Hey, there, curious minds.
Every time you send a secure message, log into your bank, or even you know, just see that little padlock on a website, there's this whole complex thing happening behind the scenes.
It's not magic.
It's this fascinating world built on really clever math, sophisticated codes, and it's constantly changing to keep our digital stuff safe. Today, we're taking a deep dive into modern cryptography. We'll look at where it came from, how it works now, and crucially the big challenges ahead like quantum computing. Our guide is Introduction to Modern Cryptography, third edition by Jonathan Katz. It's pretty rigorous, but honestly surprisingly easy to follow on
a lot of this stuff. Our mission, as always, is to give you that shortcut to being really well informed. We want to pull out the key ideas, the surprising bits that make up our digital security.
Okay, let's unpack this.
Let's start way back the old school stuff, classical cryptography ciphers like Visionnaire, maybe trying to hide pattern, Yeah exactly, But what was the big weakness there? Why didn't that last? Well?
The fundamental issue with those older schemes, and it's why we often call it an art back then was this reliance on security by obscurity.
Just keep the method secret, right.
The thinking was, if nobody knows how you're encrypting, you're safe. But that just doesn't hold up with visionnaire. For instance, even basic statistical tools like calculating the index of coincidence. It basically measures letter frequencies that can reveal patterns. For English text, that index is around point zero six y five. If you analyze cipher text, then it's close to that something's up. And even simpler if an attacker could just guess a tiny bit of the original message like dear sir.
Maybe a known plaintext attack.
Exactly, those basic shift substitution Visionaire ciphers, they become well, the book calls them trivial to break.
Okay, So that leads right into Kirkhoff's principle, doesn't it. It sounds backward, But why is keeping the algorithm secret actually a bad idea?
Precisely, Kirkhoff said way back that the security should only depend on the key being secret, not the method. Proprietary sort of home brewed algorithms are dangerous because they haven't been hammered on.
By experts, no public scrutiny, and.
History is littered with disastrous results from ignoring this. Think early DRM, some Wi Fi security. They just crumbled once someone reverse engineered the secret sauce and found it was well weak. Our confidence in something like as comes to the fact that it's been extensively studied by experts for decades and it's held up.
So the art was obscurity and tricks. How did we get to the science of modern crypto? What changed?
It was a fundamental shift really kicking off around the eighties. Modern crypto was built on three pillars. First, formal definitions. You have to define exactly what secure means for your specific goal, Like the book says, if you don't know what it is you are trying to achieve, how can you hope to know when you have achieved?
It makes sense, right, Yeah, absolutely define the target.
Second, precise assumptions we state explicitly. Okay, this system is if this specific math problem is hard to solve, like factoring large numbers for example. And Third, rigorous proofs mathematical proofs that show the scheme meets the definition, assuming the underlying problem is hard.
So it's not just hoping it's secure, it's a proof like an ironclad guarantee almost that's.
The phrase the book uses. Yeah, proofs of security given ironclad guarantee, but crucially relative to the definition and the assumptions.
Okay, caveats apply exactly.
It shifts crypto from an art to a science. Real world implementations can still mess things up, or maybe an assumption turns out to be wrong someday, but it provides a framework, as the source puts it, provable security helps shift the odds in the defender's favor. It gives us real confidence in the core algorithms.
Okay, let's move into symmetric key crypto private key. This is where Alice and Bob share the same secret key, right, that's the one.
Formerly you've got three bits Jen to generate the key into encrypt using the key, and d to decrypt using that same key and the basic proper But he's just deckangam encrypt and decrypt with the same key. You get your original message.
Genback.
Simple concept.
Now you hear about perfect secrecy sounds like the ultimate goal, Right, what does that actually mean? Why don't we just use it for everything?
Perfect secrecy, like the one time pad, is the theoretical peak. It's secure even if the attacker has infinite computing power.
Wow, infinite.
Yeah, the encrypted message gives zero information about the original It looks like pure random noise. But and this is the huge practical catch. The key has to be truly random, just as long as the message, and you can only use it once.
H So sending a movie would need a movie sized key used once exactly.
Imagine securely exchanging that massive single use key. First, it's just not practical for email or web browsing.
So how do we handle that for everyday stuff? If the one time pad is out? Yea.
We move to computationally secure encryption. We assume attackers have limited computing power, still powerful.
But not infinite, a more realistic assumption definitely, And this lets us use reusable keys.
