The evolution of cryptography (deciphered)
Cryptography is the backbone of our current digital society, but how did it become so important? Interestingly, the systematic study of cryptography as a science (and perhaps as an art) started only during the past 100 years.
The word cryptography is derived from the Greek krypto and graphein, which mean hide and writing. The first type of cryptography was simple writing, since the majority of people could not read (New World, 2007). Later, most of the great civilizations used some kind of cryptography to transfer important private information. The earliest form of cryptography was a cipher (a cipher is an algorithm used for encryption or decryption). Ciphers had the problem of being easily broken using the frequency of the letters, and once a generalized way of breaking them was found they became obsolete.
Middle ages to today
The next big advance came in the 1600s when the first cryptographic key was recorded, which caused a big shift in the space, moving the importance from hiding the system to hiding the key. The system could be public, but one could still not read the message without the key. That overcame the problem of a system as a whole becoming obsolete with the discovery of its mechanism.
Then, during 19th Century the first use of a rotor for encryption was recorded. In the 20th Century the invention of the Enigma machine (used by the German military during WWII) was a technical milestone, being one of the hardest ciphers to break. However, that too was eventually broken by Poland, and British cryptographers designed a means to obtain the daily key.
After the war, cryptography found its way into commercial applications, with IBM being the first company to systematically develop a crypto-group and what ended up being the first U.S. standard for encryption. The standard, though, was short-lived, since it was also broken by a simple but very powerful method called a brute-force attack. Brute-force involves simply trying all the possible combinations in a very computationally intensive process. That is also why advances in computing power are followed by increases in the complexity of the private keys.
Cryptography has been a continuous game of chase between the complexity of the cryptographic keys and the computing power available. In principle, any key is vulnerable to a brute-force attack; the more complex the key the more time consuming such an attack is.
The importance of cryptography in the digital age
Advances in technology and computing power have enabled people to move more and more of their data to the digital sphere. Moving data through any digital means—aside from the obvious advantage it brings to speed, accessibility, and convenience—comes with the mirroring disadvantage of being harder to protect.
The need to protect digital data from being used for unlawful purposes is being tackled by cryptography. However, as with all rights, there are competing interests. Law enforcement has a legitimate right to intercept communications in certain circumstances. Balancing these rights requires a balance known as the tightrope between security and privacy.
The importance of cryptography can be summarized by the fact that it is the only tool the user has in the digital world to protect their private data. And as we move more and more into the digital world, by association, cryptography is becoming more and more important.
The state of cryptography today
Today the need to communicate with parties we cannot necessarily trust has given rise to “public-key cryptography” or “asymmetric cryptography.” This kind of cryptography relies on public keys that the sender uses to encrypt the message and private keys which the receiver has, and uses to decipher the message. This process is one-way, meaning that no one else can decipher the message. Even these state-of-the-art methods are still breakable. If nothing else, an algorithm can be broken by a brute-force attack that cycles through every possible key. Therefore, the goal of present-day cryptography is to create algorithms that make it computationally infeasible for an attacker to recover the private key.
What about privacy?
Even though state-of-the-art cryptographic protocols are virtually unbreakable because of required computing time, companies and individuals are ever in search of more ways to transact more privately. Recently, with advances in computing power and cryptography, trust has become a new target for individuals and organizations concerned with privacy. Cryptographers have thought that if it is possible to encrypt and effectively hide the data from people who don’t have to see it, perhaps there is a way to still transact with them without showing the data. And sure enough, during the 1980s tools such as zero-knowledge proofs and calculations on encrypted data were discovered. By applying mathematical transformations to the underlying data, these tools enable people to interact with and validate encrypted data, effectively creating another revolution in the field. Now the data exchange can be private, even between parties that transact directly.
Increased efficiency for high-demand protocols
In 2012 Project Pinocchio from IBM and Microsoft found a way to reduce the computing needs of a zero-knowledge proof by 20x and for zero-knowledge verification by more than 50x, making it efficient enough for practical uses. It now can be used to hide the data between two parties and still allow them to transact, not only theoretically, but fast enough to have private and commercial applications. This breakthrough opened new possibilities to businesses and researchers, who started wondering what other applications are within reach and what other technological possibilities exist.
That same curiosity is what drove us at decentriq to explore these technologies in the first place. Our team develops novel implementations for cutting-edge privacy-preserving technologies. We explore applications such as:
- Secure and private online voting
- Augmented privacy for exchanges, enabling them to not have to reveal their whole order book
- A bulletproof way for anyone to provide a proof of cryptographic assets without ever revealing the funds available in one’s account
- A marketplace for alternative data providers and buyers that enables the business to try the data before deciding to buy it, while keeping the data hidden
- Making possible a demonstration of the predictive power of a model on new data without disclosing the model or the data
All these applications are made possible by recent and ongoing research, both by decentriq and by third-party open-source projects fueled by demand for increased security and privacy in individual and commercial datasets.
What does the future of cryptography hold?
These cutting-edge discoveries and advancements in cryptography are cultivating an exciting future for the field. What appears to be the biggest change on the horizon is quantum computing. Quantum computing, using the properties of the superpositioned particles, is able to exponentially increase the computing power available to us. That means the cryptographic transformations that today are inefficient to run on a silicon chip can be run efficiently on a quantum chip, potentially rendering today’s encryption obsolete.
Today, we encrypt data as it travels over the internet and when it is at rest on a storage device. But we have to decrypt data to use or analyze it, creating a potential security vulnerability. Homomorphic encryption is a new idea that solves that problem, allowing users to process data without decrypting it. With homomorphic encryption, we process encrypted data and produce encrypted results. And while this is not a novel idea, new breakthroughs that vastly improved performance brought the possibility of efficient encrypted data processing back to the forefront.
Thus, the chase continues. The advances in quantum computing have given rise to quantum encryption, which uses the properties of quantum particles to ensure unbreakable encryption. There are already several projects working on quantum encryption and how it can be implemented. Even though quantum computing at scale may be many years away, we at decentriq follow the technology closely to make sure we are ahead of the curve for our customers when the time comes. Nevertheless, until then, we apply our cryptographic skills to the betterment of cutting-edge protocols, making them more efficient, user-friendly, and wider known to everyone who could benefit from them. We believe that in a world where the most valuable asset is information, it is worth exploring novel technological uses for applied cryptography to protect it.