The switchboard of the front of the Enigma cipher machine. Photo: wikimedia.org
Together with the Avtomatika Research and Production Concern of the Rostec State Corporation, it is taking part in the creation of Russia’s first Museum of Cryptography, which will open its doors to visitors next year.
As the creators note, the main task of the museum is to awaken visitors’ interest in science and modern technologies by talking about cryptography and related scientific and technical fields. For this purpose, Avtomatika has all the data. The concern has been specializing in cryptography issues since the 1940s. All this time, the country's best cryptographers and cryptographers worked here. But cryptography dates back more than one millennium and has found its confident place in modern realities - today it is impossible to imagine banking operations, instant messengers and applications, and mobile communications without encryption. Read about the past and future of encryption in our material.
Cipher for the sake of cipher
Cryptography is about 4000 years old. To realize the seriousness of the number, let us recall that Slavic writing (!) is only 1158 years old this year. It turns out that the need to hide information among some peoples appeared earlier than the need to record it among others. The most famous ancient encryption method, perhaps, can be recognized as the Caesar cipher - a mono-alphabetic cipher, where each letter was replaced by a letter of the same alphabet, but through three positions.
And one of the oldest encryption devices was the scytale - a rod of a certain diameter. A strip of parchment was wound around it in a spiral and the desired text was written along the axis. It could only be restored by a person with a “key” - a hulk of the same diameter and length.
Current
- Italian designers presented the concept of a yacht-airship
- More efficient and safe batteries for electric vehicles are created from rubber
- New data refutes the absolute randomness of mutations
Skitala
Cryptography, which now covers all areas of our lives, from communication in instant messengers to bank transfers, began with messages literally “to create an appearance.” The oldest message in which something was deliberately changed is the inscription on the tomb of Khnumhotep II (circa 1900 BC). Telling the story of his master's life, the author changed the style of some hieroglyphs to make his opus look more impressive. This cannot yet be called a cipher in the full sense of the word, but the history of documented cryptography begins here.
Photo published in: Kanawati N, Evans L, Beni Hassan: Volume I: The Tomb of Khnumhotep II (Australian Center for Egyptology: Reports 36, Aris and Phillips). Oxford, 2014. 13c
Multi-passport
A cryptographically strong hash function transforms the source text into one line so that it is impossible (or very difficult) to obtain the source text from this line. A hash function is used, for example, where you need to enter a password: the phrase in the input line is compared not with the password itself, but with its hash function.
You can check whether information was distorted during transmission over an encrypted channel using an electronic digital signature. In this case, Alice encrypts the text with her private key and sends it to Bob along with the plaintext. If Bob decrypts the ciphertext with Alice's public key and it matches the unciphertext, then everything is fine. In practice, the hash function of the document is usually encrypted with the private key. But what if an attacker passes off his public key as Alice's public key? To stop him, the electronic signature, among other things, contains a so-called public key certificate issued by a trusted certification authority (CA, certification authority), which has data on all public keys and their users. The certificate, in turn, must also be signed. It is important that the public key of the trusted center must be known in advance, otherwise it can also be forged.
Gibberish: nonsense with meaning
Let's move from ancient overseas civilizations to Ancient Rus'. Shortly before its collapse in the 12th century, secret writers appeared. They made sure that important texts looked meaningless at first glance, and that only those who knew the key (the character replacement system) could read them.
ABC book. 1613 Q.XVI.21, fol. 21 rev. Posted on the RNL website The miniature depicts Maxim the Greek. Under the picture there is an entry in simple litorea (“gibberish”): “Ratlir Chmet”, which means “Maxim the Greek.”
For example, the monk Luke used “secret writing of modified styles,” in which he used inverted, truncated or deformed letters, which made it difficult for the uninitiated to read the texts. Metropolitan Cyprian developed a more universal system of secret writing - litorea, or gibberish writing, which later received the colloquial name "gibberish". In its simplest version, consonant letters were written in two rows and the letters above each other were replaced. In a more complex version, the wise litorea, substitutions were used for all letters, which were made each time according to new rules (today we would say that a monoalphabetic cipher with a one-time key was used). As you can see, the term “gibberish” hides a deeper meaning than just “incomprehensible language.”
Renaissance
The 1400s to 1700s contributed much more to cryptography than the Middle Ages. During the Renaissance, people focused on inventing ciphers rather than encryption tools. Although it was this tool that gave rise to a new period in cryptography.
