0:00

From Radio Lab and WNYC

0:03

Studios comes an exploration. don't

0:06

see this thing. Into the mystery. of

0:08

our planet. I never dreamed that it would happen

0:10

with real creatures. We were just going,

0:12

how did you do that? An occasional songs.

0:17

How is the song?

0:19

Terrestrials. We

0:22

are Terrestrials. Listen on

0:24

radio lab for kids wherever you get podcasts.

0:28

This

0:29

week's episode of unexplainable is brought to you

0:31

by Samsung. Are you looking

0:33

to supercharge your productivity? Samsung's

0:36

new Galaxy z Fold four

0:38

offers a world of possibilities with an expansive

0:41

foldable screen. It's

0:43

more than just a phone. zfold four

0:45

is a full on multitasking powerhouse

0:48

that lets you do more than ever before. right

0:50

from the palm of your hand. You can fold

0:53

the large immersive screen to watch your favorite

0:55

content while using your phone to take notes.

0:57

or to take the perfect selfie all

0:59

hands free. Visit samsung

1:02

dot com to learn more about Galaxy

1:04

z Fold four.

1:07

Hey,

1:07

Brian. Hey, Meredith. I want I

1:09

want you to imagine something with me,

1:11

if you will.

1:12

Okay. Alright. So

1:13

imagine one day. You wake up.

1:16

Okay. And the Internet is broken.

1:18

Ugh.

1:19

the

1:20

So hackers are getting into

1:22

your bank accounts, your to your Twitter

1:24

accounts, your work email. Mhmm. Instead

1:27

of loading banner ads, your

1:29

computer would just like start loading viruses,

1:31

Okay. Great.

1:33

Great. So they have all of my money,

1:36

my identity -- Yep. -- all of

1:38

that.

1:38

My secrets. Exactly. Is

1:41

this the day I just put down the phone

1:43

and then walk away. Just

1:45

walk away. Yeah. I'm just gonna walk away.

1:47

Finally, fulfill your desk knee as a mountain

1:49

man.

1:49

This is not working. Life on the Internet.

1:53

What you just described sounds so

1:55

broken. I wouldn't I don't

1:58

know if there's a tech support that could

1:59

fix it.

2:00

Right. So this doomsday scenario,

2:03

this is the Internet without encryption.

2:07

What

2:07

is encryption?

2:09

Yes. Largely max.

2:11

Okay. Encryption is

2:13

this cloak that wraps

2:15

your private information. And so

2:17

that anybody that's seeing that information,

2:20

it just looks like random stat It

2:22

just looks like gibberish. And

2:24

so encryption is the thing that's really

2:26

protecting your private information

2:29

as it travels through the web.

2:32

So you don't see my Social Security

2:34

number. You see this cloak of gibberish.

2:36

Right. If somebody intercepted that

2:38

and tried to read that information, all

2:40

they would see was

2:41

randomness. So it sounds like

2:44

I use encryption all

2:46

the time. All the time.

2:48

Mhmm.

2:49

Our everyday lives on the Internet,

2:52

they're built on an elaborate and

2:54

largely invisible system

2:56

of encryption. Google says that

2:58

ninety five percent of the traffic that comes through

3:00

their site is encrypted

3:01

in some way.

3:03

because there's this whole system of certificate

3:05

and digital signatures that are all

3:07

based on encryption that

3:10

tell you that when you go

3:12

to Amazon, that that's actually Amazon.

3:16

So encryption is

3:18

just at the heart of building trust

3:20

on the Internet. So I know the websites

3:22

I'm going to have not been in

3:25

receptive by somebody --

3:27

Right. -- and can send my private information

3:29

to people just knowing it's for their eyes

3:31

only. Exactly. Exactly. So

3:35

I like all this encryption as

3:38

you've described it to me. It sounds

3:40

nice. Right. get to do a lot of cool

3:42

stuff with it. Is it

3:44

is it in danger?

3:46

So that's what I would love to tell

3:48

you about on today's show. Okay.

3:50

How the Internet was built on encryption?

3:53

and how am I come tumbling down?

4:11

When

4:11

I started working in cryptography, almost

4:14

all my colleagues told me I was crazy, and

4:16

they were they were right.

4:18

Marty Hellman is a professor

4:19

at Stanford University. Have been

4:21

for God over fifty years?

4:24

Fifty

4:24

years ago, computers were

4:26

these massive plastic boxes

4:28

with these Itty Bitty little screams, and

4:31

they were getting more and more intertwined

4:33

with their money.

4:35

ATMs were cutting

4:37

edge technology in nineteen sixty nine,

4:40

and Nasdaq, the world's first electronic

4:43

stock

4:43

market, opened in nineteen seventy

4:45

one. I remember saying I could foresee

4:47

the day when you

4:49

might buy a loaf of bread with an electronic

4:51

funds transfer. I couldn't say a debit card

4:53

because we didn't have them. It

4:55

was a new age. It was a new

4:57

relationship

4:58

to what money was and what it represented.

