Chapters
Shownotes Transcript
This episode is brought to you by Shopify. Whether you're selling a little or a lot, Shopify helps you do your thing, however you cha-ching. From the launch your online shop stage, all the way to the we just hit a million orders stage. No matter what stage you're in, Shopify's there to help you grow. Sign up for a $1 per month trial period at shopify.com slash special offer, all lowercase. That's shopify.com slash special offer.
Feel your max with Brooks running and the all new ghost max too. They're the shoes you deserve designed to streamline your stride and help protect your body. Treat yourself to feel good landings on an ultra high stack of super comfy nitrogen infused cushion that takes the edge off every step every day. The Brooks ghost max too. You know, technically they're a form of self care Brooks. Let's run there. Head to brooksrunning.com to learn more.
2024 is shaping up to be a huge year for the internet, especially because NIST, the National Institute of Standards and Technology, recently announced that new algorithms they've been working on to keep the internet secure are going to be ready later this year. There's no telling just how successful these algorithms are going to be, but NIST hopes that they'll be able to protect the internet for the future. So we wanted to share an episode from our reporters Meredith Hodnot and Brian Resnick
about why the Internet is so vulnerable to breaking in the first place and why it's so hard to keep it together. Here's Meredith and Brian. Hey, Brian. Hey, Meredith. I want you to imagine something with me, if you will. Okay. All right. So imagine one day you wake up. Okay. And the Internet is broken. Ugh.
So hackers are getting into your bank accounts, your Twitter accounts, your work email, instead of loading banner ads.
Your computer would just like start loading viruses. Okay, great. Great. So they have all of my money, my identity. Yep. All of that. My secrets. Exactly. Is this the day I just put down the phone and then walk into the woods? Just walk away. I'm just going to walk away. You finally fulfill your destiny as a mountain man. This is not working. Life on the internet. Uh,
What you just described sounds so broken, I don't know if there's a tech support that could fix it. Right. So this doomsday scenario, this is the internet without encryption.
What is encryption? Yeah, it's largely math. Okay. Encryption is this cloak that wraps your private information. And so that anybody that's seeing that information, it just looks like random static. It just looks like gibberish. And so encryption is the thing that's really protecting your private information as it travels through the web. Hmm.
So you don't see my social security number, you see this cloak of gibberish. Right. If somebody intercepted that and tried to read that information, all they would see was randomness. So it sounds like
I use encryption all the time. All the time. Our everyday lives on the internet, they're built on an elaborate and largely invisible system of encryption. Google says that 95% of the traffic that comes through their site is encrypted in some way. Because there's this whole system of certificates and digital signatures that are all based on encryption that
Mm.
So encryption is just at the heart of building trust on the internet. So I know the websites I'm going to have not been intercepted by somebody. Right. And I can send my private information to people just knowing it's for their eyes only. Exactly. Exactly. So I like all this encryption as you've described it to me. It sounds nice. Right. I get to do a lot of cool stuff with it.
Is it in danger? So that's what I would love to tell you about on today's show. Okay. How the internet was built on encryption and how it might come tumbling down. ♪
When I started working in cryptography, almost all my colleagues told me I was crazy. And they were right. Marty Hellman is a professor at Stanford University. I have been for, God, over 50 years. Fifty years ago, computers were these massive plastic boxes with these itty-bitty little screens. And they were getting more and more intertwined with our money. ATMs were cutting-edge technology in 1969.
And NASDAQ, the world's first electronic stock market, opened in 1971. I remember saying I could foresee the day when you might buy a loaf of bread with an electronic funds transfer. I couldn't say debit card because we didn't have them. It was a new age. It was a new relationship to what money was and what it represented. Nixon took America off the gold standard in this time, too, 1971. So money was getting more abstract, more electronic.
Safes that protected physical bills and gold bars were the security of the past. We needed a safe to protect the information of money, the electronic communications that were quickly becoming more and more relevant. And I said, what happens if someone, maybe they can't steal billions of dollars, but they just crash the system so nobody knows how much money they've got in their bank account? What happens then? And so I saw the need for encryption.