Alberti's disk, 1466. The encryption disk of the Italian scientist Leon Alberti consisted of two parts: the outer one, which could not move, and the inner one, which did move. The disks were divided into 24 cells, they had different symbols in different sequences. To encrypt, you had to rotate the internal disk every few words. With each turn, a new combination was formed - in their book “Fundamentals of Modern Cryptography,” historians S. Barichev, V. Goncharov and R. Serov say that Alberti was the first to put forward the idea of double encryption.
Schematic representation of the Alberti encryption disk. To open the code, the recipient needed an internal disk with the corresponding alphabet. It is believed that Alberti used the disk to discover polyalphabetic substitution ciphers
Technique for repositioning the Porte, 1563. We can say that the Italian physician and philosopher Giovanni Battista della Porta modified Alberti's invention and came up with the method of keywords. His technique can be presented in table format. Of the two words, one is needed to rearrange the alphabet, the other is needed to define a specific alphabet. This technique is also considered double encryption.
One of Giovanni Porta's tables. The technique allows you to replace any plaintext character with a cipher letter in eleven different ways
Vigenère cipher, 1586. Historians call the French diplomat and alchemist Blaise de Vigenère the most famous cryptographer of the 16th century. Vigenère invented an absolutely strong cipher. It can be thought of as a sequence of several Caesar ciphers with different shift values. To encrypt, you need a table of alphabets.
Vigenère table for the Russian alphabet. The table contains rows of 33 letters, and each subsequent row is shifted by several positions. It turns out that in such a Vigenere table there are 33 different Caesar ciphers
An example of encryption using a Vigenère table. The key “Caesar” is selected for the source word “Vigenère”. The key is shorter than the original word, so it must be repeated until the number of letters is equal - “CaesarCaesar...” - in the example, just add “C”. The word is encrypted according to the principle: the letter of the key is a row in the table, the letter of the original word is a column. The cipher letter is located at their intersection / ©Press service of Rostec
The great Rossignol cipher. French cryptographer Antoine Rossignol and his son Bonaventure invented a cipher that used 587 different numbers, most of which represented syllables.
“It was a very strong cipher that could not be broken for centuries. Some numbers in the cipher are traps that do not replace anything. Traps were needed to combat frequency analysis,” says Evgeniy Zhdanov.
One of the nomenclatures for deciphering the great Rossignol cipher. The cipher was cracked by an expert in the encryption department of the French army, Etienne Bazerie. Baseri noticed the frequently repeated sequence of numbers 124-22-125-46-345 and suggested that it meant "les-en-ne-mi-s" or "les ennemis" (enemies). Based on this information, he was able to unravel the entire cipher / ©Wikipedia.
During the Renaissance, polyalphabetic substitution ciphers were discovered and the double encryption method was used for the first time. Cryptographers spent centuries pondering the solution to some of the ciphers of that time. Many of these ciphers became the basis for new methods in the future.
The mystery of discoveries
The mid-17th century was marked by the scientific revolution and the beginning of the Enlightenment. Mathematics and philosophy gave natural scientists a new methodology in which the first principles of the scientific method were formulated. Thanks to him, discoveries are no longer a matter of chance. They began to appear regularly - as a result of planned observations, careful measurements and experimental testing of hypotheses.
However, there were also false discoveries that did not withstand further testing. Researchers who rushed to make a loud statement found themselves in an awkward situation, but they could not hesitate. Otherwise, others could have announced the discovery earlier - independently or by looking at other people's records.
Therefore, a tradition has emerged among scientists to keep their records and publish ambiguous results in encrypted form. If a discovery turned out to be false, no one could read it. If the verification was successful, the key was then published, and the decrypted phrase confirmed the status of the discoverer.
Most often, European scientists used anagrams - another version of the substitution cipher. Unlike gibberish, an anagram was made by rearranging letters from one phrase, rather than the entire alphabet. To decipher, it was necessary to go through all the options that gave a meaningful text of the same length, with the same letters and with the same frequency of their occurrence. This manual search took years, so the method was considered reliable.
For example, Galileo Galilei encrypted the Latin phrase “Altissimum planetam tergeminum observavi” (“Observed the highest triple planet”) with the following anagram: “Smaismrmielmepoetaleumibuvnenugttaviras.” This is how he secured his bid for the discovery of Saturn’s two largest moons.