5:01

Nixon took America off the gold standard

5:03

in this time too, nineteen seventy one.

5:06

So money was getting more abstract, more

5:08

electronic.

5:10

Safe that protected physical

5:12

bills in gold bars were the

5:14

security of the past.

5:16

We needed a safe to protect the information

5:18

of money.

5:19

the electronic communications that

5:22

were quickly becoming more and more relevant.

5:24

And I said, what happens if someone

5:27

Maybe they can't steal billions of dollars, but they

5:29

just crashed the system so nobody knows how

5:31

much money they've got in their bank account. What

5:33

are they what happens then? and

5:35

so I saw the need for encryption. Marty

5:37

was on a quest to bring digital

5:39

encryption to the masses.

5:42

Encryption that could be used by

5:44

the public used commercially to

5:46

protect the electronic messages starting

5:48

to send money back and forth. But

5:51

Marty had a problem because at

5:53

this

5:53

point, encryption was

5:55

dominated by the government. Almost

5:58

no one outside the military

5:59

even really knew how it worked.

6:03

Any

6:03

research into the underlying principles

6:05

of encryption

6:06

was automatically classified

6:08

and considered

6:10

a potential threat to national security.

6:13

Agencies like the NSA had

6:15

top secret encryption departments. whovering

6:18

up all the best mathematicians in

6:19

the country. But

6:21

if you wanted to study encryption out

6:23

in the open, it was a lonely place

6:25

to be.

6:27

The field was almost nonexistent.

6:30

Most of it was in classified literature.

6:32

I'd go to information theory conferences and

6:35

there would often be people with name tags that

6:37

said, let's

6:38

see, what was it? Department

6:40

of Defense was NSA, and everyone

6:42

who said US government was with the CIA.

6:45

it wasn't hard to figure out who was who.

6:47

Marty's friends, they all warned him

6:49

off. They told him he had no

6:51

chance going up against a juggernaut,

6:53

like the NSA. friends told

6:55

me how can you hope to discover anything

6:58

that NSA doesn't already know. They

7:00

have a decades

7:00

head start and they said, I don't care.

7:03

what they know is not available for commercial

7:04

use if I develop it it is.

7:06

In

7:07

order to bring encryption to the public,

7:09

Marty needed to reinvented basically

7:12

in the light of day, and

7:14

he needed a team. Whit

7:16

Duffy showed up on a doorstep in

7:18

the fall of nineteen seventy four, and

7:21

he was an itinerant cryptographers the way

7:23

he described himself. By

7:24

the time he showed up at Marty's doorstep,

7:27

the sky went duffy.

7:29

He had forged his own path in

7:31

academia. I'm not a good

7:33

student. Whit had spent years

7:35

going to universities and libraries

7:37

and cutting edge laboratories, trying

7:40

to piece together any unclassified

7:43

information that he could find on cryptography.

7:45

and

7:46

he kept hitting the same dead ends

7:48

that Marty was hitting. Until

7:50

in nineteen seventy four,

7:52

the head of the cryptography lab at IBM

7:54

told Whit

7:55

he said, I can't tell you much. We're

7:57

under a secrecy order here, but

7:59

you ought

7:59

to go look up my friend Marty

8:02

Hellman when you're back at Stanford. he

8:04

subsequently wished he hadn't sent

8:06

that because Marty and I became

8:08

a big pain in his sample push.

8:11

Witten Marty hit it off right away.

8:13

our interaction, in many ways,

8:16

ran the opposite of a normal

8:18

the

8:19

student, a graduate student professor

8:21

relationship. I I describe it as,

8:23

you know, I think possibly I'm more

8:25

imaginative than he is, certainly he's

8:28

smart as I am. I I really liked working

8:30

with him. but he didn't like anyone telling them

8:32

what to do.

8:33

Marty and Whit were totally seduced

8:35

by cryptography. I

8:37

sometimes joke that there's amused just

8:39

like there's amused poetry, there's some use of

8:41

cryptography, and she whispered my

8:43

ear, she whispered my ear, she probably whispered

8:45

in a lot of other people's ears who just

8:47

wrote it off as a crazy dream.

8:49

and

8:49

they got to work. So it haphazardly

8:52

putting together all the bits and pieces

8:54

they had gathered from the muses.

8:58

What had been obsessing for years

9:00

about how to use cryptography

9:02

to communicate remotely in

9:04

a digital world we

9:06

were moving into a world where

9:08

people would have intimate friendships with

9:10

people they never met in person. And

9:13

the cryptography was the only thing that

9:15

would give you any sort of privacy.

9:17

Into what? This

9:18

presented two clear problems.

9:21

I

9:21

had had these two problems in the back of

9:23

my mind. you know,

9:24

one for ten years and one for five.

