Encryption 12-29-2022

The History of Cryptography

DigiCert
History of Cryptography Blog Hero

Cryptography allows us to interact in the digital world securely by protecting and sending “messages” to the intended recipient through use of algorithms and keys. Digital signing, data privacy, online transactions and more rely on this encryption. It allows us to authenticate people and devices so that we can maintain digital trust.

So how did it all begin?

The word cryptography comes from the Greek words kryptos, meaning hidden, and graphien, meaning to write. This “hidden writing” has been advancing for thousands of years.

What pushes cryptography along, though, is the very thing that brings it down. The more advanced people become at deciphering encrypted messages, the more necessary it is for cryptography to advance in response.

Thus, it is an exciting time to learn about the history of cryptography, what it means for digital trust and how it impacts cybersecurity.

Because after all, without cryptography, there would be no DigiCert.

Ancient cryptography

While cryptography looked different in early civilizations, we have evidence of cryptographic techniques as early as 1900 BC in Egypt, when there was an inscription carved into the main chamber of the tomb of nobleman Khnumhotep II. The hieroglyphics used were different than the usual ones, in a process now known as symbol replacement. However, this wasn’t necessarily a secret code. Rather, they changed the form of writing to make it appear more dignified.

In 1500 BC, a Mesopotamian scribe used cryptography to conceal a formula for pottery glaze. This example is the first known use of cryptography to hide secret information.

These aren’t the only examples, though. There has been evidence of use of cryptography in almost every major early civilization. In early India, “Arthashashtra,” an ancient work on statecraft written by Kautilya, also known as Chanakya, describes how assignments were given to spies in “secret writing.”

The ancient Greeks were known to use ciphers (an algorithm used for encryption or decryption), to transform a message. In 100 BC, Julius Caesar used a form of encryption to share secret messages with his army generals at war. Perhaps you have heard of the Caesar Cipher, as it is one of the most well-known uses of cryptography. Otherwise known as a substitution cipher, each character of the plain text is substituted by another character, forming the cipher text. For example, A becomes D, B becomes E, C becomes F — do you spot the shift of 3?

In the 16th century, the Vigenère Cipher came to be. This method encrypts alphabetic text by using a series of interwoven Caesar ciphers, based on letters of a keyword. This is known as polyalphabetic substitution. While it was first described by Giovan Battista Bellaso in 1553, Blaise de Vigènere got the credit in the 19th century.

Although this cipher is more secure than the Caesar cipher and many people have implemented similar encryption schemes, the Vigènere cipher was broken in 1863 by Friedrich Kasiski.

Cryptography in the 20th century

Next came the Hebern rotating machine created by Edward Hebern in Illinois in 1917. This machine marked the first time electrical circuitry was used in a cipher device, as it combined the mechanical parts of a standard typewriter and the electrical parts of the electric typewriter. Connected through a scrambler, the machine included a disk with electrical contacts on either side (aka a rotor).

Wires were used to connect each letter to another letter on the opposite side in random fashion, also known as a single substitution alphabet.

Cryptography played a huge role in both World War I and World War II. In 1918, the Enigma Machine was created by German engineer Arthur Scheribus. By World War II, it was used regularly by Nazi German military. The machine used three or more rotors to scramble the 26-letter alphabet, rotating at different speeds and outputting ciphertext.

The Enigma Machine was ultimately cracked by Poland, which led the British to create the Bombe, a device that helped to identify the wheel order of the Enigma machine and the rotors’ initial settings.

The use of cryptography up until this point was mostly used for war purposes. However, that changed when businesses saw cryptography’s commercial potential to secure data from competitors.

In the 1970s, IBM created a cipher called Lucifer, a block cipher that uses an algorithm operating on fixed-length groups of bits, called blocks. Block ciphers specifically use symmetric-key algorithms that use same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext.

Lucifer combined transposition and substitution encryption and led to what is now known as the Data Encryption Standard (DES).

The fall of the Data Encryption Standard (DES)

The Data Encryption Standard uses a symmetric-key algorithm and has a key-length of 56 bits, making it too insecure for applications. Regardless, it has been extremely influential in the advancement of cryptography.

DES was submitted to the National Bureau of Standards (NBS) to protect sensitive electronic government data and a modified version was accepted in 1976. In 1977, it became the official Federal Information Processing Standard (FIPS) of the United States.

Unfortunately, it was deemed as insecure. Due to its small key size, it is vulnerable to brute force attacks (when an attacker submits passcode combinations until they eventually guess correctly) and was broken in June of 1997. In 1999, it was deciphered in 22 hours and 15 minutes.

The introduction of Advanced Encryption Standard (AES)

In 2001, the National Institute of Standards and Technology (NIST) (previously National Bureau of Standards) selected the Advanced Encryption Standard (AES) to replace the DES.

AES uses a symmetric-key algorithm and is a subset of the Rijandael block cipher and uses larger key lengths of 128, 192 and 256 bits, with a block size of 128 bits.

In 2002, the U.S. government adopted AES as the federal government standard by the Secretary of Commerce and is the first and only cipher that is public, accessible and approved by the National Security Agency for top secret classified information.

Cryptography today & the cryptography behind TLS/SSL encryption

Today, cryptography is used to protect the billions of online transactions, sensitive data and private messages we transmit.

One way we ensure security is through TLS/SSL.

TLS allows inputted sensitive information to be transmitted securely. Examples include a web server and browser and a mail server and mail client. To establish this secure connection, the browser and the server need an TLS Certificate. If a website starts with https, the site is secured with a TLS certificate.

This is all possible because of the cryptography behind TLS encryption. The use of asymmetric encryption (or public-key cryptography) and symmetric encryption and the many algorithms used to create the asymmetric and symmetric keys behind this encryption allow data encryption so secure, the world’s biggest super computers cannot crack it.

Click here to learn more about public-key cryptography.

Public key infrastructure (PKI) goes beyond web TLS by securing users, identities, devices, files, messages and more by providing a system to secure data. This means it not only secures websites, but also encrypts files, authenticates and encrypts email, authenticates nodes to wireless, authenticates VPN connections and provides authentication measures for IoT devices.

Learn more about PKI.

Cryptography is the means by which we can live in a secure digital world. Without it, we would not be able to transmit the data we send on a daily basis without thinking.

Because after all, without cryptography, digital trust would not be possible.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min