Cryptography 101: defending Privacy

We all have heard the buzzword “crypto”, but what does crypto actually mean? The use of the word “crypto” in the context of digital assets is not wrong, but misunderstood. Crypto does not refer to a type of cryptocurrency but to cryptography, digital encryption, that allowed for the creation of Bitcoin. Cryptography is the study of “mathematical” systems for solving two types of problems: privacy and authentication. It’s goal is to safely store and transfer information. Privacy prevents an unauthorized entity to extract information and authentication prevents the injections of unauthorized information. Cryptography is relevant for the creation of Bitcoin, because an electronic cash system requires a high level of security to provide against counterfeiting and cyber attacks (Diffie, W. Hellman, M. E. “New Directions in Cryptography“). Historically cryptography mainly dealt with language and written text, today cryptography deals with the exchange of digital information.

The spartan military, developed a language and writing code that was used to transfer messages that could not be understood by the enemy. Julius Caesar is said to have used a simple key-cipher to encrypt written text passed amongst the roman military.  In this system of sending coded written messages, the plaintext was encrypted by moving the alphabet three letters to the right. An A was replaced by D, a D by G, G by J and so forth. In order to decode the text, one had to move the alphabet three letters to the left. The letter J turned into G, G into D and D turned into A and so forth. Both cyphers are Symmetric-key cryptography systems, where both the sender and receiver use the same mechanism to code and decode information. The mechanism works like the key to a lock used to close and open a door. Symmetric-key cryptosystems demand communicating parties to share a key, either physically through a meeting or by other communication routes. A private conversation between two people or the communication via written mail allows this. However, sharing a key takes time. It is not practicable for people who want to communicate online and live in different parts of the world to postpone communication until a key is securely transmitted. This posed a barrier to the transfer of secure communication on the internet (Diffie, W. Hellman, M. E. “New Directions in Cryptography“).

In 1976 American scientists Whitfiled Diffie and Martin Hellman published a scientific paper entitled “New Directions in Cryptography”, showing a theoretic solution to the problem of key distribution in digital communication: Public-key cryptography (also known as asymmetric-key). In a public key crypto-system encryption and decryption are governed by distinct mechanism: a public key and a private key. A public key is used encrypt messages and a private key used to decrypt messages. The private key is to be kept secret and used by the recipient to decrypt a message. The public key may be shared with anyone who wants to send an encrypted message to the recipient. 

Next to the problem of privacy in digital communication is authentication. Usually, the validity of contracts or letters is guaranteed by handwritten signatures. In order to have a purely digital replacement for this paper instrument, each user must be able to produce a message whose authenticity can be checked by anyone, but which could not have been produced by anyone else. The paper proposed the sender to sign a message with the private key, creating a digital signature. Anyone could use the corresponding public key to judge whether or not the signature is valid (Diffie, Whitfield; Hellman, Martin (8 June 1976). “Multi-user cryptographic techniques”. AFIPS Proceedings. 45: 109–112.). This works in such a way that both keys are mathematically relatable, but it is impossible to compute the private key from the public key. A third party “listening” to the exchange must find it computationally infeasible to compute the private key from any information overheard. The public key can thus be publicly disclosed without compromising the private key.

Despite their efforts, Diffie and Hellman were not able to come up with a working asymmetric-key cryptosystem, but showed that it is possible. It was in 1977 that three scientists, Ron Rivest, Adi Shamir and Len Adleman invented the The RSA encryption scheme, the first ever working encryption scheme with a public and private key. As envisioned by Diffier & Hellmann, the RSA encryption scheme also allowed for digital authentication, by signing documents with the private key. The digital signature also includes information about the time a document was signed (time stamped), so that digital documents may not be alter in retrospect.

Cryptography, which allows to achieve private lines of communication, has become a tool for defending privacy on the internet. The exchange of money involves the exchange of information. What product does one choose to buy? Where? For how much? Where does someone sell? To whom? For how much? Most people do not care about sharing such information, because they believe that this information is kept secret, but it’s not. The information is stored by companies and government agencies, used to advertise and study spending habits. Setting up private lines of communication and structures for private payments allows for financial sovereignty of the individual, that is deprived of this in the social setting of surveillance capitalism.

To reveal one’s credit score to a bank, for example when applying for a mortgage, is helpful – but one should be free to choose when to reveal information and when not. The sole obligation to do so restricts individual freedom. When holding conversations or engaging in any type of social interaction offline, for example the purchase of a movie or chatting to someone in a bar, we don’t always want other people to know what we do or hear what we talk about. Why should this be different online?  The constitutional right to privacy of communication and the sanctity of one’s home, should correspond to the digital realm. The cypherpunk manifesto published in 1993 by Eric Hughes famously states: 

 “Privacy in an open society also requires cryptography. If I say something, I want it heard only by those for whom I intend it. If the content of my speech is available to the world, I have no privacy. To encrypt is to indicate the desire for privacy, and to encrypt with weak cryptography is to indicate not too much desire for privacy. Furthermore, to reveal one’s identity with assurance when the default is anonymity requires the cryptographic signature.”

The world of “crypto” is about technology and that is fine, but bitcoin has a direct power dynamic with nation states and the international order. While the crypto industry argues over Ethereum versus Solana, the bitcoin network continues to establish itself as decentralised cryptographically secured infrastructure that can be relied upon as a censorship resistant monetary network. With the integration into Twitter and Mastercard or the announcement of publicly traded companies like Microstrategy and Tesla to hold bitcoin on their balance sheet, we are starting to see major multinational corporations begin to entrench bitcoin as the monetary rails of the internet and beyond, allowing for a necessary level of privacy on the internet.

Continue reading: Privacy matters

_______
Follow me 
Twitter
Instagram