Marty was on a quest to bring digital encryption to the masses. Encryption that could be used by the public, used commercially, to protect the electronic messages starting to send money back and forth. But Marty had a problem, because at this point, encryption was dominated by the government. Almost no one outside the military even really knew how it worked.
Any research into the underlying principles of encryption was automatically classified and considered a potential threat to national security. Agencies like the NSA had top-secret encryption departments, hoovering up all the best mathematicians in the country. But if you wanted to study encryption out in the open, it was a lonely place to be.
The field was almost non-existent. Most of it was in the classified literature. I'd go to information theory conferences, and there would often be people with name tags that said, let's see, what was it? Department of Defense was NSA, and everyone who said U.S. government was with the CIA. So it wasn't hard to figure out who was who.
Marty's friends, they all warned him off. They told him he had no chance going up against a juggernaut like the NSA. Friends told me, "How can you hope to discover anything that NSA doesn't already know? They have a decade's head start." And they said, "I don't care. What they know is not available for commercial use. If I develop it, it is." In order to bring encryption to the public, Marty needed to reinvent it, basically, in the light of day.
and he needed a team. Whit Diffie showed up on my doorstep in the fall of 1974, and he was an itinerant cryptographer is the way he describes himself. By the time he showed up at Marty's doorstep, this guy, Whit Diffie,
He had forged his own path in academia. I'm not a very good student. Witt had spent years going to universities and libraries and cutting-edge laboratories, trying to piece together any unclassified information that he could find on cryptography. And he kept hitting the same dead ends that Marty was hitting.
Until in 1974, the head of the cryptography lab at IBM told Witt, He said, I can't tell you much. We're under a secrecy order here. But you ought to go look up my friend Marty Hellman when you're back at Stanford. He subsequently wished he hadn't sent that because Marty and I became a big pain in his ample tush. Witt and Marty hit it off right away. Our interaction in many ways ran the opposite of a normal relationship.
graduate student and professor relationship. I describe it as, you know, I think possibly I'm more imaginative than he is. Certainly he's smarter than I am. - I really liked working with him, but he didn't like anyone telling him what to do.
Marty and Wit were totally seduced by cryptography. I sometimes joke that there's a muse, just like there's a muse of poetry, there's a muse of cryptography. And she whispered in my ear, she whispered in Wit's ear, she probably whispered in a lot of other people's ears who just wrote it off as a crazy dream. And they got to work. Somewhat haphazardly. Putting together all the bits and pieces they had gathered from the muses.
Witt had been obsessing for years about how to use cryptography to communicate remotely in a digital world. We were moving into a world where people would have intimate friendships with people they never met in person. And that cryptography was the only thing that would give you any sort of privacy. And to Witt, this presented two clear problems. I had these two problems in the back of my mind. You know, one for ten years and one for five. I have a hot back burn.
So imagine that you and I wanted to privately share information without ever meeting in person. We could set up a safe for us to put letters in, and no one else could read them. Those letters, they would be private. But we'd both need keys to open the safe door, and we couldn't share those keys without exchanging them in person. This was Wit's first problem. How do you share a secret key remotely?
And if we're just, you know, sending keys around, how do you make sure that you're sending them to the right person without ever meeting them in person? Verifying identities remotely. This was Witt's second problem. And I was trying to combine those two problems. And at some point, I realized that that must be possible. One afternoon in 1976, Witt was noodling on these problems. And he had a breakthrough.
So thinking back to that problem of you and I trying to share messages without ever meeting in person, Wood's idea was something like, what if the safe had a mail slot in it?
That way you could come by any time and drop off your letters in the safe, but you wouldn't need keys. And then I could come by later, open the safe with my keys, and read your letters. So encrypting, putting the information in the safe, is a different step than decrypting, taking the information out. Witt's idea was to split the encryption and the decryption.
