A time traveller’s guide to modern encryption

480 BC: Thermopylae

For those unfamiliar with ancient Greek history beyond the plot of Zack Snyder’s 300 (and yes, I’m aware that’s like saying you don’t know how to pilot a rocket ship but did see the rear wheel of a bicycle once), here’s a brief and highly uninformative summary of the Battle of Thermopylae:

• Persian Empire invades Greece in 480 BC.

• 300 Spartans (and friends) make a stand at Thermopylae.

• Battle commences.

Picture the scene: you're standing shoulder-to-shoulder with your fellow Spartans awaiting another assault on your position. What you lack in numbers, you hope to make up for in tactical discipline, martial prowess, and unmatched abdominal symmetry (Snyder probably got that bit right). But before your meticulously organized phalanx is once again put to the test, a message arrives. You are handed two items. The first is a strip of parchment with a scrambled sequence of letters scrawled on its surface. The second is a slender wooden baton, a scytale, one of——if not the——earliest encryption devices ever recorded.

But how did it work?

To use modern terminology, the scrambled sequence of letters is a ‘ciphertext’; to decrypt the message and reveal the ‘plaintext’, you need a ‘key.’ In the case of the scytale, the key is the diameter of the wooden baton. That’s because said baton has a twin that the sender used to encrypt the message. In short, they wrapped the strip of parchment around their baton, wrote the message, and then unwrapped it. They then filled in any gaps between letters of the plaintext message with random filler letters, creating the ciphertext. To anyone without a baton of matching diameter, the message would be entirely unintelligible.

The good news is that all you need to do is wrap the parchment around your own baton until the letters of the plaintext message line up as intended along the surface of the baton. The bad news is that it seems the Persian army has discovered a narrow pathway leading behind your own forces, exposing your rear guard.

You’re about to be outflanked, my friend. Best get back to the time machine.  

Every Roman Needs a Code

Aqueducts, paved roads, and public bathhouses——that’s right, you’ve landed in the Roman Republic. It’s 44 BC and one Julius Caesar has reached such dizzying heights of power that there’s a severe risk of altitude sickness (and assassination, as he will soon discover). Along with conquering half the world and having his face stamped on every newly minted coin in the capital, the dictator can also add the invention of a cipher to his list of achievements.

Like the scytale, the ‘Caesar Cipher’ was primarily used as a means of securing military and other official communications. It follows a simple system in which every letter of the unencrypted message——the ‘plaintext’——is substituted for another letter in the alphabet. In a Caesar cipher, all letters are substituted using a pre-agreed shift up or down the alphabet. For instance, a left shift of three would see F become C, E become B, and D become A.

If you’re feeling particularly adventurous, the cipher below is using a right shift of four:

"Hieh Glerrip Gviexmzi."

All done? Good, there’s plenty more time-hopping to go.

Encryption’s Renaissance

Welcome to France. The year is 1586, the chime of church bells pierces the marketplace clamor and the scent of horse manure, fresh bread, and smoke from the blacksmith’s forge fills your nostrils. What a time to be alive, no? It certainly is if you’re interested in encryption, because this is the year Blaise de Vigenère introduced the autokey cipher to the world, building on an earlier system first described by Giovan Battista Bellaso in 1553.

The Vigenère Cipher is a polyalphabetic substitution cipher that encodes plaintext using a repeating key——in this case, a pre-agreed word or phrase——making it more secure than simple substitution ciphers. If the key is shorter than the plaintext, it simply repeats; this is called the ‘keystream.’ For example, if you had been given the key ‘CREATIVE’ and the ciphertext ‘EFTYPZDXGI,’ the keystream would be ‘CREATIVECR.’

Decrypting these ciphers requires a Vigenère Table (or Tabula Recta), which consists of a series of shifted alphabets organised into a square table. The process of deciphering the message is as follows:

1. Align the key with the ciphertext: repeat or shorten the key so that it matches the length of the ciphertext.

2. Decrypt letter by letter: for each letter in the ciphertext you must…

   • Find the corresponding letter of the key in the leftmost column.

   • Find the ciphertext letter in the top row.

   • Look at where the key letter's row and the ciphertext letter's column intersect in the table. This gives you the plaintext letter.

3. Rinse and repeat: continue this process for every letter in the ciphertext until you've fully decrypted the message.

Feeling dizzy yet?

Revolutionary Thinking

If the cannon smoke, musket fire, and tricorn hats as far as the eye can see didn’t give it away, you’ve touched down in revolutionary America. By this period in the mid-eighteenth century, another device had entered the scene. The ‘Jefferson disk,’ or ‘Jefferson wheel,’ is an encryption device named after its inventor, you guessed it——Thomas Jefferson. The device encrypts messages using a set of rotating disks mounted to an axle. Each disk has a scrambled alphabet printed on its surface.

