Saturday, May 5, 2018

The Code Book by Simon Singh

Author Simon Singh admits to forsaking "accuracy for snappiness" in his title, but the subtitle reveals the scope of his book:  The Science of Secrecy from Ancient Egypt to Quantum Cryptography. On this fascinating journey through the long history of code-making and breaking, he pauses to relate astonishing stories that demonstrate how "the subject is more relevant today than ever before."

In a fascinating digression, he throws in tales of how curious researchers deciphered ancient languages and scripts by using basic code-breaking principles. Many of these stories suggest that cryptanalysts are born before they're made. Jean-Francois Champollion decoded Egyptian hieroglyphics and Michael Ventris tackled Linear B with a fresh approach that ultimately succeeded. Both decided early that cracking these codes was their life work.

The development of RSA code is another astonishing story. This vital system, which allows internet transactions to be conducted securely, was developed in the 1970s by a team of three Americans who worked long and hard on the problem of coming up with a way of encoding and decoding material that avoided the cumbersome and insecure exchange of keys. This was eventually achieved by devising a system of double encryption involving public and private keys.

Amazingly, unbeknownst to the American team, British government cipher specialists working in secret had developed the same ideas a few years earlier. However, their superiors in GCHQ, the secret facility, forbid them to "go public" with their knowledge. Astonishingly, their achievement was not revealed for about thirty years. But the higher ups had made an error of judgment. This was a war secrecy did not win for the British cryptanalysts. Secure methods of encryption were not destined to remain the exclusive purview of governments and military organizations. With the spread of personal computers, they became absolutely vital to internet trade.

Of course, where there is a code, people will attempt to decipher it. If decryption is difficult or impossible, a roundabout way of spying on private material is the "tempest attack." This allows a snoop to remotely detect keystrokes made by a sender at the outset of transmission. One defense developed against this was a kind of shielding material that can be used to line a room and prevent the escape of electromagnetic signals. An interesting sidelight is the fact that in America, one must obtain a government license to purchase such a shield. This may suggest that "organizations such as the FBI regularly rely on tempest surveillance."

What of the enormous potential for governments and other entities to sift through data and spy anonymously on everyone, just because the technology makes it possible? In the nearly two decades since the publication of Singh's book, these problems have not gone away. On the contrary, they remain very much front of mind as we hear ever more stories about fake news, routine harvesting of data and massive data security breaches that involve multiple countries.

Meanwhile, what if the RSA code should eventually be broken? Singh points to the historic pattern of decoding "unbreakable" ciphers. In fact, "the tale of James Ellis and GCHQ warns us that there may already be remarkable breakthroughs hidden behind the veil of government secrecy." The fact that the US National Security Agency is the world's largest employer of mathematicians is suggestive, to say the least.

Quantum computing is a wholly new technological development, with vastly increased capacity and speed. Computers of this type would make short work of the lengthy calculations that currently make it impractical to break RSA by trial and error. As such, says Singh, it "would jeopardize the security of the world," and present "a potential threat to the individual, to international business, and to global security." If the arrival of quantum computing should result in a gap of security, the results would be unimaginably devastating.

The quantum computer was the latest fortress against which cryptographers and cryptanalysts hurled themselves in an effort to come out on top. The race to develop quantum computers moved forward in tandem with the effort to develop quantum cryptography. First conceived by Stephen Wiesner in the 1960s, an encryption idea that would be proof against them was initially ignored because it was ahead of its time.

Based on the polarization of light, which follows Heisenberg's Uncertainty Principle, Weisner's concept was taken up and developed by Charles Bennett and Gilles Brassard. The resulting process was not only unbreakable, but had the further advantage of revealing any attempt to spy on it. The first practical demonstration took place between two computers in a lab 1988. In 1995, a further demonstration used fiber optics to operate between two towns in Switzerland. At Los Alamos, scientists continued to experiment with the aim of creating a quantum cryptographic system that can operate through air via satellite. Meanwhile, according to an MIT Technology Review article dated February 2018, Quantum Computing is now here.

Singh's book came out in 2000 (Anchor, New York). This was long before the news reports of systematic abuse of personal data on a vast scale for heretofore unimaginable purposes like manipulating elections in foreign countries. Debate was already raging over individual rights to encrypt communications to ensure privacy. Should governments or "trusted third parties" be allowed to hold the keys to personal communications? Recent news stories suggests not.

Simon Singh, a popular writer on science and math topics, raises some fascinating issues and questions. This book reminds us of the vital importance of cryptography in our times. As a bonus for those who enjoy the practical activity of codebreaking, he offers some challenges at the end of the book, as well as on his website.

No comments:

Post a Comment