Cyber codes

When was the last time you sent a coded message? Well, probably within the last hour, if you’ve sent an email or logged onto a website. We use codes all the time because we communicate our private messages in public. Without codes, sending information online over unsecured networks or networks with security holes would be like standing in Times Square and shouting your innermost secrets at the top of your lungs, in a crowd of millions of people doing the exact same thing. So to protect your privacy, you have to send your messages as codes that can be read by your friends, but not by your enemies. Codes have played a critical role in just about every major war in recorded history. In ancient Rome, Caesar used a simple code to send messages to his generals. Two thousand years later, Allied code breakers saved millions of lives and shortened World War II by cracking the German Enigma code. But codes aren’t just for emperors and soldiers; today we use them to shop online and say hi to our friends. Let’s say you want to share a secret with a friend. Here’s what happens after you hit send on an encrypted email. First, your email services need to agree on a secret key—a very large number—that will be used to lock and then unlock your message. But they can’t just send that number over the internet—an eavesdropper could intercept it. So they use a brilliant trick called public key cryptography. Both sides start with a publicly available number, but then add a dash of their own secret numbers and mix them together using mathematical operations that are extremely difficult to reverse. They swap bowls and do it again—dash of secret number, mix it up, and bam! Secret key. They used the same recipe, but never shared their individual secret ingredients, so the key is safe. Now your email service uses that secret key to transform and scramble your message. It transmits the coded message to your friend’s email service, which uses the secret key to reverse the scrambles and transformations and reveal the original text. Phew. That’s a lot of work for one email, but it happens in the blink of an eye and without any effort on your part. The scary thing is, not all traffic is encrypted. Online payments usually are, but browser history is not, nor are many text messages. Emails are complicated—they’re usually encrypted when they’re sent, but are sometimes decrypted before they get to their recipient. Some websites encrypt their traffic; you can tell by looking for the lock symbol in a URL. If it’s not there, anything you type into that website can be intercepted. That’s one of the reasons it is so important to have a different password for every website you visit and to avoid unsecure public Wi-Fi—where your messages can be easily intercepted. The other problem is: almost every code in history has been cracked in a way that initially seemed impossible. It could be the case that there is a chink in the armor of the codes we use that no one has discovered yet. Or perhaps someone has, and is keeping that information to themselves. So the next time you metaphorically shout your innermost secret in public, take a moment to consider whether you’ve locked it up tight enough—and what could happen if it got out.