This also solves the second problem of identity, because you know that that's my safe and my mail slot. I'm the only one with the keys to the safe, and so I'm the only one that can open the door and take the information out. Having the keys is a way of proving my identity. Of course, you'd need your own safe and your own mail slot where I could come by anytime and drop off letters for you. But then we would have a secure way to exchange information.
The bottom line is, if we both have safes and we both have our own protected personal keys, we can trust that we're talking to each other and trust that we're talking privately without ever having to meet in person.
It was a stunningly elegant idea, something they called public key cryptography. Witt had come up with the idea of public key cryptography, but no way to do it. Now, Marty and Witt had to figure out how to build these safes. The trick was, of course, they couldn't build them out of iron and steel. They needed to build them out of math. In cryptography, the safe isn't a physical object. It's like a mathematical cloak.
Covering up private information with random static. Transforming understandable and usable information into incomprehensible, useless garbage. But it isn't just about locking up information under random static. You also have to be able to easily unlock that randomness with a key and turn it back into readable, usable information.
Marty and Witt wanted to find the simplest system that could fit that pattern, and so they looked into a type of math problem called one-way functions.
One-way functions are math problems that are designed to be easy to solve, but take a lot of time and energy to reverse. Like, 7 times 13, I could do 70, 21, 90, I think it's 91. I could do that in my head in a few seconds. But if you gave me 91 and asked me to factor it into two primes, it takes longer. So multiplying is easy and factoring is hard.
But if you have one of the factors already, then you can easily get the other one. So that's the secret key. But not every one-way function can be made into a cryptographic system. Not all one-way functions are good at making encryptions. But all encryptions have a one-way function at their heart. And for this all to work, these one-way functions need to be super hard to solve without a key. So tough that it's not even worth a hacker's time to try.
One night, it was probably 1 a.m., Marty was at his desk with a pencil and paper, racking his brain, trying to figure out a way to bring Witt's idea of public key cryptography to life. I was playing and I tried a new permutation on what's secret, what's public, what's private, and all of a sudden it came out. After a few months of work, Marty and Witt published their findings.
They put together everything that they had been thinking about. The safes, the public key cryptography, the one-way functions. And the first line that they wrote? We stand today on the brink of a revolution in cryptography.
It was probably Witt. That sounds more like Witt than me. Witt is not above grandstanding, and he's often right. I think I got that one right. For the first time in history, there was research that could make encryption available on a commercial scale.
And the open research community was thrilled. But NSA had a whole other reaction. The NSA was not happy that they had lost their monopoly on cryptography. There was actually a fight. The NSA, loosely speaking, maybe more than loosely speaking, wanted to throw me in jail. Marty and Witt's work threatened the whole way that the NSA did business.
If all this cryptography research was out in the open, then more foreign governments could encrypt their information. And that made the NSA's job much harder. I was telling foreign entities how to protect their secrets. I was trying to tell American entities how to protect theirs, but there's no way to do one without the other. An NSA employee wrote a letter to the journal that published their work and accused them of breaking the law.
specifically the international traffic and arms regulations. It's against the law, obviously, to export a jet fighter plane, right, without an export license. It's also against the law to export the plans for how to make that fighter because that could be used to make it.
And the ITAR, the International Traffic and Arms Regulations, defines anything cryptographic as an implement of war. And so by publishing in international journals how to design good cryptographic systems, we were exporting technical specification on implements of war without an export license. Marty immediately brought this accusation to the general counsel at Stanford University. It's unconstitutional.
because it would be a violation of freedom of the press and freedom of speech. That was his legal opinion. But he also warned me, and I'll never forget this, if I was prosecuted, Stanford would defend me, but if I was found guilty and all appeals were exhausted, they couldn't go to jail for me. Witt and Marty continued their fight for robust, accessible encryption.
And Marty came to see himself as a security officer for the public. No one was representing the public, and the public needed protecting, and the group that you'd expect to protect them, the part of the government that should be doing that, wasn't doing it. So I realized that's the role I had assumed. The reaction from the NSA sparked a nationwide debate about the government threat to open publication. And who had the right to access tools of privacy?
