Just look at the success of University courses in the subject. More than 1 million people have signed up for an online course offered by Stanford Computer Security Lab, as CNBC reported in October 2017. The subject is now the second most popular subject in Stanford’s Computer Science Department, only behind another huge growth area: machine learning. The huge success of this course doesn’t seem to be driven by innocent curiosity about a difficult and (until recently) obscure subject. Instead, it seems that the students who have signed up are motivated by an altogether more base motive: money.
The huge surge in BitCoin use (and value) over the past few years and months has tempted many students to get in on the action. And while their motivations might be financial, BitCoin also represents a great way to learn about cryptography, and its growing variety of uses.
"Cryptocurrencies are a wonderful way to teach cryptography" Dan Boneh, co-director of the Stanford Computer Security Lab and a professor of cryptography, told CNBC. Beyond that, "there are a whole bunch of new applications for cryptography that didn't exist before," he said.
Why Cryptography Matters
The fact that so many people want to learn about cryptography is undoubtedly a good thing. Encrypting messages and data is one of the easiest ways of improving the security of both, guarding against theft and exploitation. Given this, and how easy it is to encrypt information nowadays, it’s really worth taking it seriously. In the majority of cases, I suspect, people either think that cryptography is hard, or that it doesn’t work anyway. I remember that several friends were surprised when the FBI couldn’t get into encrypted iPhones a few years ago – they had assumed that the government could always get around every security feature.
Please don’t fall into that trap. Cryptography is now easy to implement – and I’ll come to that shortly – and provides a range of important benefits to the user. Let’s look at just a few of them.
Cryptography defends against crime and theft. Almost all of the largest data thefts of recent years had the same objective – to steal financial details. Further, almost all of these thefts could have been easily defeated if the data stored on servers was encrypted. Even the best protected data is susceptible to theft, of course, but if it is encrypted this makes it almost impossible for a thief to use it.
Encryption might be your legal obligation. Depending on the industry you work in, and how much access you have to your customer’s personal information, it might be that you have to use encrypted servers and email services in order to comply with the law.
Cryptography protects your human rights. It might sound like an idealistic point to make, but we all have a human right to privacy. If you are using the internet without encrypting your data, you are voluntarily giving up that right.
Below, I’ll take you through how to implement good cryptography practices in your personal life or business. Before I do that, though, it is worth explaining a bit about how cryptography works.
Cryptography is one of those areas where a little knowledge goes a long way. Even understanding a few basic terms can really help you in using encryption services, and will mean that you are less likely to get ripped off by over-paid security consultants who think they can blind you by spouting a load of jargon.
How Cryptography Works
That said, cryptography is a large area of current research, and with new algorithms and services coming out every month, it can be difficult to see the wood for the trees. If you want detailed information, there are a number of detailed guides available online. Luckily, though, most cryptographic systems can be broken into 4 main types:
Hashing. Hashing is one of the oldest types of cryptography, and technically does not hide the contents of the message itself. Instead, an algorithm is used to produce a long “hash” from an existing file, and this is used to verify the authenticity of data or programs.
Symmetric Cryptography. This is a form of encryption where the recipient of the data and the sender have the same “key”, and this is used to both encrypt and decrypt the data.
Asymmetric Cryptography. This is a form of encryption that uses different keys for encrypting and decrypting data. A public key, held by both sender and recipient, is used to encrypt data, and each individual uses a private key for the opposite process.
Secure Key Exchange. Asymmetric cryptographic only works, of course, if there is a secure way of exchanging keys. In order to ensure this, there are several key exchange algorithms that make this exchange secure. The details of these are one of the most complicated areas of cryptography, but have a look at the Diffie-Hellman algorithm if you want to know more.
While that explanation may make cryptography sound complicated, actually using these systems is easier than ever. The growing popularity of encryption, not least because of the huge rise in BitCoin in recent years, means that there are now a range of easy-to-use systems. These hide most of the complicated encryption algorithms, and make using cryptography as easy as Gmail.
One of the first services to look into is a secure email mailbox. There are a lot of companies that now offer free encrypted mailboxes, and these are a great way of easily implementing encryption. If you are sharing confidential data, or merely want to ensure that no-one is intercepting your personal emails, encrypted email is a must.
In addition, encrypting data on your computer is a good way of guarding against physical theft. Again, there are plenty of services that will easily – and invisibly – encrypt your hard drive. Some even extend to the data you hold on the cloud, adding an extra layer of security.
Beyond these two easy steps, there are many other ways of using cryptography, and the level to which you implement it will depend on your own needs. You can look into encrypting your file-sharing services, for instance, or even extend your cryptographic systems to embedded systems in your home or workplace.
In short, now is the time to take cryptography seriously. If the numbers of people now learning about the discipline is anything to go by, in just a few years we will all need to know a lot more about cryptography just to keep up!
About the author
Sam Bocetta is a freelance journalist specializing in U.S. diplomacy and national security, with emphasis on technology trends in cyberwarfare, cyberdefense, and cryptography.