Cryptography Guide

Appearance

Modern Cryptography: The Digital Revolution (1945-1990)

The end of World War II didn't just mark the beginning of a new political era – it launched cryptography into the space age. This was when secret communication evolved from mechanical contraptions into the digital systems that would eventually protect everything from your bank account to your text messages. Buckle up, because this period saw more cryptographic innovation than the previous 2,000 years combined.

The Computer Changes Everything

From Mechanical to Electronic

The war had shown that mechanical cipher machines, no matter how sophisticated, had fundamental limitations. The future belonged to electronic computers, and cryptographers were among the first to realize it.

Why computers were game-changers:

  • Speed: Could process thousands of calculations per second
  • Complexity: Enabled mathematical operations impossible by hand
  • Flexibility: Software could be updated without rebuilding hardware
  • Scale: Could handle the growing volume of global communications

The transition wasn't immediate: Early computers were room-sized, expensive, and available only to governments and large corporations. But the writing was on the wall – or rather, on the punch cards.

The Birth of Computer Security

As computers became more common, a new problem emerged: how do you secure information stored and processed electronically? This wasn't just about encrypting messages anymore – it was about protecting entire systems.

New security challenges:

  • Data storage: How to protect information sitting on magnetic tapes and disks
  • Access control: Who should be allowed to use these expensive machines?
  • Network security: Early computer networks needed protection
  • Software integrity: How to ensure programs hadn't been tampered with

The DES Era: Standardizing Cryptography

When the Government Got Involved

In 1973, the U.S. National Bureau of Standards (now NIST) did something unprecedented: they asked for public submissions for a standard encryption algorithm. This was the first time a government had openly solicited cryptographic designs from the public.

Why this mattered:

  • Transparency: Instead of secret government algorithms, this would be public
  • Standardization: Everyone could use the same, tested algorithm
  • Commercial adoption: Businesses could finally get strong encryption
  • Academic involvement: Universities could study and improve cryptography

Enter IBM and Lucifer

IBM submitted their "Lucifer" algorithm, which became the foundation for what we now know as DES (Data Encryption Standard). But the path from Lucifer to DES was controversial.

The changes that sparked debate:

  • Key size reduced: From 128 bits to 56 bits
  • S-boxes modified: The substitution boxes were changed by the NSA
  • Classified design criteria: The reasons for changes weren't explained

The controversy:

  • Was the NSA weakening it? Some suspected backdoors
  • Was 56-bit key length enough? Critics worried about brute force attacks
  • Why the secrecy? The lack of explanation fueled suspicion

The reality (discovered later):

  • The NSA actually strengthened DES against differential cryptanalysis
  • They knew about this attack method years before academics discovered it
  • The 56-bit key was a compromise between security and export restrictions

DES in Practice

Despite the controversies, DES became hugely successful:

  • Banking industry: Protected ATM transactions and electronic funds transfers
  • Government use: Secured non-classified but sensitive information
  • Commercial adoption: Enabled secure business communications
  • Academic study: Became the foundation for modern cryptanalysis research

The Public Key Revolution

The Problem That Seemed Impossible

By the 1970s, cryptography had a fundamental problem: key distribution. How do you securely share secret keys with someone you've never met? This was becoming critical as computer networks grew.

Traditional solutions were inadequate:

  • Courier delivery: Too slow and expensive for global networks
  • Pre-shared keys: Impossible to scale to millions of users
  • Key distribution centers: Created single points of failure
  • Physical meetings: Not practical for digital communications

Diffie and Hellman: The Breakthrough

In 1976, two Stanford researchers, Whitfield Diffie and Martin Hellman, published a paper that changed everything: "New Directions in Cryptography." They proposed something that seemed mathematically impossible: a way for two people to agree on a secret key over a public channel.

The revolutionary idea:

  • Each person has two keys: one public, one private
  • You can encrypt with someone's public key
  • Only their private key can decrypt it
  • No need to share secret keys in advance!

The analogy that makes it click: Imagine a mailbox where anyone can drop letters in (public key), but only the owner has the key to open it (private key). You can send secure messages without ever meeting the recipient.