Articles came out in Science and the New York Times. The media was all on our side. I mean, the Times, for example, because this is freedom of the press. And remember, it was right after Watergate. My wife was really happy when this became big news because she said up to that point, if something happened to me, nobody would really know what had happened. Whereas now, if you're a public figure and suddenly you have an accident, there would be questions, hopefully. Remember, I'm also pissing off not just NSA, but their foreign equivalents.
And I had other friends worked in the community who told me that, yes, my life was in danger. So who knows? People told me to watch my ass. I never worried about it. Various people have told me NSA threatened them and things like that. It was never more than rude to me. Eventually, the NSA backed off. They never pressed charges against Marty and Witt. And over the years, the NSA stopped trying to classify all cryptographic research.
They came to agree with Marty and Witt and saw that everyone could benefit from encryption. American secrets of great commercial importance.
They also have national security importance. Instead of classifying all cryptography research from the start, Witt told me that the NSA began to scout talent from early drafts of scientific journals. So they were very good at observing papers and approaching people informally and saying, you know, some combination of,
Would you please not publish this? And, you know, maybe you'd like to get a clearance and come to some of our meetings. We work on interesting problems. And today, nearly 50 years later, public key encryption is a fundamental building block of the Internet and of our daily lives. How many of you have...
Whitt and Marty, they saw a vision of a future that they helped create.
and all that encryption that we use every day. It depends on those one-way functions, those mathematical locks. The problem is, math is always changing and evolving. Today, multiplying large prime numbers may be a good one-way function. It's easy to solve, but takes lots of time and effort to reverse without the key. But tomorrow? Tomorrow somebody might figure out a new way to factor numbers.
a new way that's much, much more efficient. And then that asymmetry, it disappears. And the lock is easy to get into without the key. After the break, is it possible to future-proof encryption? And how answering that question might break the internet. This episode is brought to you by Shopify. Whether you're selling a little or a lot...
Shopify helps you do your thing, however you cha-ching. From the launch your online shop stage, all the way to the we just hit a million orders stage. No matter what stage you're in, Shopify's there to help you grow. Sign up for a $1 per month trial period at shopify.com slash special offer, all lowercase. That's shopify.com slash special offer. What encryption does Tesla use? Curve 25519.
The most secure, discrete log parameter there is. Not anymore. Our network just blew it apart. Unexplainable. We're back. I'm Meredith. And...
You're Meredith. I'm Brian. Yep. Okay. Because of encryption, I know you are you because we're on an encrypted, I think we're on an encrypted channel. Yeah. And there's not just some, you know, kind of deep fake man in the middle giving me fake Meredith. This has all been an elaborate ruse. Yeah.
So we've like built up this pretty secure internet. Like I feel pretty good on the internet. I don't think about it. I see like the little lock icon in my web browser and I know this is encrypted. So is this the internet we might have forever? Yeah.
Are we cool? So the one-way functions at the heart of the internet security today are hard to break, but that's really subject to changing technology. Oh, so the simple question here is these one-way functions, kind of math problems, easy to do, hard to reverse...
These are our locks on the internet. These locks can be picked. Is that what you're saying? Oh, definitely. One example that comes to mind is there's a really common one-way function based on multiplication and factoring. And the invention of quantum computers, which are on the horizon, a twinkle in a lot of researchers' eyes,
The way that those computers are built would actually make factoring as a one-way function totally obsolete. And so there's a lot of work and research in cryptography right now looking into these one-way functions and making them, quote unquote, quantum safe. Right.
It's a little bit like an upgrade to your security system on your operating system on the computer. Like, people are seeing new technologies, new types of computing power on the horizon, and trying to add patches or figure out what we would need to change in order to keep that safe. Yeah. There's a bit of a cat and mouse thing here. You see new tech coming, you try to beef up the locks, but then, you know...
I'm sure new, even new, new tech can come and then beef up and then we'll need even new locks. Yeah. But that's an example of a threat that people can see coming. But like, what if there's a threat that you can't?
