cryptography" is derived from the Greek words "kryptos," meaning hidden, and "graphein," to write. Rather than physically hiding a message from enemy eyes, cryptography allows two parties to communicate in plain sight but in a language that their adversary cannot read.

To encrypt a message, the sender must manipulate the content using some systematic method, known as an algorithm. The original message, called plaintext, may be scrambled so its letters line up in an unintelligible order or each letter might be replaced with another. The resulting gibberish is known as a ciphertext, according to Crash Course Computer Science.

In Grecian times, the Spartan military encrypted messages using a device called a scytale, which consisted of a skinny strip of leather wound around a wooden staff, according to the Center for Cryptologic History. Unwound, the strip seemed to bear a string of random characters, but if wound around a staff of a certain size, the letters aligned into words. This letter-shuffling technique is known as a transposition cipher.

The Kama Sutra mentions an alternate algorithm, known as substitution, recommending that women learn the method to keep records of their liaisons concealed, The Atlantic reported. To use substitution, the sender swaps out each letter in a message for another; for instance, an "A" might become a "Z," and so on. To decrypt such a message, the sender and recipient need to agree on which letters will be swapped, just as Spartan soldiers needed to own the same size scytale.

The first cryptanalysts

The specific knowledge needed to revert a ciphertext into plaintext, known as the key, must be kept secret to ensure a message's security. To crack a cipher without its key takes great knowledge and skill.

The substitution cipher went uncracked through the first millennium A.D. — until the Arabian mathematician al-Kindi realized its weakness, according to Simon Singh, author of "The Code Book" (Random House, 2011). Noting that certain letters are used more frequently than others, al-Kindi was able to reverse substitutions by analyzing which letters cropped up most often in a ciphertext. Arabian scholars became the world's foremost cryptanalysts, forcing cryptographers to adapt their methods.

As methods of cryptography advanced, cryptanalysts stepped up to challenge them. Among the most famous skirmishes in this ongoing battle was the Allied effort to break the German Enigma machine during World War II. The Enigma machine encrypted messages using a substitution algorithm whose complex key changed daily; in turn, cryptanalyst Alan Turing developed a device called "the bombe" to track the Enigma's changing settings, according to the U.S. Central Intelligence Agency.

The sender of a secret message must come up with a systematic method of manipulating the context of the message, which only the recipient can decipher. The jumbled message is known as a ciphertext. (Image credit: Shutterstock)

Cryptography in the age of the internet

In the digital era, the goal of cryptography remains the same: to prevent information exchanged between two parties being swiped by an adversary. Computer scientists often refer to the two parties as "Alice and Bob," fictional entities first introduced in a 1978 article describing a digital encryption method. Alice and Bob are constantly bothered by a pesky eavesdropper named "Eve."

All sorts of applications employ encryption to keep our data secure, including credit card numbers, medical records and cryptocurrencies like Bitcoin. Blockchain, the technology behind Bitcoin, connects hundreds of thousands of computers via a distributed network and uses cryptography to protect the identity of each user and maintain a permanent log of their transactions.

The advent of computer networks introduced a new problem: if Alice and Bob are located on opposite sides of the globe, how do they share a secret key without Eve snagging it? Public key cryptography emerged as a solution, according to Khan Academy. The scheme takes advantage of one-way functions — math that is easy to perform but difficult to reverse without key pieces of information. Alice and Bob exchange their ciphertext and a public key under Eve's watchful gaze, but each keep a private key to themselves. By applying both private keys to the ciphertext, the pair reach a shared solution. Meanwhile, Eve struggles to decipher their sparse clues.

A widely used form of public key cryptography, called RSA encryption, taps into the tricky nature of prime factorization — finding two prime numbers that multiply together to give you a specific solution. Multiplying two prime numbers takes no time at all, but even the fastest computers on Earth can take hundreds of years to reverse the process. Alice selects two numbers upon which to build her encryption key, leaving Eve the futile task of digging up those digits the hard way.

Blockchain, the technology behind Bitcoin, connects hundreds of thousands of computers via a distributed network and uses cryptography to protect the identity and records of each user. (Image credit: Shutterstock)

Taking a quantum leap

In search of an unbreakable cipher, today's cryptographers are looking to quantum physics. Quantum physics describes the strange behavior of matter at incredibly small scales. Like Schrödinger's famous cat, subatomic particles exist in many states simultaneously. But when the box is opened, the particles snap into one observable state. In the 1970s and '80s, physicists began using this funky property to encrypt secret messages, a method now known as "quantum key distribution."

Just as keys can be encoded in bytes, physicists now encode keys in the properties of particles, usually photons. A nefarious eavesdropper must measure the particles to steal the key, but any attempt to do so alters the photons' behavior, alerting Alice and Bob to the security breach. This built-in alarm system makes quantum key distribution "provably secure," Wired reported.

Quantum keys can be exchanged over long distances through optic fibers, but an alternate route of distribution piqued the interest of physicists in the 1990s. Proposed by Artur Ekert, the technique allows two photons to communicate over vast distances thanks to a phenomenon called "quantum entanglement."

"[Entangled] quantum objects have this amazing property where if you separate them, even over hundreds of miles, they can kind of feel each other," said Ekert, now an Oxford professor and director of the Centre for Quantum Technologies at the National University of Singapore. Entangled particles behave as one unit, allowing Alice and Bob to craft a shared key by taking measurements on each end. If an eavesdropper attempts to intercept the key, the particles react and the measurements change.

Quantum cryptography is more than an abstract notion; in 2004, researchers transferred 3,000 euros into a bank account by way of entangled photons, Popular Science reported. In 2017, researchers shot two entangled photons to Earth from the satellite Micius, maintaining their connection over a record 747 miles (1,203 kilometers), according to New Scientist. Many companies are now locked in a race to develop quantum cryptography for commercial applications, with some success so far.

To guarantee the future of cybersecurity, they may also be in a race against the clock.

"If there is a quantum computer, existing cryptography systems, including those that underpin cryptocurrencies, will no longer be secure," Ekert told Live Science. "We don't know exactly when exactly they'll be built — we had better start doing something now."

Additional resources:

Nicoletta Lanese is a staff writer for Live Science covering health and medicine, along with an assortment of biology, animal, environment and climate stories. She holds degrees in neuroscience and dance from the University of Florida and a graduate certificate in science communication from the University of California, Santa Cruz. Her work has appeared in The Scientist Magazine, Science News, The San Jose Mercury News and Mongabay, among other outlets.