How Encryption Keeps Your Data Safe

This episode is supported by NordVPN. Start protecting your internet experience
today with a 3-year VPN plan. Get 75% off, plus 1 month free by using the
code“SCISHOW” at NordVPN.comSCISHOW. [ intro ] It’s 406 BCE. You, the commander of Sparta’s navy, have
a top-secret message for your magistrate back home: the new strategy to defeat those dastardly
Athenians is to cut off their grain supply! But wait…what if your messenger gets captured? Athens might see your message and head off
your plan! The standard Spartan solution was a scytale—a
wooden rod paired with a strip of leather. You’d wind the leather around the rod and
write your message line by line. When you unwound the leather, the letters
would look like a meaningless jumble to anyone who didn’t know the width of the rod. Of course, all you’d have to do was try
a bunch of different thicknesses until the letters turned into words, so it wouldn’t
be an especially difficult code to crack. Over the centuries, people have tried to do
better, coming up with more and more sophisticated ways to encrypt, or scramble, information. Most of these encryption methods weren’t
perfect—there was always a chance that an attacker would manage to undo the procedure
you used to encode the information. But with the help of computers, we now have
ways to encrypt information that are almost impossible to crack. That’s a very good thing, because encryption
is what protects your bank password from hackers, keeps prying eyes out of your WhatsApp messages,
and even makes sure those Windows updates really came from Microsoft. The weird thing, though, is that these practically-unbreakable
codes are still based on the same building blocks the ancient Greeks used — with just
a couple of twists. Any coded message has two main parts: The
first component is the cipher—a scrambling procedure like the scytale, which is meant
to mash up the message into something unrecognizable. The second component is the key—some secret,
like the diameter of the scytale, that keeps unauthorized people from unscrambling the
message. In modern encryption, the process of sharing
keys can be kind of involved. And it definitely involves way more math than
before computers were a thing. But none of that matters unless you have a
usable cipher that can’t be cracked. Those have only existed for a few decades,
but they’re built on the same ideas we’ve been using for centuries. In fact, many modern ciphers just involve
taking the two main types of classical ciphers and applying the techniques a little differently. One type of classical cipher is the transposition
cipher, where the key tells you how to reorder the letters in the message. The scytale was a simple version of that. A more sophisticated example of a transposition
cipher is the route c ipher. Say you wanted to encrypt a message telling
the Spartans back home to “cut off the grain supply.” You’d write it down in a grid of, say, 5
columns, then read off the letters in a prearranged pattern. That path through the grid is your key. Transposition ciphers leave each letter intact
and swaps their positions. The other type of classical cipher, the substitution
cipher, does the opposite: it leaves each letter in position, but replaces it with something
else. The best-known example is the Caesar cipher,
named after Julius Caesar, who was quite the cryptography enthusiast. He liked to send secret military messages
by sliding every letter down three places in the alphabet. So A became D, B became E, and so on down
the line until Z wrapped around to C. Here’s what our message looks like encrypted
with Caesar’s method. Of course, a Caesar cipher doesn’t have
to stick to shifting by three. The key that tells you how far to rotate the
alphabet can be anything from 1 to 25. And why stop there? Forget Caesar ciphers; you could make the
key to a substitution cipher any of the over 400 septillion ways you can rearrange the
alphabet. Substitution and transposition are fine for
passing notes in class, but they have some pretty serious security flaws. A transposition cipher is just a giant anagram. And anagrams aren’t that hard to crack. Substitution ciphers, meanwhile, leave all
the structure of the original text. So for example, if an enemy intercepts the
message and sees that ‘x’ is the most common letter, it’s a safe bet that it corresponds
to ‘e’. And then maybe they’ll notice “IRX”
all over the place and guess that it spells “the,” and so on with other letters and
words. With some statistics and good guessing—what
cryptographers call frequency analysis—it’s easy to work out the key. You can make frequency analysis harder by
systematically re-scrambling the alphabet after every letter. A classic cipher called the Vigenère cipher
works that way, as did the famous Enigma machines used by the Germans in World War II. But even then, some patterns still leak through. In particular, if you know a specific word
will show up a lot—“Führer,” for example—and you know the rules for re-scrambling the alphabet,
you can guess which chunks of encrypted text might correspond to that word. That’s how the computer scientist Alan Turing
and his colleagues were eventually able to crack the Enigma. So, both transposition and substitution have
some pretty big weaknesses. But even today, these two techniques do most
of the work! You just need to fix their flaws. In 1949, a computer science pioneer named
Claude Shannon suggested a simple solution: alternate between applying substitution and
transposition to the same message. One version of Shannon’s idea had actually
been used earlier, during World War I, when the Germans developed a cipher called ADFGVX. But it was still crackable. To encode a message, you’d first print a
jumbled alphabet into a 6-by-6 square with the letters ADFGVX along the sides. That would be the key, which would tell you