9:28

have a hot backburn. So

9:30

imagine that you and I wanted to

9:32

privately share information without

9:35

ever meeting in person. We

9:37

could set up a safe for us to put

9:39

letters in and

9:40

no one else could read them. those letters,

9:42

they would be private. But

9:44

we'd both need keys to open

9:47

the safe door and we couldn't

9:49

share those keys without exchanging

9:51

them in person. This

9:52

was Whit's first problem. How

9:55

do you share a secret key

9:57

remotely. And

9:59

if we're just, you know, sending keys

10:01

around, how do you make

10:02

sure that you're sending them to the right person

10:05

without ever meeting them

10:07

in person.

10:09

Verifying identities remotely. This

10:11

was Whit's second problem. and

10:14

I was trying to combine those two problems.

10:17

And at some point, I

10:19

realized that

10:21

that must be possible.

10:24

One afternoon in nineteen seventy

10:26

six, Whit was noodling on these problems,

10:29

and he had breakthrough. I

10:31

understood I had discovered something important.

10:34

And I went downstairs to get myself a

10:36

Coca Cola and almost forgot

10:39

it. and

10:39

on walking in the stairs, I fortunately

10:42

remembered it again. And then I walked

10:44

downhill to Martin's house

10:46

to explain it to him So

10:48

thinking back to that problem of

10:50

you and I trying to share messages without

10:52

ever meeting in person, what's

10:55

idea was something like, what

10:57

if the safe had a mail slot in

10:59

it.

10:59

That way, you could come by

11:01

any time and drop off your letters

11:03

in the save, but

11:05

you wouldn't need keys. And

11:07

then I could come by later, open

11:09

the safe with my keys and read your letters.

11:11

So encrypting, putting

11:14

them information in the safe. is

11:16

a different step than

11:17

decrypting, taking the information out.

11:20

Whits idea was to split

11:22

the encryption and the decryption.

11:27

This

11:27

also solves the second problem

11:29

of identity because you know

11:31

that that's my safe and my mail

11:33

thought. I'm

11:34

the only one with the keys to the save,

11:36

and so I'm the only one that can open

11:39

the door and take the information out.

11:42

Having the keys is a way

11:44

of proving my identity.

11:46

Of course, you'd need your

11:48

own

11:48

saved in your own mail slot where

11:50

I could come by any time and drop off

11:52

letters for you. But then we

11:54

would have a secure way to

11:56

exchange

11:57

information.

11:59

The bottom line

11:59

is if we both have safes and

12:02

we both have our own protected personal

12:04

keys, we can trust that we're

12:06

talking to each other. entrust

12:08

that we're talking privately without

12:11

ever having to meet in person.

12:17

It

12:17

was a stunningly elegant idea,

12:19

something

12:19

they called public key cryptography.

12:22

Whit

12:22

had come up with the idea of

12:25

public key cryptography, but no way

12:27

to do it.

12:27

Now Marty and Whit had to figure

12:30

out how to build these safes.

12:32

The

12:32

trick was, of course, they can build them out

12:34

of iron and steel. They needed

12:37

to build them out of math.

12:39

In

12:39

cryptography, The SAFE isn't

12:41

a physical object. It's

12:42

like a mathematical cloak

12:45

covering up private information with

12:47

random static.

12:49

transforming

12:51

understandable and usable information

12:53

into

12:55

incomprehensible

12:57

useless garbage but it isn't

12:59

just about locking up information

13:01

under random static.

13:03

You

13:03

also have to be able to easily

13:06

unlock that randomness with a key

13:08

and

13:08

turn it back into readable,

13:11

usable information.

13:13

Marty and Whit wanted to find the simplest

13:16

system that could fit that pattern. and

13:18

so they looked into a type of math problem

13:21

called one way

13:22

functions.

13:26

One

13:26

way functions are math problems

13:28

that are designed to be easy to solve

13:30

but take a lot of time and energy

13:33

to reverse. Like,

13:35

seven

13:36

times thirteen, I could do

13:38

seventy twenty or ninety I think it's ninety

13:40

one. I could do that in my head in few seconds.

13:42

if you gave me ninety one and asked me

13:45

to factor it into two primes, it takes

13:47

longer. So

13:48

Multiplying as easy and factoring

13:50

as hard.

13:51

But if you have one of the factors

13:53

already, then you can easily get the other

13:55

one. So that's

13:56

the secret key. But not every one

13:59

way function can be made

13:59

into a cryptographic system.

14:02

Not all one way functions are good

14:04

at making encryptions, but

14:06

all encryptions have a one way

14:08

function at their heart. And

14:10

for this all to work, these one way

14:13

functions need to be super hard

14:15

to solve without a key.

14:17

So tough that it's It's not even

14:19

worth a hacker's time to try.

14:24

One

14:24

night. There was probably one AM.

