To encrypt a message is to convert it into a form that only authorized recipients can understand, even if it falls into unauthorized hands. (Converting a message back to readable form is called decryption.) As Margaret Rouse reports at Techtarget, the idea of encryption goes back to ancient times, but until recently it was of practical concern almost exclusively to the military and national intelligence agencies.
But the growth of the internet, and the enormous role it now plays in business and our daily lives, has changed all that. Encryption of internet traffic has now become a major concern for practically everyone. In the process it has also raised complex new issues, such as how to balance the needs of individual online security and privacy with those of national security.
Codes and Ciphers
In everyday language it is common to say that any encrypted message is “in code,” but in fact there are two quite different basic ways to encrypt a message: codes and ciphers. A code substitutes harmless words for the critical words in a message. So, for example, “send flowers” might mean launch airstrikes.
Codes can be very hard to break, because there is no formula that will reveal the true message. But they are limited because you cannot encode a message that is not already provided in the code book.
A cipher, in contrast, applies a formula, called an encryption key, to each individual character — letter, punctuation mark and so forth — in a message in order to encrypt it. A reverse formula, or decryption key, is used to decrypt the message. The formula can potentially be “broken” — allowing unauthorized people to read the message.
But the advantage of a cipher over a code is that any message can be encrypted. Sender and recipient don’t need to agree in advance on specific code words, but only the encryption and decryption keys.
Computer encryption systems are based on ciphers, and a whole branch of mathematics has developed around the techniques for creating ciphers that are difficult to break. Modern encryption systems typically have a “public key,” available to anyone, that can be used to encrypt a message, along with a “private key” — provided only to authorized persons — which is used to decrypt a message.
Thus, anyone can send you an encrypted message by using your public key, but only people you entrust with your private key can read those messages. But why has this type of encryption technology become important to everyone, not just military commanders or secret agents?
A World Without Envelopes
Before the rise of the internet, most messages were fairly difficult to intercept. Most letters were sent by mail, sealed in envelopes. Simply getting hold of a letter not meant for you was fairly difficult, and opening the envelope in a way that it could be resealed (to hide the fact that someone unauthorized had read it) was also difficult.
Phone calls aren’t concealed by envelopes, but tapping an old-fashioned phone call was also a difficult process.
In contrast, the same technology that makes the internet fast and reliable also makes internet messages easy for almost anyone to read. Internet messages are sent as “packets” of data that are electronically passed from one internet computer (a “server”) to the next, until they reach their destination.
A variety of tools can allow hackers — such as cybercriminals or hostile intelligence agencies — to intercept data packets en route. Anyone who intercepts it can examine the data, bit by bit.
This applies to your personal email and credit card number. Indeed, it applies to anything and everything sent through the internet. Which means that the only way to keep hackers from reading your email or financial data is to encrypt it. Thus, as Robert A. Grimes notes at Infoworld, the call for universal “end to end” encryption on the internet.
Northrop Grumman has worked with secure communications for decades, going back before anyone ever heard of the internet. The need to encrypt messages is not new to Northrop Grumman, but it remains on the forefront of encryption technology.