We all have the right to privacy... Whether on a personal or professional level, it is nonetheless reassuring to know that not just anyone can access certain documents we have created or shared. And the science that ensures this protection is cryptography.
The origins of cryptography
Cryptography involves mathematically encoding a text to transform it from a readable form to an unintelligible form – known as an “encrypted” text.
Cryptography techniques are far from new. They have their origins in the exchange of sensitive information among military and political figures or in commerce. As early as the 1st century B.C., Julius Caesar attempted to make his messages indecipherable by shifting each letter three positions in the alphabet.
While each era has seen cryptography methods become more refined, a major milestone was reached in 1943 when, under the impetus of mathematician Alan Turing, a computer developed at Bletchley Park under the direction of the British government was dedicated to this task. Thanks to their computing power, computers are capable of creating extraordinarily complex obfuscation.
Initially reserved for the military domain, cryptographic tools have become a sine qua non condition for e-commerce and many other internet-related activities. They are used in the HTTPS protocol that secures websites, financial transactions involving currencies like bitcoin, voice communications, etc.
The principles of encryption
An encryption algorithm converts a plain message into an encrypted (scrambled) text. It relies on advanced mathematics and the use of one or more keys (the equivalent of secret digital signatures, very long sequences of prime numbers).
When encrypting a particular content, the key is used to transform the data according to a specific algorithm to hide certain content from prying eyes. The higher the number of bits in the encryption key, the more difficult the message will be to decipher.
Once the message is received, it is decrypted by the recipient and reconverted into a readable form. In both cases – sending and receiving – encryption and decryption are performed using secret “keys”.
However, several types of approaches are employed, mainly the symmetric and asymmetric modes.
Symmetric encryption
Symmetric encryption involves encrypting and decrypting content with a single secret key known only to the parties involved. One of the most popular encryptions in this field, especially in the industrial world, is the AES standard, which supports 128, 192, or 256-bit keys. It is often combined with the Galois/Counter Mode (GCM) and thus known as AES-GCM. Although its security is verified, the only issue is that this type of encryption requires all parties involved in a particular message or document to have access to the same shared key.
Asymmetric encryption, private and public keys
Asymmetric encryption is more sophisticated. In this context, it is necessary first for each recipient to have a private key unique to them, which is an ultra-complex string of numbers that must remain secret at all costs. This encryption scheme uses a second key – the public key – to encrypt the data, this key being mathematically derived from the private key.
The public key is used to encrypt the message but also to identify its author. The signature thus generated is attached to the document and sent to the recipient, who is also identified by another public key. However, the recipient will need to use their private key to decrypt the message. Anyone attempting to decrypt the message would not be able to do so because they do not have access to this private key. Asymmetric encryption thus avoids both people involved from having to share the same secret key.
To summarize
With asymmetric encryption, each user has two keys:
- A private key, which must be kept secret.
- A public key derived from the private key and which can be visible to all.
- The public key is mathematically derived from the private key. However, the reverse process is virtually impossible. In other words, finding the private key from the public key would require tests of an immeasurable duration.
A commonly used algorithm is the Rivest-Shamir-Adleman (RSA) function with the probabilistic signature scheme (RSA-PSS) and the Digital Signature Algorithm (DSA).
Post-quantum cryptography
As long as a person’s private key is not disclosed, data and message encryption is inviolable. And so far, this mechanism has more than proven itself.
One question remains: quantum computers seem poised to solve mathematical problems unsolvable by classical computers and could, in the future, decrypt documents encrypted with asymmetric algorithms such as RSA. This means that sooner or later, we will need to develop new encryption algorithms far more advanced than those we use today…