The Math Behind the Magic

The Diffie-Hellman key exchange relies on a beautiful mathematical property: some operations are easy to do but hard to reverse.

The one-way function:

  • Easy: Calculate g^x mod p (where g, x, and p are large numbers)
  • Hard: Given g^x mod p, figure out what x was
  • This is called the "discrete logarithm problem"

How key exchange works:

  1. Alice picks a secret number (a) and calculates g^a mod p
  2. Bob picks a secret number (b) and calculates g^b mod p
  3. They exchange these public values
  4. Alice calculates (g^b)^a mod p = g^(ab) mod p
  5. Bob calculates (g^a)^b mod p = g^(ab) mod p
  6. They both have the same secret key: g^(ab) mod p

Even if someone intercepts both public values, they can't calculate the shared secret without solving the discrete logarithm problem.

RSA: Making Public Key Practical

The MIT Trio

A year after Diffie and Hellman's paper, three MIT researchers – Ron Rivest, Adi Shamir, and Leonard Adleman – created the first practical public key cryptosystem. They called it RSA (using their initials).

What made RSA special:

  • Actually implementable: Diffie-Hellman showed it was possible, RSA showed how to do it
  • Based on factoring: Used the difficulty of factoring large numbers
  • Bidirectional: Could encrypt and create digital signatures
  • Mathematically elegant: Beautiful in its simplicity

How RSA Works

RSA is based on a simple mathematical fact: it's easy to multiply two large prime numbers, but very hard to factor the result back into those primes.

Key generation:

  1. Pick two large prime numbers (p and q)
  2. Multiply them: n = p × q
  3. Calculate φ(n) = (p-1)(q-1)
  4. Choose e (usually 65537)
  5. Calculate d such that e × d ≡ 1 (mod φ(n))
  6. Public key: (n, e), Private key: (n, d)

Encryption/Decryption:

  • Encrypt: c = m^e mod n
  • Decrypt: m = c^d mod n

The security: To break RSA, you need to factor n back into p and q. For large enough numbers (2048+ bits today), this is computationally infeasible with current technology.

The Crypto Wars Begin

Export Controls and the Clipper Chip

As cryptography became more powerful, governments got nervous. Strong encryption could protect criminals and terrorists, they argued. This led to the first "Crypto Wars."

Export restrictions:

  • Strong cryptography was classified as "munitions"
  • Exporting crypto software required government approval
  • Academic researchers faced legal challenges
  • Software had to be weakened for international markets

The Clipper Chip controversy (1993):

  • Government proposed a standard encryption chip
  • Would have a "backdoor" for law enforcement
  • Public outcry from privacy advocates
  • Eventually abandoned due to technical and political problems

PGP and Phil Zimmermann

In 1991, Phil Zimmermann released Pretty Good Privacy (PGP), bringing strong encryption to ordinary people. This created a legal firestorm.

What PGP did:

  • Made RSA encryption available to everyone
  • Included digital signatures and key management
  • Was easy enough for non-experts to use
  • Spread globally via the internet

The legal battle:

  • Zimmermann faced criminal investigation for "exporting" cryptography
  • The case dragged on for years
  • Eventually dropped, but established important precedents
  • Showed that cryptography was becoming a civil rights issue

Building the Internet's Security Foundation

SSL/TLS: Securing the Web

As the World Wide Web exploded in the 1990s, Netscape developed SSL (Secure Sockets Layer) to protect online transactions. This became the foundation for secure internet communications.

SSL's innovations:

  • Combined symmetric and asymmetric cryptography
  • Provided authentication, encryption, and integrity
  • Was transparent to users (just look for the lock icon)
  • Enabled e-commerce and online banking

How SSL works:

  1. Handshake: Client and server agree on encryption methods
  2. Authentication: Server proves its identity with a certificate
  3. Key exchange: They establish a shared secret key
  4. Secure communication: All data is encrypted with the shared key

The Certificate Authority System

SSL introduced the concept of Certificate Authorities (CAs) – trusted third parties that verify identities and issue digital certificates.