That are much shorter than the messages. We use tools like pseudorandom generators prgs to stretch a short random seed into a long string that looks random to computers okay, and pseudorandom functions PRFs, which act like random functions. These are the building blocks. Then, for encrypting actual data, we use things called modes of operation with block ciphers like aes CTR mode for instance, lets you encrypt parts of a message in parallel, which is way faster speeds things up.
Absolutely essential for performance and underpinning all this is the need for good randomness sources, high entropy data from things like network timings, your keystrokes, even tiny fluctuations in hardware temperature. Got to get those initial random seeds right.
We've focused a lot on secrecy keeping things private. Is that the whole story for digital security not even closed.
This is a really important point. Encryption by itself usually doesn't guarantee message integrity.
Meaning someone could mess with the message even if they can't read it precisely.
An active attacker, someone sitting in the middle might be able to flip bits in the ciphertext. They don't know what they're changing maybe, but when it gets decrypted it could be.
Completely different, like changing a dollar amount in a bank transfer.
Exactly that scenario. The encrypted one hundred dollars gets subtly changed and the bank decrypts it as the thousand dollars. Encryption didn't stop that.
Okay, that's yeah, that's bad. So how do we make sure the message wasn't altered, that it's authentic.
That's where MAA keys come in message authentication codes. You need another shared secret key separate from the encryption key. Usually with this maat key, the sender calculates a short cryptographic tag for the.
Message, like a checksum but secure.
Kind of yeah, but much much stronger. The receiver uses the same maakey to recalculate the tag on the message they received. If their calculated tag matches the tag that came with the message, it's authentic.
And if anything changed, the tags won't match exactly.
Even changing one one bit in the message or the tag will cause verification to fail. HMAC is a really common standard for this. It provides what's called existential unforgeability fancy term, but it means an attacker can't create any valid tag for any new message, even after seeing lots of legitimate message tag pairs the very strong integrity guarantee.
Okay, MSC's for integrity.
Now. Hash functions, they seem to be everywhere. What makes a hash function cryptographic? Right?
They are work horses. A cryptographic hash function takes any input could be tiny, could be huge, and spits out a fixed size digest a digital fingerprint. The key security property is collision resistance. It must be incredibly hard computationally infeasible to find two different inputs that produce the exact same hash output.
Like finding two people with the same fingerprint, should be basically impossible.
Ideally, yes, but there's a catch.
Uh I've heard about birthday attacks.
Sounds harmless, It does, but it's a mathematical phenomenon, the birthday paradox. It means finding any two inputs that collide is much easier than finding an input that matches a specific hash output.
Okay, how much easier.
Roughly the square root of the possibilities. So if a hash has n possible outputs, you only need a bout. Squirt tries to find a collision for a hash with l output bits, that's two L two operations.
So for MD five, which is one hundred and twenty eight bits, that's two sixty.
Four exactly and two sixty four. While big is actually achievable with modern computing power. That's why MD five is considered broken. Collisions can be found.
Fast and SAHA one that was used everywhere too.
SAHA one is one hundred and sixty bits, so you're looking at two hundred and eighty operations for a birthday attack. Harder but also broken. Now explicit collisions have been demonstrated.
Which is why we use SAHA two fifty six or even longer hashes.
Now precisely you need that longer output, that larger L to make the two L two birthday attack computationally infeasible.
Again, okay, so we have symmetric encryption MAACS hashes, but all the symmetric stuff, the private key stuff, relies on Alison already having a shared secret key. How do they get that key in the first place if they've never met sounds like a chicken and egg problem.
It absolutely was. The book calls it one of the most important open problems in cryptography before the mid seventies. Think about it. A network of n people. Each pair needs a unique key that's roughly n squared.
Keys, which gets huge, fast.
Astronomical for just one thousand users, it's nearly half a million keys to pre share and manage securely. People tried using key distribution centers KDCs, trusted servers that would generate keys for pairs of users, But then.
The KDC is a massive target.
Right exactly, a high value target and a single point of failure. If the KDC gets hacked, everyone's keys could be compromised. It was a major bottleneck.
Then Diffy and Hellman came along the public key revolution.
What was the big idea?
It was truly paradigm shifting. They showed how two people could agree on a shared secret over a public channel, even if someone is listening to everything.
Like shouting numbers across a crowded room, but ending up with a secret only you two know.
That's a great analogy. Mathematically, Alice picks a secret X, Bob picks a secret why there's a public base g Alice sends gx to Bob, Bob sends gs air y. Because of exponent rules, they both arrive at the same value gx y.
An eavesdropper who sees GX and g can't easily figure out gx correct.
That relies on the presumed hardness of the discrete logarithm problem or the related computational Diffie Hellman problem. Going from G and X to gx is easy. Going backwards from it GX to find x is believed to be incredibly hard for classical computers.