The sender arranged the cipher disks in a specific order to form the encryption key. The disks were then rotated so that the plaintext message appeared along one line (horizontal row) across the aligned disks. The sender then selected a different row——either above or below the plaintext line——to use as the ciphertext. That row of letters was sent to the recipient.

Upon receiving the message, the recipient arranged their disks in the same order as the sender’s, based on the pre-arranged key, and rotated the disks until they matched the ciphertext. They would then search the rows of letters above and below until they could find the original plaintext.

Enigma

Through hazy lamplight and cigarette smoke you see a small group of smartly dressed people huddled around a small desk. It’s 1940; you’re at Bletchley Park, that’s Alan Turing, and you absolutely should not be in here. The top secret team of codebreakers you’re spying on are inspecting perhaps the most famous encryption device in modern history——the Enigma machine.

Used extensively by Nazi German forces during the Second World War, the Enigma machine comprised a set of rotors, a plugboard, a keyboard, and a matching illuminated display panel. Without getting too technical, when an operator pressed a key, an electrical circuit would complete, passing through the plugboard and then into the rotors, which would rotate after each key press to alter the signal path dynamically. Each rotor contained a complex wiring pattern that would substitute one letter of the alphabet for another. The encoded letter would then light up on the display panel.

To complicate matters further, the encryption would change after every key press. For example, pressing ‘A’ once might result in ‘Z,’ but pressing it again could result in ‘G’ depending on the current rotor positions. A reflector component then reversed the electrical signal back through the rotors, further scrambling the encryption and ensuring that the same settings could be used to decode the message. The plugboard also allowed operators to manually rewire certain pairs of letters before the electrical signal entered the rotors. This further scrambled the message.

Recipients configured their own Enigma machine to match the settings of the sender. These settings included the initial positions of the rotors, their order, and the plugboard connections, which were shared in a daily codebook distributed to operators. Even if a single day’s settings were broken, messages from other days would remain secure. The combination of these systems is what made the Enigma code so difficult to break.

Difficult, not impossible.

Building on notable breakthroughs made by Polish mathematicians, Turing and his colleagues were able to break the Enigma code with the help of an electro-mechanical device known as the ‘Bombe.’ This device helped the codebreakers dramatically speed up the process of uncovering the daily settings used by Enigma operators and ultimately crack the code.

Cryptology Meets Computer Science

The work conducted at Bletchley Park not only helped to turn the tide of the war, but it also marks an important intersection between the field of cryptology and what we would today recognise as the beginnings of computer science. That combination of technological advancement with the fundamentals of encryption——fundamentals that have endured since the glory days of the scytale——is what defines the modern encryption algorithms we currently rely on.

For example, the Advanced Encryption Standard (AES), established in 2001 by the US National Institute of Standards and Technology (NIST), is a symmetric block cipher that uses a combination of permutation and substitution (reordering and replacing bits). 

Commonly used to encrypt sensitive data in software and hardware, AES uses different sized keys, measured in bits (binary digits) and used in combination with multiple rounds of data transformations during encryption and decryption. Larger bit keys are harder to decrypt and undergo more rounds of transformation: 

• 128-bit keys undergo 10 rounds. 

• 192-bit keys undergo 12 rounds. 

• 256-bit keys undergo 14 rounds. 

To put that in perspective, a 256-bit key has 2²⁵⁶ possible combinations, which I’m reliably informed is comparable to the number of atoms in the observable universe. Granted, that’s slightly more secure than what the scytale was capable of, but both systems are reliant on the use of secure keys (bit or baton) to keep sensitive information concealed. 

AES and older algorithms like Data Encryption Standard (DES), and Triple Data Encryption Standard (3DES) use the same key for both encryption and decryption. However, asymmetric algorithms like Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) use a public key for encryption and private key for decryption.  

RSA is built around the difficulty of factoring large integers, while ECC uses elliptic curve mathematics (basically really hard sums that are near-impossible for current computers to crack). An easy way to wrap your head around asymmetric encryption is to imagine a locked mailbox. Anyone can post a letter (using the public encryption key) but only select individuals can get inside the mailbox and peek inside the envelopes (using the private decryption key).  

Congratulations, you survived your journey through space and time

There you have it, everything you need to know about how we keep things need-to-know. Typically driven by military necessity or amateur enthusiasm, new encryption systems and devices have enabled progressively complex solutions for keeping the confidentially classified, scandalously sensitive, and dangerously dissident away from prying eyes. But, while a lot has changed since the glory days of the scytale, many of the core principles of encryption we know today remain the same.

People are also still wearing sandals... for some reason.