14:27

Marty was at his desk with

14:28

a pencil and paper racking his

14:31

brain trying to figure out a way to bring Whit's

14:33

idea of public key cryptography to

14:35

life. I

14:35

was playing and I tried

14:37

a new permutation on what secret,

14:39

what's public, what's private, and all of sudden

14:41

it came out after

14:42

a few months of work. Marty

14:44

and Whit published their findings. They

14:47

put together everything that they had been thinking

14:49

about,

14:50

the safes, the public key cryptography,

14:52

the one way functions, and

14:55

the first line that they wrote.

14:57

We stand today on the brink of

14:59

a revolution in cryptography.

15:02

It

15:02

was probably wit. That that

15:04

sounds more like wit than me.

15:05

Whit Whit is not above

15:08

grandstanding, and he's often right.

15:10

I

15:10

think I got that one right.

15:13

For

15:13

the first time in history, there was

15:16

research that could make encryption available

15:18

on a commercial scale. And

15:20

the open research community was thrilled.

15:23

But

15:23

NSA had a whole another reaction.

15:26

The

15:26

NSA was not happy,

15:29

but they had lost their

15:30

monopoly on cryptography. There

15:32

was actually a fight, then they say, loosely speaking,

15:34

maybe more than see speaking wanted to throw me

15:36

in jail.

15:37

Marty and Whit's work threatened the

15:39

whole way that

15:40

the NSA did business.

15:42

If

15:42

all this cryptography research was

15:44

out in the open, then

15:45

more foreign governments could encrypt

15:48

their information. and

15:49

that made the NSA's job much

15:52

harder. I was telling foreign

15:54

entities how to protect their secrets. I was trying

15:56

to tell American entities how to protect there

15:58

is, but there's no way to do

15:59

one without the other. An

16:01

NSA employee

16:02

wrote a letter to the journal that

16:04

published their work and

16:05

accused them of breaking the law.

16:08

specifically

16:08

the international traffic

16:10

and

16:10

arm circulations.

16:12

It's against the wall obviously to export

16:15

a jet fighter plane, right, without an export

16:17

license. It's also against the law

16:19

to export the plans for how to make that fighter

16:22

because

16:22

that could be used to make it.

16:25

And the Itar, the international traffic

16:27

and arms regulations, defines anything cryptographic

16:30

as an implement of war, And

16:32

so by publishing in international

16:35

journals how to design good cryptographic

16:37

systems, we were

16:39

exporting technical specification on

16:41

on implements of war without an export license.

16:44

Marty

16:44

immediately brought this accusation

16:46

to the General Counsel at Stanford University.

16:49

It's

16:49

unconstitutional because

16:52

it would be a violation of freedom of the press and

16:54

freedom of speech. That was his legal

16:56

opinion. but he also warned me and

16:58

I'll never forget this. If I was

17:00

prosecuted, Stanford would defend me.

17:03

But if I was found

17:04

guilty and all appeals were exhausted.

17:06

They couldn't go to jail for me.

17:08

Whit and Marty continued their fight

17:10

for

17:10

robust accessible encryption.

17:13

And

17:13

Marty came to see himself as

17:15

a security officer for the public.

17:17

No one was representing the public and the

17:19

public needed

17:20

protecting and the group that you'd expect

17:22

to protect them, the part of the government that should be

17:24

doing that wasn't doing it. So

17:26

I realized that's the role I had assumed.

17:28

The

17:28

reaction from the NSA sparked

17:31

a nationwide debate about the government

17:33

threat to open publication. And

17:35

who had the right to access tools

17:37

of privacy? articles

17:39

came out in science in

17:41

the New York Times. The

17:42

media was all on our side. I mean, the Times, for

17:44

example, because this is freedom of the press, and remember

17:47

it was right after Watergate. My wife

17:49

was really happy when this became

17:51

big news because she said, up to that

17:53

point, if something happened to me, nobody would really

17:55

know what had happened. Whereas now, if

17:57

you're a public figure and suddenly

17:59

you

17:59

have an accident, there would be questions hopefully.

18:02

Remember,

18:02

I'm also pissing off, not just NSA,

18:05

but they're foreign equivalents. And

18:07

I had other friends worked in the community who

18:09

told me that, yes, my life was in danger.

18:11

So who knows?

18:12

People told me, though, watch my

18:14

ass. I I never worried about

18:16

it. Various people have told me NSA

18:19

threatened them and things like that. It was

18:21

never more than rude to me.

18:23

Eventually,

18:24

the NSA backed off.

18:26

They

18:26

never pressed charges against Marty and

18:28

Whit. And

18:29

over the years, MSA stopped

18:32

trying to classify all cryptographic research.

18:35

They

18:35

came to agree with Marty and Whit.

18:38

and

18:38

saw that everyone can benefit from

18:40

encryption. American

18:41

secrets of great commercial importance.

18:44

Sales

18:44

have national security importance.

18:46

Instead

18:46

of classifying all cryptography

18:49

research from the start,

18:51

Whit told me that the NSA began to

18:53

scout talent from early drafts.

18:55

of scientific

18:56

journals.

