Cryptography for a Connected World

The exchange of sensitive information is a constant of twenty-first century life. We withdraw cash from ATMs, make purchases with credit and debit cards, shop online, send and receive emails, and conduct business on smartphones. Cryptography helps to keep all of that data private and secure.

Transforming the world

Private correspondence

Messages containing private or sensitive information can easily be encrypted. Encrypting an email generally consists of a “public key” that is used to encrypt the sender’s message and a “private key” that is used by the recipient to decipher that message and its contents and attachments.

Physical device encryption

Not all information that people and individuals would like to keep private is transferred over the Internet. In fact, most private information likely exists in the hardware of physical devices. Disk drives, tape drives, and USB and solid state drives also contain stored information that users want to keep safe. Many companies, including IBM, offer self-encrypting storage solutions that allow users to access sensitive information while helping to keep it safe from theft or accidental loss.

In the late 1960s, IBM Chairman Thomas J. Watson Jr. set up a cryptography research group in the Yorktown Heights, NY, laboratory, headed by cryptographer Horst Feistel. The group created an encryption method, named “Lucifer,” to protect the data for a cash-dispensing system that IBM had developed for Lloyds Bank in the United Kingdom. In 1971, Lloyds Bank bought the code, and IBM worked to turn Lucifer into a commercial product.

IBM’s work in encryption came at an ideal time. In 1968, the US National Bureau of Standards (NBS), started to study potential needs for computer security for both civilians and the US government. The results of the studies called for a single, interoperable data encryption standard, and in May 1973 and August 1974 the NBS published calls for encryption algorithms. The most promising submission was from IBM, which presented a refined version of Lucifer. Since Lucifer had already been published, its basic algorithm had been examined by the public. Furthermore, the US National Security Agency contributed consulting and technical advice, and the final version had a reduced key size, but was still strong. The algorithm lent itself to implementation in the hardware and software of computers at the time. On January 15, 1977, the NBS adopted IBM’s cryptographic algorithm as the first-ever Data Encryption Standard (DES) for the United States, and the world would soon follow.

The DES brought encryption from a little-known military science in the 1960s into our daily lives, and stimulated research in cryptography and competition in creating encryption algorithms. Security technology expert Bruce Schneier has said: “Almost all of the encryption algorithms ... can trace their roots back to DES.”

In their words

“I believe we in the industry must continue to improve existing technological safeguards which limit access to information stored in electronic systems; and we must devise new ones as the needs arise. I believe we in the industry must offer to share every bit of specialized knowledge we have with the users of our machines—the men who set their purposes—in a determination to help secure progress and privacy, both together.”

Thomas J. Watson Jr.

IBM CHAIRMAN AND CEO

Speech to the Commonwealth Club of California

April 5, 1968

“Privacy is the end we would like to achieve; security ... is the means.”

Dr. Lewis Branscomb

IBM VICE PRESIDENT AND CHIEF SCIENTIST

Testimony to a Congressional committee

January 29, 1974

“Here is something that will sound very extreme but is at most, I think, a slight exaggeration: encryption technologies are the most important technological breakthrough in the last one thousand years.”

Lawrence Lessig

PROFESSOR, STANFORD LAW SCHOOL; FOUNDER OF CENTER FOR INTERNET AND SOCIETY

Code and Other Laws of Cyberspace. Basic Books

1999

“There is no reason why the security system described for a single link could not be expanded to provide security for all users of a network. … It would be surprising if cryptography, the traditional means of [helping to ensure] confidentiality in communication, could not provide secrecy for a community of data-bank users.”

Horst Feistel

FATHER OF THE DES ENCRYPTION FAMILY

“Cryptography and Computer Privacy,” Scientific American, Volume 228, No 5

May 1973

With the emergence of the commercial Internet in the 1990s, the cryptographic
landscape changed significantly, becoming part of everyday social and commerce interactions. In those years, two of the pillars of Internet security, the SSL/TLS and IPsec standardized protocols, were conceived. IBM researchers made pioneering contributions to the cryptographic design of these standards. These include the invention of the Hash-based Message Authentication Code (HMAC) and the core cryptographic design of the Internet Key Exchange (IKE) standard—a key piece of IPsec and today’s virtual private networks (VPNs). The HMAC algorithm has become the gold standard for data authentication in the Internet with millions of invocations daily everywhere in the world.

IBM researchers have contributed cryptographic solutions in many other areas—including storage encryption and security technologies—that are not only intended to help protect the integrity and confidentiality of data, but also the personal privacy of users. They also designed cryptographic architectures suitable for embedded electronics, such as SecureBlue, that greatly increase the security of consumer products and provide defenses against reverse-engineering and tampering.

Due to the strong mathematical aspects of cryptographic design, these many contributions of IBM to helping secure modern communications and interactions would not have been possible without the significant theoretical work conducted by cryptography researchers working across IBM. This has resulted in major achievements in the mathematical foundations of cryptography and led to some of the greatest innovations in the area, including pioneering work in quantum cryptography, the invention of elliptic curve cryptography, seminal contributions to cryptoanalysis, the development of lattice-based cryptosystems, the design of strongly secure (CCA) encryption schemes, the advancement of distributed cryptography and proactive security, and the recent breakthrough invention of fully homomorphic encryption.

All these advances are central to today’s science of cryptography, and the basis for many of the upcoming technologies for the ever increasing need to protect information and privacy in our “electronic society.”