how to translate each character in the message to a corresponding two-letter code. So the ‘C’ in “cut” would become FG,
‘u’ would be XX, and so on. Once you used that first key to code the letters,
you’d write the coded letters into another grid. Across the tops of the columns you’d write
letters that you’ll use for a second key. This would be the transposition part of the
cipher, where you rearrange the letters in the message. To actually rearrange them, you’d switch
the order of the columns so the key you wrote on top is in alphabetical order. Then you’d read off columns vertically,
and that’s your encrypted message. The French managed to crack ADFGVX shortly
after the Germans introduced it, but only because it didn’t take the combination idea
far enough. Shannon realized that if you keep alternating
between transposition and substitution, each fixes the weaknesses of the other. With transposition alone, you can crack the
code by anagramming. But when you add substitutions, characters
in the original are changed in unpredictable ways. With substitution, on the other hand, you
can break the encryption by analyzing the structure of the text, like by looking for
common words and letter combinations. But when you add transposition, any repetitions
or groupings get spread out all over. If you alternate between them, applying both
strategies multiple times, every bit of the encrypted text depends in a very complex way
on the entire key and the entire original message. Much of modern cryptography is built on Shannon’s
alternating ciphers, although computers allow for more fiddly transformations and bigger
keys. The first widespread digital cipher was the
Data Encryption Standard, which was commissioned in 1976 by what’s now the U.S. National
Institute of Standards and Technology, or NIST. These days there are tons of different options,
but most, including that original Data Encryption Standard, follow a similar procedure. For example, many are based on a process called
a substitution-permutation network. The idea is to alternate between two ways
to scramble the data: First, there’s the substitution box, which
replaces short sequences of bits, or zeros and ones, with different sets of zeros and
ones. —
It’s like how the ADFGVX cipher replaced letters of the alphabet with other letters,
except using sets of zeros and ones instead. Then there’s the permutation box, which
swaps around the positions of the bits. That’s the transposition part. Then you repeat both steps over and over and
over. Without the key, the result is practically
indistinguishable from random garbage. But this method does have one big limitation:
the boxes you use for each encoding step are small, fixed-size tables, so they can only
operate on small, fixed-size blocks of data. Ciphers like this are called block ciphers. Problem is, sometimes you need to encrypt
more than a few bits at a time. Like, what if your bank statement stretches
on for pages? It might seem like you could just encrypt
each smaller chunk of data separately—but that’s a big no-no. Just look at what happens to Tux, the friendly
penguin who personifies the type of operating system called Linux, if you encrypt him block
by block. Each block turns into something random-looking. But identical blocks get encrypted the same
way, so the structure shows through. A few years after that original data encryption
standard came out, NIST came to the rescue with new ways to extend block ciphers for
messages of any length. These techniques mix information from all
previous blocks into each new block. That way information spreads out across the
whole encrypted message and the structure doesn’t stick out anymore. Another way to encrypt big messages is what’s
known as a stream cipher. It builds on the idea of the substitution
cipher, but it doesn’t directly combine older methods the way block ciphers do. Instead, a stream cipher makes the encrypted
text look random by mixing every bit with another, randomly generated zero or one. Of course, to decrypt a message where you’re
mixing in a totally random bit every single time, you’d need that whole list of random
zeros and ones. That’s a key as big as your message! So instead, stream ciphers use math to generate
a long sequence of random-looking bits based on a shorter secret key. Of course, even with the best ciphers, there’s
still a major challenge: when you share the key with the person you’re sending the message,
you need to make sure it’s not intercepted. That’s another problem modern cryptography
has been able to solve, although in this case the techniques we use are very different from
how keys were exchanged before computers became a thing. So we’ll leave that story for another episode. But none of that other stuff would matter
without fast and secure ways of encoding information. Everything we do with computers today would
be so much harder. So let’s just thank all the cryptographers
from ancient Greece to today for allowing us to safely order our favorite snacks online. And speaking of cryptographers and encryption,
thanks to NordVPN for supporting SciShow. Right now, NordVPN is offering SciShow viewers
a 3-year Virtual Private Network plan for 75% off, plus 1 month free. When you’re ordering your favorite snacks
online, or sharing this episode of SciShow with your ancient Spartan friends, you want
to make sure your information is secure. With a Virtual Private Network from NordVPN
your information is encrypted and sent via one of their super fast servers, so you know
it’s safe. NordVPN has over 5100 secure servers in 62
countries and they’re always adding more. You’ll also never be slowed down with their
unlimited bandwidth and 247 customer support. Head to NordVPN.comSciShow and use the code
“SciShow” to get your 3-year plan for 75% off, plus 1 month free.