18:57

So they were very good at at

18:59

at observing papers and

19:01

approaching people informally and saying,

19:03

you know, some combination of

19:06

would you please not publish this? And, you know,

19:08

maybe you'd like to get a clearance and come to some

19:10

of our meetings. We work on interesting problems.

19:13

And

19:13

today,

19:14

nearly fifty years later,

19:17

public key encryption is a fundamental

19:19

building block of the Internet. and

19:21

of our daily lives.

19:24

How many of you have surf

19:26

the Internet? How many of you have bought something with a

19:28

credit card on the Internet? How many of you do electronic

19:30

banking? you're using cryptography. You just

19:32

don't realize it because it's integrated,

19:34

automatic, and transparent, which is the way it

19:37

should be. Today, we're well over the

19:39

brink. We we no we no longer stand on the

19:41

brink of revolution in cryptography. It's happened.

19:46

Whit and Marty they saw a

19:48

vision of a future that they

19:50

helped create. And

19:52

all that encryption that we use every

19:54

day It depends on those

19:56

one way functions, those mathematical

19:59

locks. The

20:01

problem is math is always

20:03

changing and evolving.

20:06

Today, multiplying large prime

20:08

numbers may be a good one way function.

20:11

It's easy to solve, but takes lots

20:13

of time and effort to reverse without key.

20:17

But

20:17

tomorrow. Tomorrow,

20:18

somebody might figure out a

20:20

new way to factor numbers. a

20:23

new way that's much, much more

20:25

efficient. And

20:26

then that asymmetry it

20:29

disappears. and the walk is easy

20:31

to get into without the key.

20:33

After the break, is

20:35

it possible to

20:36

future proof encryption? And

20:39

how answering that question

20:41

might break the Internet.

20:51

This is advertiser content brought to

20:53

you by AbbVie. We're

20:55

always trying to understand how do we

20:57

stop disease. Right? Disease comes in.

21:00

We try to stop it. That's how we practice

21:02

medicine. An interesting thought

21:04

would be, what if we actually didn't

21:07

get disease? What

21:09

if we prevented disease?

21:12

Hi. My name is Howard Jacob.

21:14

I'm a vice president at AbbVie. I've

21:17

had the genomic research Center, and I

21:19

also had our data integration across

21:21

R and D. Better medicine starts with

21:23

better information.

21:25

So Howard and AbbVie have been setting

21:27

a collection of

21:27

more than one million human genomes to advance

21:29

our understanding of disease. It's

21:32

a large amount of data. Your DNA

21:34

extended end to end from all of your

21:36

hundred trillion cells would go to the

21:38

sun and back six hundred and sixty

21:41

six point five times.

21:43

All of that genetic information will have

21:45

major

21:45

implications for the future of healthcare, helping

21:48

doctors tailor treatment to every patient's

21:50

needs. For many genes, there are

21:52

tests where you can actually say, oh, this is

21:54

the dose you should take. This is when you

21:56

should take it and this is why you're taking it.

21:59

It opens the door

21:59

for prescribing medications differently

22:02

and at different doses for each individual. Their

22:05

work is already saving lives, but genetic

22:08

researchers are far from satisfied. I

22:10

just know that we can do more. I know

22:13

we can enable to practice medicine

22:15

better. I know we can able patients

22:17

to live healthier lives. I know we can

22:19

develop better therapies and we just have

22:21

to do it. To learn more about

22:23

how AbbVie is shaping the future of medicine,

22:25

visit here now dot ABBIE

22:30

Any

22:35

job at Amazon can turn into a high paying

22:37

career. For employees looking for

22:39

security today, Amazon offers good

22:41

pay and health care on day one. New

22:44

parents also get up to twenty weeks of fully

22:46

paid leave, so they have the flexibility to

22:48

spend time with family while making a living.

22:51

For opportunity tomorrow, Amazon is investing

22:53

one point two billion dollars into free technical

22:56

training that's available to over seven hundred

22:58

and fifty thousand associates across the

23:00

country. With these programs hourly

23:02

employees have the opportunity to move into

23:04

higher paying, highly skilled jobs in

23:06

fields like software engineering and robotics.

23:09

Learn more at about amazon dot com.

23:21

What encryption does Tesla use? Curve

23:24

25519 most

23:27

secure discrete

23:29

log parameter. There

23:31

is not anymore. Our

23:33

network just blew the part. Unexplainable.

23:35

We're back. I'm

23:38

Meredith and and the

23:39

You're Meredith. I'm

23:42

Brian. Yep. Okay. because of encryption,

23:45

I know you are you because

23:47

we're on an encrypted I

23:49

think we're on an encrypted channel. Yeah.

23:51

And there's not just some, you

23:54

know, kind of deep

23:55

fake man in the middle giving

23:58

me fake Meredith. This has all been

23:59

an elaborate ruse.

