The topic of data security is finding its way into mainstream media news reports these days, often due to high-profile lapses or breaches; and whilst encryption is sometimes mentioned in passing, the media reports rarely delve into the detail.
So, on Wednesday evening when I had the opportunity to attend a local history talk about the Enigma machine
and other encryption devices, I jumped at the chance. In addition to
listening to the talk, I saw a number of working exhibits, including
two Enigma machines used during WWII, and a Russian Fialka which was used in the Cold War.
One of the things which struck me about the talk was the race to increase encryption strength versus code-breaking attacks, and how these related to the computing power available at the time. In the early 1940's, the British used Colossus, the world's first programmable digital electronic computing devices to break the Lorenz cipher, used for German high-level military communications. Colossus was able to decipher an encrypted message in hours, far faster than by other means available at the time; whereas today a Lorenz simulator can be run on a modern PC and break an encrypted message in minutes.
The widespread availability of high-performance PCs available now at relatively low-cost, and modern encryption technologies, such as TrueCrypt and PGP, means that data can be secure from prying eyes, apart perhaps from those with arrays of supercomputers at their disposal.
However, the advent of quantum cryptography ('Quantum Leaps', IET Engineering & Technology) could result put an end to this race in the near future, by finally providing unbreakable encryption and intercept detection. If realised, this would render brute-force computational attacks to be useless, and attackers would be forced to revert to compromising the encryption keys instead….which is another approach which has been used for years, so maybe the status quo will remain?