Okay, so can all locks be broken? Is it possible to not do this cat and mouse game of like seeing new tech and building a new lock? Yeah, so that's the main question that's been motivating the cryptographer Rafael Pass. My name is Rafael Pass. I'm a professor of computer science. He basically believes that like cryptography is math magic. There's a bunch of just...
beautiful and such contradictory concepts in cryptography. Things that just seem impossible at first and then using cryptography, the impossible becomes possible. It's like finding magic in mathematics. But it's real. It's actually true. So this math wizard, this sorcerer of math, what is his question when it comes to these math locks? Is there a perfect lock?
That would be nice. So this is very theoretical. This is like the perfect lock as a concept. Yeah. Before we build it, we have to know if this concept can even exist. Exactly. Exactly. So the way that Raphael puts this is like, does a true one-way function, can that exist? Mm.
So right now we've been like talking about one-way functions as like easy to solve, but hard to reverse. But that hard is a moving target. It's subjective to the technology and the knowledge that we have. But what if there was a true one-way function that was easy to solve, but impossible to reverse? And then I can buy things on the internet forever. And that's it. That's what I want. Yeah.
Yeah, no matter what fancy quantum computers are coming down the road, this would be mathematically impossible to reverse. So how does he figure out if this type of law even can exist? Like, how does he even figure out if it's even possible? Right. So he's looking for a unifying theory across all one-way functions.
So we try to see whether there exists some kind of like mother problem or master problem that can tell us whether 1A functions actually do exist or not. Tell me, has he figured this out? So a few years ago in 2020... Is it now yes or no? You're going to like tell me a whole story? Yes, basically, yes. He found maybe not exactly the answer, but he found a very, very promising lead.
So a few years ago, Raphael and his grad student, Yanni, they were digging into this unsolved problem of computer science. So like totally different field than cryptography. And they were looking at this problem. It's called Kolmogorov complexity. Kolmogorov complexity. Yeah. And so this is like a famous unsolved problem problem.
in computer science. A problem has been studied
at least since the 1960s. And it has to do with the nature of randomness. Randomness is so critical in cryptography. That's the walls of the safe that you're locking the information behind. You're transforming usable information into gibberish to do that. Gibberish is randomness, right? Yeah, because we don't have a physical safe here. Our information on the internet is cloaked in randomness.
Instead of seeing my credit card number passing through the cyberspace, you see some things that just look like gibberish. And randomness, that gibberish, is at the heart of this complexity problem. Yeah. And so basically the problem to solve is like, can you write a computer program that can analyze things?
I think this is a deeply philosophical question. We're looking at something in nature and we're trying to see, was this just random or is there something interesting going on? So the solution to this complexity problem, it's not just like some math problem on a chalkboard somewhere where all you have to do is like beautiful mind it.
X equals three is the answer. Right, exactly. There's not a solution like that. The solution to this problem would actually be a computer program that could analyze the randomness of any given information. And that itself is a tool. If you had the tool to really see through randomness and see if something was truly random or if there was a signal, some information buried in it, this computer program
could basically see through the safe walls of any encryption scheme. Yeah, because if our information is protected by randomness, and if you can see through randomness, you can probably fetch out that information. Exactly. If you solve the complexity problem, what happens? If you solve the complexity problem, then one-way functions, true one-way functions cannot exist.
And not only that, everything that we've built on potential one-way functions is instantly broken. You've broken all candidate one-way functions, all encryption schemes, all digital signatures. Everything can be broken. So solving this problem could give you the power to break the internet. Yeah, it would...
The way that it's been described to me is that it would instantly break all encryption. But there may not be an answer to this complexity problem. It might just not be solvable at all. Like, we don't know if there's an answer. What happens if we just can't solve it?
So if this complexity problem is difficult to solve, then Raphael claims that he has a very clear blueprint of how to build the perfect lock, something that's provably secure. Okay, so just to acknowledge something here. Okay. You've taken us on a journey of...