24:01

So we've like built up

24:03

this pretty secure Internet. like,

24:05

I feel pretty good on the Internet. I

24:07

don't think about it. Yeah. I see, like,

24:09

the little lock icon in my web

24:11

browser and I know this

24:13

is encrypted. So

24:16

is this the Internet we might have

24:18

forever? Are

24:20

we cool?

24:21

So one way functions at the

24:23

heart of the Internet security today, like,

24:25

are hard to

24:27

break. Mhmm. But that's

24:29

really subject to changing technology. Oh,

24:32

so these so the the simple

24:34

question here is these

24:35

one way functions, kind of math problems,

24:38

easy to do, hard to reverse. These

24:40

are are locks on the Internet. These

24:43

locks can be picked. Is that what you're

24:45

saying?

24:45

Oh, definitely. One example that comes

24:48

to mind is there's a really common one way

24:50

function based on multiplication

24:51

and factoring

24:53

and the invention of quantum

24:56

computers which are on

24:58

the horizon, a twinkle, and lot of

25:00

researchers' eyes, the

25:02

way that those computers are built would

25:04

actually make factoring

25:07

as a one way function totally obsolete.

25:09

Okay. And so, like, there's a lot

25:11

of work in research and geography

25:13

right now, looking into these one

25:16

way functions and making them quote unquote,

25:18

quantum safe. It's a little

25:20

bit like an upgrade to your security system

25:22

on your operating system on the computer,

25:25

like, people are seeing new

25:27

technologies, new types of computing

25:29

power on the horizon and trying

25:31

to

25:32

add patches or figure out

25:34

what we would need to change in order

25:36

to keep that safe.

25:37

Yeah. There's a bit of a cat and

25:39

mouse thing here. You see new tech coming,

25:41

you try to beef

25:43

up the locks, but then, you know,

25:46

I'm sure new even new new tech

25:48

can come and then be and then we'll need even

25:50

new locks.

25:51

Yeah. But that's an example of a

25:53

threat that people can see coming.

25:55

Mhmm. But, like, what if there's

25:57

a threat that you can't? Okay.

25:59

So, can all locks be broken?

26:02

Is it possible to not

26:04

do this cat and mouse game of like seeing

26:07

new tech and building a new lock? Yeah.

26:08

So that's the main question that's been

26:11

motivating the cryptographer Rafael

26:13

Pass.

26:13

My name is Rafael Pass. I'm

26:16

a professor of computer science.

26:18

He basically believes

26:20

that, like, cryptography's mass

26:22

magic. There's a bunch of just

26:25

beautiful and such contradictory concepts

26:28

in photography. Things that just seem impossible

26:30

at first and then

26:33

using cryptography,

26:35

the impossible becomes possible.

26:37

It's like finding magic in in mathematics.

26:40

but it's really it's actually true.

26:43

So this math wizard, this

26:45

the sorcerer of math, What

26:48

is his question when it comes to these math locks?

26:51

Is there

26:52

a perfect lock?

26:54

That would be nice. So

26:55

this is very theoretical. This is,

26:57

like, the the perfect luck

26:59

as a concept. Yeah. Before we build

27:02

it, we have to, like, know if this concept can

27:04

even exist.

27:05

Exactly. Exactly. So the the

27:07

way that Rafael puts us is, like,

27:09

does a true one way function

27:12

cannot exist. Mhmm. So right

27:14

now, we've been, like, talking about one way functions

27:16

as, like, easy to solve, but

27:18

hard to reverse. but

27:20

that hard is a moving target.

27:22

It's subjective to the technology and the knowledge

27:24

that we have. But it would

27:26

if there was a true one way function that

27:29

was easy to solve, but impossible

27:31

to reverse. And then I

27:33

can buy things on the Internet forever

27:36

and that's it.

27:38

That's what I want.

27:39

Yeah. No matter what fancy quantum

27:41

computers are coming down the road. Okay.

27:43

This would be mathematically impossible

27:46

to reverse.

27:47

So how does he figure

27:49

out if this type of lock

27:51

even can exist? Like, how does he

27:53

even figure out if

27:55

it's even possible? Right. So

27:57

he's

27:58

looking for a unifying

27:59

theory across

28:02

all one way functions.

28:04

So

28:04

we'd try to see whether there exists

28:06

some kind of, like,

28:07

mother problem or master problem

28:10

that

28:10

can tell us whether one of your functions actually

28:12

do exist or not. Tell

28:14

me, has he has he figured this out?

28:16

So a few years ago in in twenty

28:18

years or no, You're

28:21

gonna, like, tell me a whole story. Yes.

28:24

Basically,

28:24

yes. He found he found

28:27

maybe not exactly the answer, but

28:30

he found a very very promising

28:32

lead.

28:32

So

28:34

a few years ago, Rafael and his

28:37

grad student, Yani, they were digging

28:39

into this unsolved

28:41

problem of computer science.

28:43

So, like, totally different field than

28:45

cryptography. Mhmm. And they were looking

28:47

at this problem. It's called comoguro

28:50

complexity. k. k.

