By Anno Chang
The Science of Secrets
Every day, when we use the Internet, we find ourselves typing in our private information in various websites, whatever the purpose may be. And in some way or another, I must assume that you too have questioned how our personal data is managed in the World Wide Web (perhaps the title itself is suggesting the predominance of Web within the IT enterprises in the near future). The World Wide Web is just a fancy name for the Internet, for your information. Not to digress, if you've ever wondered how ‘secrets’ are managed, dealt and interpreted via the Internet, you are in the right article. Nevertheless, for your inquiries and information, I will introduce to you: the Science of Secrets.
The Word "Cryptography"
Crypto, comes from the Greek root, ‘secret’, and ‘-graphy’, from writing. Pretty neat right? Now you can go share this new information to your friends to prove how erudite you are about Cryptography. Yay.
So, how do we make secrets in computer science?
This is when the fancy word we just learnt comes into play: cryptography, is an entire mathematics branch in computer science that deals with encrypting, interpreting,and then decrypting data. In other words it is a process of making secret codes, then figuring out what they mean. Here’s the basic premise of what cryptography is all about.
Let me introduce you to Alice, the girl, and Bob, the guy. Forget about the ear for now. Funnily enough, people actually use Alice and Bob a lot as this ‘default’ mode for solving problems. No one knows why. (Alice and Bob are just arbitrary names) So here’s what it all boils down to: if there are eavesdroppers, (hence, the ear) and we have Alice and Bob talking about confidential information, per se their secret crushes, how do we do this without anyone else finding that out?
Without getting in too deep on complicated programming, here’s how symmetric cryptography works. We take a plain text, or any form of recorded date, chuck it into this magical and extremely complicated machine that outputs a cipher text, meaning a version of the plain text that is encrypted. We have to encrypt this, because when we send the information down an insecure channel, malicious objects (like hackers, and people who might want to misuse this information) like Eve (stands for eavesdroppers) can’t hear, and even if she does, he can’t understand. Why can’t he understand? We’ll get to that in a moment. So Bob now receives this cipher text, and chucks it into another magical decryption machine, that outputs back the original plain text, using the ciphertext. Now why can’t Eve understand the cipher text and make it a plain text? Because there is a handy little thing called a key. This is the most important part of a cryptosystem; the key contains information on how to translate the plaintext to cipher text, and vice versa. Here’s an example. Say Alice wants to tell Bob the name of her secret crush, who is John. Since she can only speak to Bob at break to prevent everyone else from finding out the scret, she encrypts her information by putting the letter ‘P’ in the last letter of the word. So she says Johnp! Bob knows this already, so he is able to understand that she means John. Her classmates, however, have no clue of what she said. So in this case, the plaintext was ‘John’, and the Cipher text was ‘Johnp’, and the key was to put ‘P’ in the last letter of the word. Of course in real life things are not as easy as this, but this is the basic gist.
The importance of symmetric cryptography, is that the key that Alice and Bob use is the same. This, makes it convenient, but what happens when we want to reveal a part of the key? What if our fellow classmates deserve to know at least the first letter of Alice’s crush? This brings us to:
Again, without getting too complicated, asymmetric cryptography has the same idea as symmetric cryptography, except that we use a different key for the magic encrypting machine and the magic decrypting machine. This, enables programmers to tell one key, (the public key or ‘Ku’) and keep secret the other (private key or ‘Kr’). Finally, the classmates are happy, because at least they know the first letter of Alice’s crush.
What’s the point?
Right now, you may be wondering why I wasted about ten minutes of your life on all this complicated Cryptography. Why should I possibly care? Firstly, because it is interesting stuff, you already know more about how our information is transferred. Secondly, it happens under the hood of the internet more than you’d ever know. Anything you put passwords in, or anything that is private information, is encrypted. When you enter a password, or your credit card number, there is not a file in the website that has all your information that anyone who has access can read. All of that data, once you reach it, is encrypted, and only the people who have the keys to it can figure out how to open it. Figuring out how to open it can be a tough job too. So don’t worry too much when people are paranoid about Facebook getting hacked and all of your personal information being leaked. They are putting lots of effort into creating great cryptosystems (now you understand it) and protecting your information. That doesn’t mean you can make your passwords easy; there are still millions of hackers around the world that focus on figuring your password out, which grants you access to your personal information. In some ways, it’s more likely that it is the fault of your mismanagement when your personal information is leaked. So, protect your information! Another interesting fact for you is that, it is most likely that your information is being encrypted right now. Recently, Google has changed its policies that it encrypts every single one of your search queries. Nice guys Google right? And you can find this out by simply going to Google.