100 thoughts on “How Encryption Keeps Your Data Safe

  1. I'm interested in seeing how SciShow will manage to explain modular arithmetics and finding multiplicative inverses in a 10 minute video…

  2. It's Halloween, so I have the movie Ghostbusters on my mind:
    "I am the Encryption Key Master." "I am the Security Gate Keeper."

  3. …yeah…out of…as the same as a knife is out of your leg..after raming it in. twice, trice..a second. for a week?

  4. Anyone else trained in cryptography here cringing at the number of errors in this video.
    Personally him talking about E being the most common letter got my blood boiling for some reason. It is the space character that is the most common weakness in cryptography because it shows up much.

  5. I created a cypher in high school… I have it somewhere. I have to say it was good. It included many symbols for the same letter, but not the same amount of symbols for each letter. "E" for example had six options and "Z" had two options. Some symbols were letters, others were pictograms, and a few were just basic circles filled in in different ways.

  6. the matter of sharing the key is part of why DRM will never work. the key to decrypt the content is given to the user, it has to be or they can't view the content, the whole thing is based on trying to keep this fact hidden from the user. the key is hidden somewhere so the program running it can use the key but that the user won't be able to just use the key themselves. it never works for very long (many companies feel so long as it can be hidden for a little while it's worth it, but still say they need copyright protection for up to 170 years or what's the point in making anything.)

  7. Fun facts:
    Encryption algorithms are treated as munitions, and you can't export software with them outside the US.

    If you want to exchange keys with someone, you should check out how Diffie-Hellman key exchange happens! There are plenty of explanations that don't involve any math.

  8. The best encryption method is still some kind of prime factorisation, since the primes involved are impossible to guess without the key.
    And: You don't even need to share the key! There are also ways to use a public encryption that is impossible to decrypt unless you have your own public key (prime numbers involved;)
    So the Cesar Cipher was just the beginning….

  9. WRONG! Media has taught me that anything can easily hacked if you just type real fast! The counter-hackers always lose if you wear a beanie, have at least two keyboards, speak with a Russian accent and have headphones resting on your neck. This Is The Truth!

  10. just send yourself a message that says hello world and read it while it’s encrypted… it still says hello world 😝

  11. Decode this: [key, sentence is translated to French and then written backwards]
    laineg ertê'd zeibou'N unetnoc not emai'J. lainég tse lanac eC

  12. Great topic. You should try to do one building on this video, explaining why backdoors to encryption are being sought by law enforcement, and how it's not possible to do while still having reliable and secure encryption. People are woefully under-informed on this subject, and it's increasingly becoming a crucial issue (at least here in the USA) that voters need to be aware of.

  13. Turing and his collegues didn't crack the Enigma. Check your information before such bold statements!
    German military texts enciphered on the Enigma machine were first broken by the Polish Cipher Bureau, beginning in December 1932. This success was a result of efforts by three Polish cryptologists, Marian Rejewski, Jerzy Różycki and Henryk Zygalski, working for Polish military intelligence.

  14. I absolutely LOVE videos about Encryption. I hope to make my own online chat (some day) that uses a unique form of encryption that I come up with. Alternating Transposition and Substitution sounds just like what I would use. All the bit flipping stuff is out of my league.

  15. 7:38 I'd just like to interject for a moment. What you're referring to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX. Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux,” and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.

    Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.

  16. I think we can all thank the ancient Greeks for allow us to safely order our favorite snacks online. [cc]

  17. 9:10 Isn't it cool just how jumpcuts can now also make haircuts? I mean, why waste your money with barbers when you can use your editing skillz for zildo?

  18. ehem

    It was not the English to crack Enigma:
    'On 26 and 27 July 1939,[4] in Pyry near Warsaw, the Poles initiated French and British military intelligence representatives into their Enigma-decryption techniques and equipment, including Zygalski sheets and the cryptologic bomb, and promised each delegation a Polish-reconstructed Enigma. The demonstration represented a vital basis for the later British continuation and effort.' Gordon Welchman, The Hut Six Story, 1982, p. 289.

  19. 4:24 Enigma was cracked by Marian Rejewski (Polish mathematician and cryptologist), not by Alan Turing. Stick to the facts

  20. NIST which is pronounced as one word also created Data Encryption Standard as effectively an early open standard where the public gave input on how the system worked. This is significant for two reasons. One is it was the government that was responsible for the modern concept of open standards and also because public research was responsible for the development of data encryption, the Internet and computers.

  21. Alan touring did not crack the enigma. Enigma was in fact decyphered in Poland before the war.

    They even build a decoding computer based on 3 examples of the civilian version of enigma (there was such thing. Germans just adopted and modified a device designed for bank security). Then after September of 1939, the team that did it, moved with the hardware to France and later England, where English simply decided thet, with the code cracked, they don't need them anymore.

    What Touring team was doing was mass scale decoding. They run the procedures discovered in Poland on thousends of radio messages every day and transfering the data to the inteligence. This team was cranking numbers, not cracking the code.

  22. One time pads were used in WW2. And still are considered one of the best encryption methods. Unbreakable for short messages with no key.

Leave a Reply

Your email address will not be published. Required fields are marked *