A little later, the Dutch astronomer and mechanic Christiaan Huygens was the first to see the ring of Saturn thanks to the improved characteristics of the telescope he modified, but he doubted the correctness of the interpretation of his observations. In a modest booklet “De Saturni luna observatio nova” he published an encrypted message: “aaaaaaacccccdeeeeeghiiiiiiillllmmnnnnnnnnnooooppqrrstttttuuuuu.” Three years later, Huygens was finally convinced of the existence of the ring and printed the key to the anagram. The decoding read: “Surrounded by a ring, thin, flat, not adjacent anywhere, inclined to the ecliptic” (Annulo cingitur, tenui, plano, nusquam cohaerente, ad eclipticam inclinato). It confirmed Huygens’ priority in the discovery of Saturn’s ring (more precisely, a system of rings, as we know from modern astronomy).
Responsible for the fate of the world
The relevance of cryptography increased dramatically after the invention of radio. It was actively used for military communications, but the threat of interception of messages forced the invention of increasingly complex ways to encrypt them. During the wars of the 20th century, battles took place not only on the battlefield - cryptanalysts also fought on the invisible front, trying to decipher intercepted radiograms and learn in advance about the enemy’s upcoming actions.
Patch panel at the front of the Enigma
There was a downside to this: if the enemy command saw that its plans were revealed, it changed the key or even the entire encryption system. No one knew in advance how long it would take to break the new cipher and whether it would take place at all. Therefore, sometimes it was necessary to feign ignorance and even make sacrifices so that the enemy would continue to use the compromised cipher. Many are convinced that Churchill sacrificed the English Coventry - he allowed the city to be shelled so that the Germans would not realize that the secret of their legendary Enigma (one of the most famous encryption machines of the Second World War) had already been revealed. This was probably a big tactical concession to preserve a winning strategy.
Two keys are better than one
In the late 1970s and early 1980s, public interest in cryptography grew so much that government agencies became concerned that strong encryption techniques might fall into the hands of terrorists and criminals and attempted to suppress civilian (or open) cryptography. However, a series of measures and laws taken were not successful. Thus, the RSA cryptosystem, developed by Rivest ®, Shamir (S) and Adleman (A) in 1977, despite the initial obstacles of the NSA, is now used almost everywhere. It has an interesting cryptographic property that can be understood by first getting acquainted with the so-called symmetric encryption systems. In symmetric cryptography, the same key is used for encryption and decryption. These simple algorithms were ideologically described back in the 50s, but they all have one big drawback. Let's imagine that Bob and Alice communicate at school using a code. Then, to create a secret communication channel, they first need to find a secure channel to transmit the key, such as a hollow tree in a park. The question arises, why don't they just put notes there then? This symmetric encryption problem is called the key distribution problem.
RSA is considered the first real system to use public key encryption, or asymmetric encryption. In this case, Bob has two keys, one private key, and the other distributed over a public channel and even written on Bob's business card (public key). Then anyone can encrypt a message for Bob using the public key, but only Bob can decrypt it, because he does not show the private key to anyone. For clarity, consider the following example: let there be 264 names in the phone book. To encrypt text, take each letter of the text one by one, select any surname starting with this letter and write down the number. Theoretically, anyone who has such a book can decipher such a message, but to do this he will have to leaf through the entire book, with a 20-digit number of surnames. The legal user to whom this message is sent has a private key - the same book, but sorted not in alphabetical order, but by number.
This example shows that no cryptographic system is perfectly secure - you can always take and sort a phone book by number. But it will take a very, very long time. With modern algorithms, public key cryptosystems are cracked in a time greater than the lifetime of the Universe, but theoretically this is possible.
Let them teach me
If you already dream of becoming a cryptographer, this section is for you. You can become a military cryptographer in the army, but as a civilian specialty, “cryptography” is listed only at the FSB Academy. However, certain areas of cryptography are studied in many universities in the departments of mathematics and departments of information technology. Online distance learning has also gained popularity in recent years, with some educational platforms offering free courses on the practical aspects of cryptography. For example, edX has a free online course “Cryptographic methods of information security” in Russian. We also recommend looking for cryptography courses on Coursera and Stepik.
Modern cryptography is far from the riddle ciphers romanticized in detective stories. Get ready for all types of higher mathematics, multi-story formulas and analytical problems that require a special mindset to solve them.
