One of the better phases of childhood, it has always seemed to me, is playing with codes and secret messages.
You may remember a summer’s afternoon with “invisible ink” made from lemon juice. Perhaps your playmates devised code games for writing based on substituting numbers for letters, or you spent a day slowly beating out an important message in Morse code for the neighborhood kids to hear.
Despite what you think, you may not have left the world of intrigue and secrecy behind. If you buy anything via the Internet, you’re using sophisticated codes because all secure websites are based on them.
In childhood, the simple number-for-letter code worked the same basic way whether you were encoding or decoding a message. That’s a “one key” approach that’s still used — in much more sophisticated form — in some modern cryptography.
Digital Access for only $0.99
For the most comprehensive local coverage, subscribe today.
The encryption method used by governments has this kind of structure, although it codes information based on groups of letters rather than one letter at a time. In the common method, this means that instead of 26 options to write down — the 26 letters of the alphabet — there are oodles and oodles of options (actually, a little more than the number 1 followed by 77 zeros).
The size of that digit alone tells us we’ve entered the realm of mathematics, with computers necessarily to do the work of calculating and keeping track of everything.
The trouble with the one-key approach is that you have to get the key to everyone who needs it without nefarious folks learning the key as it moves around. And security is likely to go downhill over time in part because multiple parties have the same key and use it on an on-going basis.
An alternative is the “public key/private key” approach in which the key to encoding a message is known to everybody, but for practical purposes an entirely different key — called the private key — is needed to decode the message.
Here’s the way mathematics professor Anna Johnston at Washington State University explained it to me.
“Public key/private key cryptography is based on special mathematical problems. These problems are next to impossible to solve in one direction, but fairly easy in the other. Think of the hard direction as climbing Mount Rainier on your knees, with the easy problem more like taking a helicopter trip down from the summit,” she said.
Let’s say you are trying to communicate securely from your computer to Billy Bob’s computer in Baltimore. Starting with a large, random prime number to build on, your computer can make a public key for your coding and a private key for your decoding. You can send your public key to Billy Bob, but he (and any Internet hackers or spies) would have to “climb Mount Rainier” to find your private key.
Only your private key can decode Billy Bob’s messages to you. His first message to you can contain his public key, so you can code your reply to him using his public key — but only his private key can decode what you just sent.
Even throwing huge amounts of computing power at breaking the public key/private key system doesn't work.
“But advances in mathematics and computer science need to be watched, in case something comes along to make the current systems insecure,” Johnston said.
You’ve doubtless noticed that, from time to time, a bank or even the CIA has lost private information from secure sites to hackers. That’s partly because the trouble with even the sophisticated public/private key is that the security of the private key remains crucial. Code-breakers need only learn Billy Bob’s private key (or yours) to snoop. A computer virus that reports individual key strokes or otherwise reads the secret decoding key can give hackers what they want, and all security is gone in an instant.
By the way, Johnston is a mom as well as a mathematician, and sometimes she teaches secret codes to kids.
“They love codes until I mention the ‘M-word’” (meaning mathematics), she said with a laugh.
But talking with Professor Johnston, even this aging rock-head feels a bit more clear about modern codes.