28:52

Komal comoguro complexity.

28:55

Yep.

28:55

And so this is like a

28:57

famous unsolved

28:59

problem

29:02

in computer science. a

29:03

problem as we studied

29:05

at least since the nineteen sixties.

29:07

And

29:08

it has to do with the nature of

29:10

randomness.

29:11

randomness is so critical in photography.

29:14

That's the the walls of the

29:16

safe that you're locking the information behind. You're

29:18

like transforming usable

29:20

information into gybriish

29:21

to do that. Gybriish

29:24

is is randomness. Right? Yeah. because

29:26

we don't have, like, a physical safe here.

29:28

Like, our information on the Internet is

29:30

cloaked in randomness.

29:33

Instead of seeing my credit card number

29:35

passing through the cyber space,

29:37

you see

29:39

some things that just look like gibberish. And

29:41

and

29:43

randomness that gibberish is

29:47

at the heart of this complexity

29:49

problem. Yeah. And

29:51

so basically, the problem to

29:53

solve is, like, can you write a computer

29:55

program that can analyze

29:59

randomness? I think

30:01

this is a deeply philosophical question I guess,

30:03

we're looking at something in nature and we're trying

30:05

to see, was this just random or is

30:07

there something interesting going on?

30:09

So

30:10

the solution to

30:12

this complexity problem. It's

30:14

not just like some math problem on

30:16

a chalkboard somewhere where all you have

30:18

to do is like beautiful

30:21

minded.

30:21

Oh, x equals three. You're right.

30:23

cancer. You're right.

30:24

Exactly. There's not like a solution

30:26

like that. The solution to this problem would

30:29

actually be a computer

30:31

program that could analyze

30:33

the randomness of any given information.

30:36

And

30:36

that itself is a tool Like, if you

30:38

had the tool, truly see through

30:41

randomness and see if something was

30:43

truly random or if there was like a signal,

30:45

some information

30:46

buried in it, like this

30:48

computer program

30:50

could basically see through

30:53

the safe walls of any encryption

30:55

scheme. Yeah.

30:56

because if our information is protected

30:58

by randomness and if you can see through

31:00

randomness, you can probably fetch

31:03

out that information. Exactly.

31:05

If you solve the complexity problem, what

31:08

happens?

31:08

If you solve the complexity problem,

31:11

then

31:13

one way functions, true one way

31:15

functions cannot exist, and

31:17

not only that,

31:18

everything that we've built on

31:21

potential one way functions

31:22

is instantly

31:24

broken.

31:25

You've broken all candidate one way

31:27

functions all encrypted schemes,

31:30

all digital signatures, everything can be broken.

31:36

So

31:36

solving this problem, could you could

31:38

give you the power to break the

31:40

Internet?

31:41

Yeah.

31:43

it would the

31:45

way that it's been described to me is that it

31:47

would instantly break all

31:49

encryption.

31:50

but

31:52

there

31:53

may not be an answer to this

31:55

complexity problem. It

31:57

might just not be solvable.

31:59

Oh.

31:59

At all. Like, we don't know

32:02

if there's an answer.

32:03

What happens if we just

32:05

can't solve it?

32:07

So if

32:08

this complexity problem is difficult

32:11

to solve, then

32:12

Rafael claims that he has a

32:14

very clear blueprint of

32:16

how to build the perfect lock, something

32:18

that's provably

32:19

secure. Okay. So just to acknowledge something

32:22

here. Today. You've taken us

32:24

on a journey And

32:26

each step of the journey has an

32:28

unanswered question. So, like, as we

32:30

we proceed further into

32:32

darkness here in this story, so

32:34

because it gets a little heady here. So

32:36

first off, you have this idea

32:39

of one way function. Right. don't

32:41

know if there's a perfect lock out there. Mhmm.

32:43

the answer to the question, is there

32:45

a perfect lock out there? Mhmm.

32:48

Hinges on the answer to

32:50

another unanswered question. And -- Totally.

32:53

-- yes. Complexity problem. Mhmm.

32:55

So there's, like, two great big questions

32:57

here, one leading to the other. Exactly.

32:59

Well, Rafael has told us there's a road

33:02

to the answer. Right. And if

33:04

we work really hard on this math problem,

33:07

we might get an answer to the

33:09

question of

33:11

is there a

33:12

perfect lock out there?

33:13

Yes. But

33:16

this is kinda high stakes because either

33:19

we might get perfect locks out of this or

33:21

we might realize that all locks will fail.

33:24

Yes.

33:26

That would mean that communication intravats

33:28

would never be able to be secure. That

33:32

would be pretty bad.

33:34

Do you

33:34

think that's going to happen?

33:36

I don't think so. I hope not.

33:39

Is that worth it? Is that worth pursuing

33:41

this path? for, like, that dream of perfection.

33:43

Like, we might find ruin. And

33:46

is that worth it here? I would

33:48

maybe stay away from this complexity problem

33:50

because I don't wanna break the Internet.

