Since time immemorial people have devoted their time to the encryption of data. There are examples that go back thousands of years to Ancient Egypt, but of course, most people’s minds turn to Alan Turing and the Enigma codebreakers, who are credited with saving millions of lives in World War 2.
The advent of the digital age meant a boom in encryption. Internet pioneers like Tim Berners Lee believed that the World Wide Web was a place to communicate and share information openly. Those are laudable sentiments until you want to use the internet to make a payment or to send sensitive information.
Going beyond DES
This was a question that the US Federal Government was contemplating as early as the mid 1970s when data started to be stored electronically. Cryptographers based at IBM came up with what became DES – the Data Encryption Standard. DES became the accepted method of data encryption and remained in use well into the 1990s.
We won’t go into the details of it here but suffice it to say that the biggest drawback to DES is that with a 56-bit key, there are only so many possible combinations – approximately 7.2×1016. Back in the 1970s and 80s that was good enough, but as computers became more powerful, it became a realistic proposition for them to crack DES by brute force – meaning by trying every combination until the right one cracked the code.
Codebreakers found other more subtle ways to crack DES, too. This, along with the fact that applying DES made data transfer painfully slow, meant another solution was called for.
The arrival of AES
In 2001, AES was established by the United States National Institute of Standards and Technology (NIST). AES is an open encryption standard that uses symmetric cryptography, meaning the same key is used to encrypt and decrypt the data. This makes the encryption and decryption process smoother for users.
AES uses a 256-bit key that goes through 14 rounds of encryption before being transmitted. Again, we won’t go into the technical details here, but Kiteworks has produced a very readable summary for non-tech people.
AES is considered good enough for top secret government encryption and will certainly remain fit for this purpose for the foreseeable future.
Everyday encryption at the bank or the casino
Top secret government data is one thing, but Secure Sockets Layer (SSL) encryption, of which AES is considered the most secure, is part of everyday life for everyone. Banks use it to protect customer account details, for example.
But what about paying and playing at online casinos? Casino operators together with financial service providers have the mammoth task of ensuring the safety and security of their clientele. In the online realm, operators who are offering live dealer games mimic real-world security and real money play. These platforms use SSL encryption to make the payment process as secure as possible, both in terms of customer deposits and withdrawing their winnings.
Looking to the future
AES is many times more secure than DES due to its larger keysize. Cynics might argue that people were equally confident about DES back in the day, but the reality is that with today’s powerful technology, it would take millions of years to crack by brute force.
Still, it is tempting fate to describe AES as unbreakable. Technology will continue to develop, and the next major advance will be quantum computing. There is already debate as to whether AES is quantum secure, and the consensus is that it is – so far.
Ultimately, the story of encryption will echo that of other types of security. Housebreakers hone their skills to circumvent the latest 5-lever deadlocks and lock creators keep working to stay one step ahead. The same applies with cybersecurity and with encryption. Even Alan Turing would not have been able to conceptualize AES. Something will supersede it, but it is equally inconceivable from our 2020s viewpoint.