How to build unbreakable encryption without a computer.
Ask the average person on the street what they'd need to build strong encryption and you'll hear variations of "powerful hardware" and "strong software." Encryption is, after all, essentially a matter of mathematics - therefore it seems intuitively obvious that the best way to encrypt or decrypt something is to have a computer do it. Machines, undoubtedly, can encrypt and decrypt information more quickly than a human could, but can machines automate cryptographic tasks better than a human? Can they, without human assistance, do it more securely than a human can?
In a word, no.
To understand why, it's important to understand a few elements of how computers and encryption work. Most consumer-grade encryption relies either on a form of PGP (Pretty Good Privacy) or something that functions very much like it. PGP generates two encryption keys, one public key which allows messages and files to be encrypted and a secret key which allows them to be decrypted again. The keys are static and generated at the same time, which means the same keys are used over and over again until their users decide to stop using them, usually after they've been compromised.
In theory, both these keys are random and so long as the decryption key remains secret, the encryption is safe. In practice, there are several problems with this.
First, there's no such thing as a truly random number when dealing with computers. At best they're able to generate these numbers based on random input from the user, atmospheric noise or something else pseudo-random enough that the conditions can't recreated so as to reverse engineer the secret encryption key. Assuming the computer isn't being monitored, and even air-gaped computers are subject to many different forms of remote monitoring, when these pseudo-random numbers are generated the encryption should remain secure and reliable.
The major weakness for encryption like this is that it is predictable, in that "ABCD" will always encrypt the same way if the same key is used. If key X is used to encrypt "ABCD" into "EFGH", then "ABCD" will always
be encrypted to read as "EFGH". This makes it easier to mathematically break the encryption, and makes it possible to reverse engineer the encryption if the attacker has a rosetta stone-like sample of both the plaintext and the ciphertext. The predictability factor makes it possible to test whether or not the encryption has been broken or the secret key discovered, simply by measuring whether the decrypted data is sensible or not, since the chances are mathematical insignificant that encrypted text is incorrectly processed so that it appears to be a meaningful message.
Truly secure encryption differs from the static dual-key method described above in two ways:
1. The key is used only once and then destroyed.
2. The key is at least as long as the unencrypted message, and each bit of data is uniquely encrypted.
The most common way of achieving this is using a One-Time Pad
, which uses a different number or letter value to encrypt every number or letter value used in the unencrypted data. For practicality, letters can be converted to their numerical value, so that A=1 and Z=26, with the numerical values reseting after 26, so that 27=1, 28=2, and so on. The two One-Time Pad is then combined with the unencrypted text to create the encrypted version (see the link for the technical details on how to do this).
Simple Sabotage Field Manual by United States. Office of Strategic Services. Download the complete manual here. | Photo: National Archives | Link |
As long as the encryption keys are never reused or intercepted, the encryption is 100% unbreakable - regardless of the amount of time or computing power one has. Since the key is non-repeating and random, it's also impossible to reverse-engineer the encryption. Since each piece of data (whether a number or letter) are uniquely encrypted, intelligence agencies are able to generate false solutions to the One-Time Pad so that it can appear to be decrypted and "reveal" whatever information they want by allowing the false solution to fall into the hands of a hacker or foreign intelligence service. In other words, in addition to concealing the true message, this system can deceive others into believing it says whatever they need.
This can be adapted to encrypt all computer calculations and transmissions by using a stream cipher, which applies the same technique to binary code, so that "11101111" encrypts "11111111" into "00010000." So long as the encrypting key for the stream cipher is sufficiently psuedo-random and at least as long as the encoded data, the data is safely encrypted. This data can even be made to appear to be "white noise," allowing for discreet monitoring through traditional methods or Van Eck phreaking
, which is possible even on unmodified hardware. In some instances, intelligence agencies have outfitted computer systems and server farms with special chips designed to produce what looks like white noise to everyone except those performing the surveillance.
The downside to One-Time Pads and similar stream ciphers is simply that it requires the entire key, quite lengthy at that, to be generated and securely shared, i.e. in person, ahead of time. Since One-Time Pads require at least as much information as the data to be encrypted, this can quickly eat up large amounts of data storage. Generating One-Time Pads and stream ciphers is extremely time consuming, as is encrypting or decrypting the information manually. While computers can handle these tasks, relying on them exclusively reintroduces at least some of the risks of other methods of computer encryption and decryption.