And each step of the journey has an unanswered question. So we proceed further into darkness here in the story. Because it gets a little heady here. So first off, you have this idea of one-way function. We don't know if there's a perfect lock out there. The answer to the question, is there a perfect lock out there, hinges on the answer itself.
to another unanswered question. Totally, yeah. This complexity problem. So there's like two great big questions here, one leading to the other. Exactly. Well, Raphael has told us there's a road to the answer. Right. And if we work really hard on this math problem, we might get an answer to the question of, is there a perfect lockout there? Yes.
But this is kind of high stakes because either we might get perfect locks out of this or we might realize that all locks will fail. Yes. That would mean that communication on the internet would never be able to be secure. That would be pretty bad. Do you think that's going to happen? I don't think so. I hope not.
Is that worth it? Is that worth pursuing this path for like that dream of perfection? Like we might find ruin. And is that worth it here? I would maybe stay away from this complexity problem because I don't want to break the internet. Yeah, I mean, I feel like
To me, this feels very similar to nuclear physics. And the study of that through the 30s and the 40s opened the door to weapons of tremendous power, the atomic bomb. So that would be the path that would lead us to breaking all encryption on the internet. But it also gave us really fundamental answers about the nature of matter in our universe, right? Yeah.
That then led to tremendous tools in medicine and agriculture and carbon-free energy. The pursuit of knowledge and the pursuit particularly of these very fundamental truths, they have powerful and dramatic consequences. Yes, there could be this world of the atomic bomb for encryption, but it could also lead us
to a whole new era of encryption and lead us to tools that we don't even know what they are yet. One-way functions are great, they're awesome, but they're not everything we want from cryptography. We have much loftier goals. So it would be awesome to also achieve these more advanced cryptographic tools using
some problem like this. But it also strikes me there's a counterpoint here in that, yes, I'm usually extremely optimistic about an unanswered question. But here, I'm realizing that sometimes looking into an unanswered question could lead you to dangerous things, too. Yeah. I mean, I think when you look for fundamental truths—
the consequences of that are just inherently bigger. If you're looking for something that connects all locks, then if you find a flaw, that's a flaw in all locks. It's just like a nature of the question. It's a little scary. It's a little scary, for sure. On the other hand, is it less scary to live in a world where
have reasonable security in the locks that you have and like reasonable faith that they haven't already been broken. Yeah. All of these things, all that the cryptography that we've been talking about, they're tools. They're ways for us to share information. There are ways for us to build our lives and our relationships on the internet remotely. Yeah.
Like, we're having this conversation remotely. If, like, the development of the encryption that we have today allowed us to do this, then what could we use the tools of tomorrow to build in the future? Like, there's also an inherently optimistic view. There's still even, like, for now, right, you can still run into some shady stuff on the internet. People can still steal things. Yeah, yeah. I mean, like, crucially, encryption is really about that...
protecting information as it travels through the internet. But like there's still data breaches all the time. Like once it gets to a destination, like who knows how your information is getting stored on some like company server. And it strikes me that even if you have a perfect lock and perfect encryption, you could still give away the password or the keys to that potentially. Yeah, you click on some suspicious link and it's like 10 new bread recipes.
And they asked for my Apple password. I'm like, sure, why not? This episode was reported and produced by Meredith Hodnot with help from Bird Pinkerton. It was edited by Catherine Wells and Brian Resnick with help from Noam Hassenfeld and Jillian Weinberger. Scoring by Meredith and Noam.
Efeem did a little something something too, but you know, mainly Meredith and now I'm. Mixing and sound design by me, Efeem Shapiro, and fact checking by Zoe Mullick. Mandy Nguyen is off to adventure in the great north. Christian Ayala found his way home.
Special thanks to Russell Brandom and Erika Klarreich. If you want to learn more about one-way functions and complexity, check out Erika's article, Researchers Identify Master Problem Underlying All Cryptography, in Quantum Magazine. If you have thoughts about this episode or ideas for the show, please email us. We're unexplainable at vox.com. We
We'd also love it if you wrote us a review or rating. Unexplainable is part of the Vox Media Podcast Network, and we'll be back next week.