33:55

Yeah. I mean, I feel like,

33:57

to me, this feels

33:59

very similar

33:59

to nuclear physics.

34:02

And like the study of

34:04

that through the thirties and the forties opened

34:07

the door to weapons of tremendous

34:09

power, the atomic bomb. So that

34:12

would be, like, the path that would lead us to breaking

34:14

all encryption on the Internet. Yeah. But

34:16

it also gave us really fundamental

34:19

answers about, like, the

34:21

nature of matter in our universe.

34:23

Right? Mhmm. That then led to

34:26

tremendous tools in medicine

34:28

and agriculture and carbon

34:31

free energy. Mhmm. The pursuit

34:33

of knowledge and the pursuit particularly of

34:35

these, like, very fundamental truths.

34:38

They have powerful and dramatic consequences.

34:41

Mhmm. Yes. There could be

34:43

this

34:43

world of the, like, atomic

34:46

bomb for -- Mhmm. -- encryption, but

34:48

it could also lead us

34:51

to a whole new era of

34:53

encryption and lead us to tools

34:56

that we don't even know what they are

34:57

yet. when we functions are

35:00

great, they're awesome, but they're

35:02

not everything we want from cryptography, where

35:04

you have much loftier goals.

35:07

So it would be awesome to also

35:09

achieve these more advanced cryptographic

35:12

tools

35:13

using some

35:14

company like this. But it

35:16

also strikes me there's a counterpoint here

35:18

in that, yes, I'm usually extremely optimistic

35:21

about an unanswered question. But

35:23

here, I'm realizing that sometimes

35:26

looking

35:26

into a non answer question could

35:29

lead you to dangerous things too.

35:31

Yeah.

35:31

I mean, I think when

35:33

you look for fundamental truths,

35:36

the

35:36

consequences of that are just inherently

35:39

bigger. If you're looking for something

35:41

that connects

35:42

all locks, then

35:44

if you find a flaw, that's a flaw in

35:46

all locks. It's

35:47

just like a nature of the question.

35:49

It's a little scary. It's a

35:51

little scary for sure. On the other

35:53

hand,

35:54

is it less scary to live in a world

35:56

where

35:57

you have

35:59

reasonable security in

36:02

the locks that you have and, like, reasonable

36:04

faith that they haven't already been broken. Yeah.

36:07

all of these things, all of that

36:09

the cryptography that we've been talking about,

36:11

they're

36:12

they're tools, they're ways

36:14

for us to share information, they're

36:16

or ways for us to build our

36:18

lives and our relationships

36:21

on the Internet

36:23

remotely.

36:23

Like

36:25

we're having this conversation remotely, if,

36:27

like, the development of the encryption that

36:30

we have today allowed us to do this,

36:32

then what could we use

36:35

the tools of tomorrow to build

36:37

in the future? Like, there's also an inherently

36:39

optimistic view. there's

36:41

still even, like, for now. Right? You

36:44

can still

36:45

run into some shady stuff on the Internet.

36:47

People can still steal things.

36:50

Yeah. Yeah. I mean, like, crucially, encryption

36:53

is really about that

36:54

protecting information as it

36:56

travels through the Internet. But, like,

36:58

there's still data breaches all the time.

37:01

Like, once it gets to a destination, like,

37:03

who knows how your information is getting stored

37:05

on some, like, company server?

37:06

And it strikes me that even if you

37:09

have a perfect lock and perfect encryption,

37:12

you could still give away the password or

37:14

the keys to that? Potentially. Someone could

37:16

do it. Click on some suspicious

37:17

link. There's, like, ten new bread

37:19

recipes.

37:20

And they asked for my

37:22

Apple password. I'm like sure why not.

37:35

This

37:35

episode was reported and

37:37

produced by Meredith Hoddnott, with

37:39

help from Bird Pinkerton. It

37:42

was edited by Katherine Wells and

37:44

Brian Resnick with help from Noam Hasenfeld

37:47

and Gillian Weinberger. So scoring

37:49

by Meredith and Noaham. Ifene

37:51

did a little something something too, but, you know, mainly

37:54

Meredith and Noaham. Mixing and sound design

37:56

by me, ifene Shapiro and

37:58

fact checking by

37:59

Zooey Mollik. Mandy Nguyen

38:01

is off to adventure in the Great North.

38:04

Christian Aalla found his way home.

38:07

special thanks to Russell Brandon and Erica

38:09

Clarike. If you want to learn more

38:12

about one way functions and complexity,

38:14

check out Erica's article researchers

38:16

identify master problem

38:18

underlying all cryptography in

38:21

Quanda Magazine. If you have thoughts

38:23

about this episode or ideas for the show,

38:25

please email us. We're unexplainable at

38:28

vox dot com. We'd also

38:30

love it if you wrote us a review or a rating.

38:33

unexplainable as part of the vox media

38:35

podcast network, and we'll be back

38:38

next week.