The Internet: Encryption & Public Keys

[Music] Hi, my name is Mia Gil-Epner. I’m majoring in computer science at UC Berkeley,  and I work for the Department of Defense, where I try to keep information safe. The internet is an open and public system.

We all send and receive information  over shared wires and connections. But even though it’s an open system we  still exchange a lot of private data, things like credit card numbers, bank  information, passwords, and emails. So how is all this private stuff kept secret?

Data  of any kind can be kept secret through a process known as encryption, the scrambling or changing  of the message to hide the original text. Now decryption is the process of unscrambling  that message to make it readable. This is a simple idea, and people have been doing  it for centuries.

One of the first well-known methods of encryption was Caesar’s Cipher,  named after Julius Caesar, a Roman general who encrypted his military commands to make sure  that if a message was intercepted by enemies, they wouldn’t be able to read it. Caesar’s Cipher is an algorithm that substitutes each letter in the original message with a letter  a certain number of steps down the alphabet. If the number is something only the sender and  receiver know, then it’s called the key.

It allows the reader to unlock the secret message. For example, if your original message is “hello,” then using the Caesar’s Cipher algorithm with a  key of 5, the encrypted message would be this. To decrypt the message, the recipient would  simply use the key to reverse the process.

But there’s a big problem with Caesar’s Cipher.  Anybody can easily break or crack the encrypted message by trying every possible key. In the  English alphabet, there are only 26 letters, which means you’d only need to try at  most 26 keys to decrypt the message.

Now trying 26 possible keys isn’t very  hard. It would take at most an hour to do. So let’s make it harder.

Instead of shifting every letter by the same amount, let’s shift each letter by a  different amount. In this example, a 10-digit key shows how many positions each successive letter  will be changed to encrypt a longer message. Guessing this key would be really  hard.

Using 10-digit encryption, there could be 10 billion possible key solutions. Obviously, that’s more than any human could  ever solve. It would take many centuries.

But an average computer today would take just a  few seconds to try all 10 billion possibilities. So in a modern world where the bad guys are  armed with computers instead of pencils, how can you encrypt messages so securely  that they’re too hard to crack? Now too hard means that there are too many possibilities  to compute in a reasonable amount of time.

Today’s secure communications are encrypted using 256-bit keys. That means a bad guy’s  computer that intercepts your message would need to try this many possible options until they  discover the key and crack the message. [Music] Even if you had a hundred thousand supercomputers  and each of them was able to try a million billion keys every second, it would take trillions of  trillions of trillions of years to try every option, just to crack a single message  protected with 256-bit encryption.

Of course, computer chips get twice as fast and  half the size every year or so. If that pace of exponential progress continues, today’s impossible  problems will be solvable just a few hundred years in the future, and 256 bits won’t  be enough to be safe. In fact, we’ve already had to increase the standard key  length to keep up with the speed of computers.

The good news is, using a longer key doesn’t  make encrypting messages much harder but it exponentially increases the number of guesses  that it would take to crack a cipher. When the sender and the receiver share the  same key to scramble and unscramble a message, it’s called symmetric encryption. With  symmetric encryption, like Caesar’s Cipher, the secret key has to be agreed on ahead  of time by two people in private.

That’s great for people, but the internet  is open and public so it’s impossible for two computers to “meet” in private to agree  on a secret key. Instead, computers use asymmetric keys: a public key that can be exchanged with  anybody and a private key that is not shared. The public key is used to encrypt data and  anybody can use it to create a secret message, but the secret can only be decrypted by a  computer with access to the private key.

How this works is with some math that we won’t get  into right now. Think of it this way. Imagine that you have a personal mailbox where anybody can  deposit mail, but they need a key to do it.

Now you can make many copies of the deposit key  and send one to your friend or even just make it publicly available. Your friend or even a stranger  can use the public key to access your deposit slot and drop a message in, but only you can open  the mailbox with your private key to access all of the secret messages you’ve received. And you can send a secure message back to your friend by using the public deposit  key to their mailbox.

This way people can exchange secure messages without  ever needing to agree on a private key. Public key cryptography is the foundation of all  secure messaging on the open internet, including the security protocols known as SSL and TLS,  which protect us when we’re browsing the web. Your computer uses this today  anytime you see the little lock or the letters https in your browser’s  address bar.

This means your computer is using public key encryption to exchange  data securely with the website you’re on. As more and more people get on the internet,  more and more private data will be transmitted and the need to secure that data  will be even more important. And as computers become faster and faster, we’ll  have to develop new ways to make encryption too hard for computers to break.

This is what I do  with my work and it’s always changing.