Not just for techies
However, it is also a mistake to think that cryptography is the domain of mathematicians exclusively. You may be surprised, but until the 20s of the 20th century, the cipher profession was considered the privilege of philologists and translators, that is, humanists. And only the Polish Cipher Bureau was the first to teach this art to mathematicians (by the way, it was they who were later able to solve the Enigma code). Among the “lyricists” who were interested in cryptography is Lewis Carroll, who invented nycgraphy - a way to write words in the dark. Alexander Sergeevich Griboyedov, being a diplomat, in letters to his wife in encrypted form transmitted information from Persia to the Russian government. And there are a lot of literary works with cryptographic riddles. In Arthur Conan Doyle's The Dancing Men, Sherlock Holmes encounters a code that at first glance resembles a child's drawing.
However, for some reason one letter with them scared the wife of our detective’s client to death. Dan Brown's The Da Vinci Code also begins with a cipher - an anagram on the body of a museum curator, the solution to which provides clues for the investigation. Even in Leo Tolstoy’s novel “Anna Karenina” we see how Konstantin Levin and Kitty Shcherbatskaya communicate in encrypted messages: “He quickly erased what he had written, handed her the chalk and stood up. She wrote: t, i, n, m, i, o. He suddenly beamed: he understood. This meant: “Then I could not answer otherwise.”
O wondrous secret world
The new reality is that not only intelligence reports are valuable, but also our personal data: records in our passports and smartphones, on bank cards and official passes. In short, everything that allows you to confirm your identity and allows attackers to impersonate you in electronic services.
Today, each of us uses the achievements of cryptography, even if we do not strive for it. A smartphone authorizes its owner, a chip on a bank card unlocks access to it using a PIN code, instant messengers use end-to-end encryption of correspondence, and websites use a secure connection. For example, the Telegram messenger suggests that you make sure that your communication with someone is encrypted. When you make a call, four emoji are displayed in the call window - the same emoji appear on the screen of your interlocutor (that is, you have one connection with only two participants). If the emoticons are different, it means that someone else is participating in your conversation.
Big Data is watching
For those concerned about privacy, online behavior is processed by computer for the sole purpose of selling you to an advertiser. In the modern world, the Internet knows everything about you - gender, age, hobbies, profession, even if you didn’t tell it. Big Data allows you to analyze your behavior and send information about you to all possible advertisers even before you see a bunch of banners on the site. This data is expensive, and it is collected not only to snitch, but to sell. Banner cutters or, for example, Tor, which erases the user’s identity on the network, can save you from such a violation of privacy. And instant messengers like Telegram or Whats Up work on the user’s trust in the application provider that he will not use access to private data.
Cryptography with a human face: Alice, Bob and other characters
If you are reading a touching story about how Alice gives Bob a message, and the mischievous Chuck brazenly intrudes on their correspondence, then what you are most likely not reading is an adaptation of the plot of Romeo and Juliet, but an explanation of how network protocols work. With the light hand of cryptographer Ron Rivest, this description of the scheme for protecting transmitted data and possible attacks began to be used in the late 70s and remains popular to this day.
Alice (A) and Bob (B) are the main characters who exchange some information (these are not necessarily living people - they can also be computers). Chuck (C) is the third wheel who is up to no good and gets into Alice’s correspondence with Bob. There are actually many more heroes in the “cryptographic play”. There is a password cracker, Craig, a lover of eavesdropping on other people's conversations, Eva (from the English eavesdropper - “eavesdropper”), a gossip and intriguer Mallory (from malicious - “malicious”), who, unlike the relatively harmless Eva, can change messages, reproduce old and generally harm more actively. As cryptography developed, the schemes became more complex, and new heroes appeared in their descriptions: the honest postman Victor (from the English verifier - “verifier”), confirming the fact of transmission of messages, the notary Trent, certifying their authenticity, etc. In a word, passions for information the stage is no less boiling than the theater stage.
