Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:00
Wow, that guy means business. Just an
0:02
amazing player. No, not him, the sports
0:05
photographer behind him. Uh, what? He has
0:07
a business bank account with QuickBooks Money,
0:09
where he earns 5% annual percentage yields,
0:12
so he's scoring big on and off
0:14
the field. You might even say he's
0:16
the MVB. MVB?
0:19
The most valuable business. Making
0:21
your money work harder. That's how you business
0:23
differently. Intuit QuickBooks. Banking services provided by Green
0:25
Dot Bank, member FDIC. Only funds and envelopes
0:28
earn APY. APY can change it anytime. In
0:31
2022, Team Milk came together by sponsoring
0:33
female marathon runners for the marathon in
0:36
New York City. Today,
0:38
they're more than 20,000 strong. In
0:41
2024, Team Milk is
0:43
making an even bigger commitment to female
0:45
runners and launching the only women's marathon
0:48
in the U.S., designed for and by
0:50
women. The inaugural Every Woman's
0:52
Marathon will take place in Savannah, Georgia
0:54
on November 16, 2024. You
0:58
can learn more and register
1:00
for the marathon at everywomensmarathon.com.
1:10
2024 is shaping up to be a huge
1:12
year for the internet, especially because
1:14
NIST, the National Institute of
1:17
Standards and Technology, recently
1:19
announced that new algorithms they've been working
1:21
on to keep the internet secure are
1:24
going to be ready later this year. There's
1:26
no telling just how successful these algorithms are
1:28
going to be, but NIST hopes
1:30
that they'll be able to protect the internet
1:32
for the future. So we wanted
1:34
to share an episode from our reporters, Meredith
1:36
Hadnaught and Brian Resnick, about
1:38
why the internet is so vulnerable to
1:41
breaking in the first place and
1:43
why it's so hard to keep it together.
1:46
Here's Meredith and Brian. Hey,
1:48
Brian. Hey, Meredith. I want you
1:50
to imagine something with me, if you will. Okay.
1:53
All right. So imagine one day you
1:56
wake up. Okay. And the
1:58
internet is broken. Oh,
2:02
so hackers are getting into your bank
2:04
accounts your to your Twitter accounts your
2:06
work emails Instead of
2:08
loading banner ads your
2:10
computer would just like start loading viruses.
2:13
Okay, great So
2:15
they have all of my money my identity.
2:17
Yep. All that
2:19
my secret exactly Is
2:22
this the day I just put down the
2:24
phone and then walk away? Just
2:26
walk away. I'm just gonna walk away.
2:28
Finally fulfill your destiny as a mountain man.
2:31
This is not working life on the internet
2:34
What you just described sounds so
2:36
broken I wouldn't I
2:38
don't know if there's a tech support that
2:41
could fix it, right? So this
2:43
doomsday scenario, this is the
2:45
internet without encryption What
2:48
is encryption? Yes largely
2:51
math. Okay Encryption
2:53
is this cloak that wraps
2:55
your private information And
2:58
so that anybody that's seeing that
3:00
information it just looks like random static.
3:02
It just looks like gibberish And
3:05
so encryption is the thing that's really Protecting
3:08
your private information as it travels
3:10
through the web So
3:13
you don't see my social security
3:15
number you see this cloak of
3:17
gibberish, right? If somebody intercepted that and
3:19
tried to read that information all they
3:21
would see was randomness. So it sounds
3:24
like I Use
3:26
encryption all the time all the time Our
3:31
everyday lives on the internet
3:33
they're built on an elaborate
3:35
and largely invisible system of
3:37
encryption Google says that 95%
3:40
of the traffic that comes through their site is encrypted
3:42
in some way Because there's this
3:45
whole system of certificates and digital
3:47
signatures that are all based on
3:49
encryption that Tell
3:51
you that when you go to
3:54
Amazon that that's actually Amazon.
3:56
Hmm So
3:58
Encryption is just a thought. The heart
4:00
of building trust on the internet.
4:02
So I know the website. I'm
4:04
going to have not been intercepted
4:06
by somebody's life and I can
4:09
send my private information to be
4:11
ball just knowing. It's for their
4:13
eyes only. Exactly exactly So I
4:15
like all this and group Sam
4:17
as you described it to me
4:19
it sounds nice right? I get
4:21
to do a lot of cool
4:23
stuff with that is it is
4:25
it in danger. So that's
4:28
what I would love to tell you about
4:30
until they sell. Okay, How the
4:32
internet was built on encryption and
4:34
how am I come tumbling down.
4:52
When. I started work in cryptography. Almost all
4:54
my colleagues told me I was crazy and
4:57
they were what they were, right? Mighty.
4:59
How Men is A professor at
5:01
Stanford University Have been for got
5:03
over fifty years. Fifty. Years
5:05
ago, computers are these massive
5:08
plastic boxes with these etti
5:10
bitty little screams. And. They
5:12
were getting more and more intertwined for
5:14
their money. A
5:17
Pm were cutting edge technology and
5:19
Nineteen Sixty Nine and Nasdaq, the
5:21
world's first electronic stock market opened
5:23
in Nineteen Seventy One. I remember
5:26
saying I could foresee the day
5:28
when you might buy a loaf
5:30
of bread with an electronic funds
5:32
transfer. A good as a debit cards as we
5:34
didn't have them. It was a
5:37
new age with a new relationship to
5:39
what money was and what it represented.
5:42
Nixon, South America off the gold
5:44
standard in this time to Nineteen
5:46
Seventy One. So many was getting
5:48
more abstract, more electronic. Safe
5:51
set protected physical bills. And
5:54
gold bars where the security of the
5:56
past. We needed a safe
5:58
to protect the information. The money
6:00
That electronic communications that were quickly
6:02
becoming more and more relevant and
6:04
I said what happens if someone?