Mind blowing. But you mentioned a catch earlier.
Ah, Yes, the basic Diffie helmet exchange is completely insecure against a man in the middle attack.
How does that work?
An attacker Mallory sits between Alice and Bob. Mallory does a diffie helmet exchange with Alice pretending to be Bob, and does another one with Bob pretending to be Alice. Alice and Bob think they have a shared secret, but they actually share secrets with Mallory, who just decrypts, reads, possibly modifies, and re encry messages between them.
OUCH.
So you need some way to know you're really talking to Bob, not Mallory exactly.
You need authentication on top of the basic key exchange, certificates, pre shared keys, something.
But this idea opened the door to public key encryption like RSA and digital signatures.
How do those work?
So with public key encryption, you generate a key pair, a public key you can publish anywhere, and a private key you guard fiercely. Anyone can use your public key to encrypt a message for you, but only you with your private key can decrypt it.
And RSS security comes from.
The difficulty of factoring large numbers. The public key involves a large number that's the product of two big primes. Finding those crimes factoring is necessary to get the private key and that's believed hard digital signatures flip it. You use your private key to create a signature on a message. Anyone can use your public key to verify that.
Signature, proving it came from you and wasn't changed.
Yes, it provides authenticity and integrity plus non repudiation. That means you can't later deny sending the message because only you have the private key that could create that signature. It's verifiable by anyone.
Now, I remember hearing public key crypto is way slower than symmetric stuff.
Is that right?
Oh? Yeah, orders of magnitude slower. Doing math with those huge numbers is computationally expensive. Encrypting a large file with RSA directly would be painfully slow.
So how do we use it? In practice?
We use hybrid encryption, often called KEEMDEM key encapsulation data encapsulation.
How does that work?
Use the slow public key crypto only to encrypt and exchange a temporary random symmetric key, that's the CAM part. Then use that fast symmetric key with something like AES to encrypt the actual bulk data. That's the DEM part.
Best of both worlds.
Public key solves the key exchange problem. Symmetric key does the fast data encryption exactly.
That's how things like TLSSL secure websites work, how PGP email encryption works. It's the standard approach.
Okay, so V Hellman and RSA, all these public key systems rely on certain math problems being hard for current computers.
What happens if they become easy?
And that is the multi trillion dollar question right now. Here's where it gets really interesting and potentially scary. Back in nineteen ninety four, Peter Shore published an algorithm. Shore's algorithm shows that a sufficiently powerful quantum computer could solve both factoring and discrete logarithms efficiently in polynomial time.
Wait, both problems the foundations of RSA and diffy Hellman and.
Elliptic curve cryptography, which is widely.
Used to Yes, so a working quantum computer basically breaks all the public key crypto we use today pretty much.
The book states it's starkly all public cryptosystems we have covered thus far can be broken in polynomial time by a quantum computer.
Okay, wow, So what's the plan? Are we heading for crypto apocalypse?
Well? Hopefully not. This is the whole field of post quantum cryptography or PKEC. Researchers worldwide are racing to develop and standardize new public key cryptosystems based on different mathematical problems, ones believed to be hard even for quantum computers, like what kind of problems Things like lattice based cryptography are big contenders, problems like lwe learning with errors. There's also
hash based signatures, code based crypto, a few different families. NIST, the US standards body, has been running a competition to select the best candidates and they've chosen the first set of standards.
So we're actively replacing the old algorithms.
The transition is starting. It's a massive undertaking, but essential. Even symmetric crypto needs adjustments. Hash functions need bigger outputs, maybe doubling key sizes for as against certain quantum attacks, just to maintain the same security level. Grower's algorithm effects symmetric search problems.
So it really touches everything.
It really does. It's a fundamental shift in the underlying assumptions.
Wow, from visioneer and statistical tricks to lattices and quantum resistance.
It's just been this constant evolution, this arms race.
Absolutely the attacker finds a weakness, the defender builds a stronger wall using deeper mathematics. It constantly pushes the boundary of what we thought was computationally possible.
So what does this all mean for you listening right now, Well, it means that the invisible shield protecting your emails, your bank accounts, your online life is constantly being rebuilt, reinforced with new kinds of math.
It's a silent, ongoing process, but absolutely critical.
So next time you see that padlock or hit send on an encrypted message, maybe take a second think about that hidden dance of math, the assumptions, the proofs keeping your data safe, and consider how cryptographers right now are choreographing the next dance, designing the steps needed to withstand the incredible power of computers that don't even fully exist yet. It's quite something