Green padlock
When you request pages from services such as VKontakte, Google, Odnoklassniki, Facebook and many others, the address in the browser bar begins with https://, and next to it there is a green padlock. What does it mean? HTTPS differs from HTTP in that data is transferred using the cryptographic protocols SSL and TLS. This means that when you go to VKontakte, all the information you exchange with your interlocutor is encrypted. The second important feature of the protocol is that it tries to ensure that this is actually the site you wanted to go to. If you sent a request and established a connection with the legal VKontakte, then you will receive a public key certificate that contains all the encryption parameters between you and the server. The public key certificate must be signed by a trusted authority (CA), and the trusted authority certificate, in turn, must be signed by a root CA. This creates a chain of certificates, or a chain of trust. All members of the chain must be honest, and the root must have a widely known public key. There are few such root centers, and all their public keys are hardcoded into the browser. For the browser to display the green padlock, the end of the certificate chain must include a certificate from a root authority known to the browser. To spoof VKontakte or Odnoklassniki, an attacker will have to forge the digital signature of the root trusted center. It is almost impossible to forge a digital signature, because to do this you need to know the private key of the root trusted center. Therefore, an HTTPS connection protects against computer attacks. But this is in theory, but what about in practice?
Chain of trust using SSL certificates as an example
Password evolution
One of the first mentions of the use of passwords dates back to Ancient Rome. Every night the military tribune wrote a new word on a tablet, which was communicated only to those whom the guard service should allow through. The disadvantage of such a system was the chance of overhearing the password or even guessing it. Given the limited vocabulary of the time, this chance is estimated to be approximately 1:1000, or 1:500 if the guard gives a second try.
Today's passwords come in the form of trillions of combinations, which can take years to sort through. But why then are we asked to come up with more complicated ones? But because simple passwords are quickly sorted through a “dictionary” - a text file that contains nouns and data you open: birthdays, children’s names, pet names... So yes, at least eight characters, at least one of which is a capital letter , at least one is a number and then goes through the list of requirements for strong passwords. Each organization has its own, and general recommendations for creating passwords can be read here. According to various estimates, the minimum secure length is indicated as 8, 10 or 12 characters, but you shouldn’t go overboard with it either: you may simply not remember passwords that are too long - you will have to write them down somewhere, which will reduce the reliability of password protection.
Fortunately, software password managers have long existed (the most popular is the open and free KeePass), as well as flash drives with hardware encryption (for example, Kingston IronKey). They will save thousands of passwords in their memory and even substitute them into the required form, and you will only have to remember one master password. Without it, you won't be able to read saved passwords.
For rarely used Internet resources, saving a password is not required at all. It is much faster to reset it on your next visit through the recovery form than to remember and try different options.
Declassified / Cryptography Museums
There are not many cryptography museums in the world: the most famous are the National Cryptography Museum in the USA and Bletchley Park in England. And this is not surprising: cryptography is one of the most secret areas of knowledge. But now the secret will be made clear in Moscow. Russia's first public Museum of Cryptography is planned to open in the capital in 2022, and everyone will be able to learn about the thousand-year history of encryption. Guests will see a unique collection of encryption equipment and means of information transmission, archival documents, books and photographs. It is here that you will be able to trace the entire history of cryptography with your own eyes: from symbols that were endowed with magical meaning to modern encryption technologies.
“Quantum physics gives hope that there is no fate”
Our quantum future
What will happen in 2022?
You need to understand that 30% of traffic is transmitted over an encrypted channel - this includes all messages, pictures, and so on. The remaining 70% may be video, since it is expensive to encrypt. In 2022, laws will come into force, among which there is a clause according to which telecom operators must provide all user traffic in decrypted form. But it is not written there how to do this, and now they do not have the technical ability to do this. The only thing that is similar to how it happens in Kazakhstan. Namely, between you and all services - Google, Facebook, Yandex, VKontakte, Odnoklassniki, My Circle, Flickr, mipt.ru and so on - operators insert their own server, which will impersonate them from a protocol point of view. At the same time, they say: “To use the Internet, you need to install a new trusted certificate for yourself, this is necessary for your own safety” (although in fact, so that the operator can read your correspondence). Only in this case will the operator have access to all transmitted messages. Most likely, this will happen in 2022. Next, either VPN (Virtual Private Network) will be banned, or it will be like in China, where Twitter is banned and most people are protected from information.
Cracking codes is also a science, it is called cryptanalysis. Cryptology combines the science of encryption and decryption. In addition to information, you can hide the very fact of transmitting information. This is if, for example, you shave a person bald, put a tattoo on his head and, when the hair grows back, send it to the recipient of an encrypted message. A well-known way to disguise an encrypted message as an innocent letter is the Cardano grid. Modern methods allow you to leave encrypted messages in images, music, and videos.
Don't miss the next lecture:
