Cracking the Code: Brief History of Cryptography

Emi Katsuta
Jul 16, 2019 · 6 min read
illustration @ekatsuta

As more and more everyday activities become digital — from shopping to managing your bank account to sending messages — it becomes increasingly critical to develop protections for users’ personal data and devices. Software developers should therefore prioritize and implement data security in order to prevent fraudulent activities by third parties not to mention protect people’s freedom of thought and speech.

Encryption, or the process of using an algorithm to transform information to make it unreadable for unauthorized users (per Technopedia), dates back to Antiquity, advancing rapidly throughout history in order to keep pace with gains in computer speed and efficiency. All the details of the long and rich history of cryptography, along with the algorithms used in encryption, extends well beyond the scope of this blog post; however, I will touch on the core principles and background of cryptography as a starting point to contemplate how we might incorporate it into our products, and perhaps even develop more advanced methods of encryption in the future.

Looking back to ancient Rome, the Caesar cipher, named after Julius Caesar, emerged as an early application of ciphering (i.e., encoding or encrypting). The famed Roman militant used this technique to send secret military commands during wartime. In this method, every letter in plaintext (meaning data that has not been computed or written in code) is shifted by a fixed number of positions, called key, on the alphabet wheel to create an encrypted message. The algorithm involved in Caesar cipher can be represented using modular arithmetic, where numbers “wrap around” upon reaching a certain value (the modulus) — in this case, the number of existing letters (26 in the English alphabet).

For example, if we have a secret message, “ATTACKATONCE”, we can write a simple equation to convert the input into an encrypted string using the Caesar cipher method. We would first convert each letter into the corresponding alphabetical index ( A=0, B=1, C=2, …,Y=24, Z=25). We then represent the modulo by adding x (the letter we are encrypting) to the key value. With this new index, we can find its match in the alphabet (note: if the new index is larger than 26, we subtract 26). The output will result in an encrypted string, “NGGNPXNGBAPR”. Decrypting the message would take the opposite logic, where we subtract the key from the current alphabetical index to get the modulus, then get the matching alphabet with this new calculated value (note: here, we would add 26 if the new index is less than 0).

function caesarCipher(str, amount) { // Wrap the amount 
if (amount < 0)
return caesarCipher(str, amount + 26);
// Make an output variable let output = ‘’; // Go through each character for (let i = 0; i < str.length; i ++) { // Get the character we’ll be appending let c = str[i]; // If it’s a letter… if (c.match(/[a-z]/i)) {

// Get its code (the UTF-16 code)

let code = str.charCodeAt(i);
// Uppercase letters (A-Z)

if ((code >= 65) && (code <= 90))
c = String.fromCharCode(((code — 65 + amount) % 26) + 65);
// Lowercase letters else if ((code >= 97) && (code <= 122))
c = String.fromCharCode(((code — 97 + amount) % 26) + 97);
}
// Append

output += c; }
// All done! return output; };
//Algorithm Explanation://[A] 65 % 26 ⇔ 13 + 65 = 78 [N]
//[B] 66 % 26 ⇔ 14 + 65 = 79 [O]
//[C] 67 % 26 ⇔ 15 + 65 = 80 [P]
//[D] 68 % 26 ⇔ 16 + 65 = 81 [Q]
//[E] 69 % 26 ⇔ 17 + 65 = 82 [R]
//[F] 70 % 26 ⇔ 18 + 65 = 83 [S]
//[G] 71 % 26 ⇔ 19 + 65 = 84 [T]

However, the limited number of possible shifts (in the case of the English alphabet, 26) makes the Caesar cipher extremely easy to decipher. With a brute force approach — a trial and error method used to decode encrypted data — someone can easily retrieve the hidden message simply by writing out a table of possible shifts.

Fast forward to the early 2000’s, when the Advanced Encryption Standard was introduced to protect classified information and user data. The U.S. government established AES to replace its successor, the Data Encryption Standard (DES), as it became vulnerable to brute force attacks due to the increase in computational power. The National Security Agency selected the new standard as the main cryptographic algorithm to protect national security systems. Due to its success in governmental practice, the AES soon spread to the private sector and became a globally prominent cryptography method.

The AES uses 256-bit keys technique to encrypt and decipher data and files. The term “bit” reflects an advancement in the storage of information, which has evolved just a bit from the days of Caesar. Modern day encryption converts computer’s binary digits (1’s and 0’s) and not plaintext, as we saw in the Caesar cipher. Additionally, AES is a symmetric cipher, meaning the same key is used for encrypting and decrypting. In 256-bit encryption, the algorithm performs a number of transformations on data stored in an array. Due to the exponential growth in the number of possible outcomes, fifty supercomputers with the capabilities of checking a billion billion (1e+18) AES keys per second would — in theory — require about 3 quadrillion (1e+15) years to brute force every option, just to crack a single message.Given this difficult to crack method, the AES saw widespread adoption across many protocols and software. However, there is one genuine weakness to AES. As in any other symmetric systems, AES requires that the sender pass the key to the receiver. If this key is intercepted, the transmission becomes exposed.

Image result for public key vs. private key encryption

Enter asymmetric encryption, AKA public key encryption. Unlike the prior method (also known as private key encryption), the asymmetric method uses a public key for the encryption, and a different, private key for decryption. Hence, effective security only requires protecting the private key and the public key can be openly distributed. You can also encrypt a message using your private key, and digitally sign (i.e., finger print) the message to ensure this particular message only came from you. Currently, all secure messaging on the Internet, including security protocols, such as SSL and TLS, use public key cryptography as their foundation. Whenever you see a lock symbol on your URL bar, that means that your computer is using public key encryption to exchange data securely with the website you are on.

As more people join the Internet, digital data sharing will also grow, and the need to protect that data will become increasingly important. One of the most prominent current issues in this regard is the 2020 Census, which will conduct a digitized survey for the first time in its history. Many critics fear the cybersecurity risk and possible manipulation of the data. For example, a malicious actor could misrepresent the population for political means, further discouraging people from answering the Census in the first place. At the same time, the digitization of the Census also may offer benefits, such as making the count more inclusive and reducing the cost to deploy the survey. Though no simple task, the implementation of data security lies at the core of defending people’s fundamental rights. Surely the systems we have today will not provide the necessary protections for tomorrow and we must keep developing new, better ways of encrypting data to combat the rapid advancement of computers’ ability to crack the code.

The Startup

Get smarter at building your thing. Join The Startup’s +724K followers.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store