Codemakers versus codebreakers

The protection and security of communications is a subject that has been continuously growing in importance since the introduction of the telegraph in the mid nineteenth century. Coding messages so that their contents remain secret has been carried out for centuries and the need for encryption in the traditional military and political environments has always been recognised. However, recently, as our society has become highly dependent on its modern communications systems, the use of encryption has spread into the public and commercial domains. Banks now transfer exceedingly large amounts of money via computers and it is, of course, crucial that they secure these transactions against alterations by unwelcome third parties. In this review, some of the techniques used to design a secure system and some possible attacks that might be launched against such a system are examined. Clearly, a strong encryption algorithm is one essential ingredient for a secure system. At regular intervals over the past 15 years there have been media headlines such as: ‘Mathematician breaks top secret codes’, ‘National security threatened by recent mathematical advances’, and ‘Banking security under threat’. So far the articles have been wrong and the cryptographic significance of the mathematical result has been misunderstood. Nevertheless, it is important to recognise that almost all implemented systems are theoretically breakable and to understand why this does not mean they can not be secure in practice. In emphasising the importance of cryptographic keys, it is shown that a strong cryptographic algorithm is of no use if the secret keys are compromised. Thus, good key management is a crucial element for any secure network. Finally, the use of simple combinatorial and/or geometric ideas to simplify key management is illustrated.