The trust model:

  • CAs verify that example.com really belongs to Example Corp
  • They issue a certificate binding the domain to a public key
  • Browsers trust a list of root CAs
  • This creates a "web of trust" for the entire internet

Problems with the CA system:

  • Single points of failure
  • Governments can compel CAs to issue fake certificates
  • Certificate validation is complex and error-prone
  • Users don't understand the trust model

The Academic Revolution

Cryptography Becomes a Science

The 1970s and 1980s saw cryptography transform from an art practiced by government agencies into a rigorous academic discipline.

Key developments:

  • Formal security definitions: What does "secure" actually mean?
  • Provable security: Proving that breaking a cipher is as hard as solving a known difficult problem
  • Cryptanalytic techniques: Systematic methods for breaking ciphers
  • Complexity theory: Understanding the mathematical foundations of cryptographic security

New Attack Methods

Academic researchers developed sophisticated new ways to break ciphers:

Differential cryptanalysis:

  • Analyzes how differences in plaintext affect ciphertext
  • Devastatingly effective against many ciphers
  • Led to better cipher design principles

Linear cryptanalysis:

  • Uses linear approximations to find key bits
  • Complemented differential cryptanalysis
  • Required new defensive techniques

Side-channel attacks:

  • Exploited physical properties like power consumption or timing
  • Showed that implementation matters as much as algorithm design
  • Led to new fields like "physical cryptography"

The Human Side of the Revolution

The Cypherpunks

In the 1990s, a group of cryptographers, programmers, and privacy advocates formed the "cypherpunks" movement. Their motto: "Privacy through cryptography."

Key figures:

  • Eric Hughes: Wrote "A Cypherpunk's Manifesto"
  • Tim May: Advocated for "crypto-anarchy"
  • John Gilmore: Co-founded the Electronic Frontier Foundation
  • Phil Zimmermann: Created PGP

Their vision:

  • Strong cryptography should be available to everyone
  • Privacy is a fundamental human right
  • Technology can protect individual freedom
  • Governments shouldn't control cryptographic tools

The Academic-Government Tension

The modern era saw ongoing tension between academic researchers and government agencies:

Academic perspective:

  • Open research leads to better security
  • Peer review catches flaws and weaknesses
  • Public algorithms can be trusted
  • Knowledge should be freely shared

Government perspective:

  • Some research could help adversaries
  • National security requires some secrecy
  • Export controls protect strategic advantages
  • Academic researchers don't understand operational needs

Legacy: The Foundation of Digital Security

What the Modern Era Gave Us

The period from 1945-1990 established the foundations of digital security:

Technical achievements:

  • Public key cryptography: Solved the key distribution problem
  • Standard algorithms: DES provided a common, tested cipher
  • Digital signatures: Enabled authentication in digital systems
  • Cryptographic protocols: SSL/TLS secured internet communications

Institutional developments:

  • Academic cryptography: Transformed crypto from art to science
  • Standards organizations: NIST and others provided neutral venues
  • Legal frameworks: Court cases established cryptography as protected speech
  • Commercial cryptography: Strong encryption became available to businesses

Cultural impact:

  • Privacy awareness: People began understanding digital privacy issues
  • Cypherpunk movement: Established cryptography as a civil rights tool
  • Technical literacy: More people understood how digital security works
  • Global perspective: Cryptography became an international concern

The Bridge to Contemporary Cryptography

By 1990, the stage was set for the internet age. The fundamental tools were in place:

  • Public key cryptography for key exchange and authentication
  • Symmetric ciphers for bulk encryption
  • Hash functions for integrity checking
  • Digital signatures for non-repudiation
  • Cryptographic protocols for secure communication

What remained was to scale these tools to protect billions of users, trillions of transactions, and the entire global digital infrastructure. That's the story of contemporary cryptography – and it's still being written today.

The modern era proved that cryptography wasn't just for spies and generals anymore. It was becoming the invisible foundation that would make the digital age possible, protecting everything from love letters to financial transactions to the very infrastructure of modern society.

Released under the MIT License.

Copyright © 2024-present Cryptography101