6:06
maybe they can steal billions of
6:08
dollars, but they just crashed the
6:10
system so nobody knows how. Much when
6:12
he they've gotten their bank account. What are the
6:15
what happens that. And. So I
6:17
saw the need for encryption. Marty. Was
6:19
on a quest to bring digital
6:21
encryption to the masses. Encryption
6:23
that could be used by the public.
6:26
Used commercially to protect electronic
6:28
messages starting to send money
6:30
back. In theory that Marty
6:32
had a problem says at
6:35
this point encryption was dominated
6:37
by the government. Almost
6:39
no one outside the military and really
6:42
knew how it works. Any
6:44
research into the underlying principles
6:46
of encryption. Was automatically
6:49
classified. And considered. A
6:51
potential threat said National Security.
6:54
Agencies like the An Essay
6:56
had top secret inception departments.
6:58
Hoovering up all the best mathematicians in
7:01
the country, But. If he
7:03
wanted to study encryption. Out in the
7:05
open it was a lonely place to be.
7:08
The field was almost nonexistent. Most
7:10
of it was in the classified
7:12
literature. I got information theory conferences
7:14
and still it often be people
7:16
with name tags that said am.
7:19
At. See what was that? Department
7:21
of Defense was an essay and everyone who
7:23
said U.S. government was with the CIA so
7:26
wasn't hard to figure out who was. Might
7:28
his They all warned him off the
7:31
told on the he had no chance
7:33
going up against a juggernaut like the
7:35
an essay friends told. Me: How can
7:37
you have to discover anything that enter say
7:40
doesn't already know They have a decades head
7:42
start and said i don't care what they
7:44
know is not available for commercial use if
7:46
I developed that it is. In.
7:48
Order to bring encryption to the public. Marty.
7:51
Needed to reinvent it basically in
7:53
the light of day. And.
7:55
He needed a team. With if
7:57
he showed up on their doorstep in the fall.
8:00
Nineteen Seventy Four and day he
8:02
was an itinerant. Cryptography is the
8:04
way describes himself. As a tiny
8:06
showed up at Marty Stuart step. This. Guy
8:08
went to see. He. Had
8:10
forged his own pass in Academia.
8:13
And. Not have a good student
8:15
with. Had spent years going
8:18
to universities and libraries and
8:20
Cunningham's laboratories trying to piece
8:22
together any unclassified information that
8:24
he could find on cryptography.
8:27
And he kept hitting the same dead ends
8:29
that Marty was having. Until
8:31
and Nineteen Seventy Four, the head of
8:34
the cryptography lab at a Bm. Told.
8:36
Where is that? I can't tell you
8:38
much. Rudra Secrecy order here, but you
8:40
won't have a look at my friend
8:43
Marty Helmand when you back at Stanford.
8:45
He subsequently we wish he hadn't said
8:47
that because Marty and I became a
8:50
big pain. The sample tourists. Witten.
8:52
Marty hit it off right away. Our.
8:55
Interaction in many ways ran the
8:57
opposite of a normal. Of.
9:00
Students. Graduate student professor relationship
9:02
I'll I describe as your I think
9:04
possibly I'm more imaginative than he has.
9:06
Certainly he's smarter than I am. I
9:09
really liked working with him, but he
9:11
didn't like anyone telling them what to
9:13
do. Mighty, in which
9:15
were totally seduced by cryptography.
9:18
I sometimes joke that there's i'm used to
9:20
sectors abuse of poetry. there's some use of
9:22
cryptography and she whispered meyer she whispered with
9:25
year She probably western lot of other people's
9:27
ears who just wrote it off as a
9:29
crazy dream. And they got
9:31
to works so it haphazardly putting together
9:34
other. Bits and pieces they had gathered from
9:36
them, he says. With
9:40
had been obsessing. For years about
9:42
how to use cryptography to
9:44
communicate remotely in a digital
9:46
world. We. Were moving into a
9:48
world where people would have intimate friendships
9:50
with people they never met in person.
9:54
And that cryptography was the only thing that
9:56
would give you any sort of privacy. Into
9:58
with this person. To clear
10:01
problems. I. Had these two problems
10:03
in the back of my mind. Your
10:06
one for ten years and one for five. Have
10:09
a hot back burner. So.
10:11
Imagine that you and I on it's
10:14
prize at least share information without ever
10:16
meeting in person and. We.
10:18
Said set up a safe for us to
10:20
that letters and and no one else could
10:22
read them. Those letters they would be private.
10:25
But. We both need sees to open
10:28
the safe door and we couldn't
10:30
share those keys without exchanging them
10:32
in person. This. Was
10:34
Whips first problem. How do you
10:36
share a secret? See? Remotely.
10:40
And if were just enough, send
10:42
him he's around. Had you make
10:44
sure that you're sending them to
10:46
the right person without ever meeting
10:48
them in person. Verifying.
10:51
Identities remotely. This. Was
10:53
with second problem. And. I
10:55
was trying to combine those two problems.
10:58
And. At some point. I
11:01
realized. That. That must be
11:03
possible. One
11:06
afternoon, and nineteen seventy six
11:08
witless noodling on these problems.
11:10
And he had a breakthrough. I. Understood
11:12
I had discovered something important. And
11:16
I went downstairs get myself with
11:18
Coca Cola and almost forgot it.
11:20
And on walking down the stairs I
11:23
fortunately remembers it again. and then a
11:25
walk down hill. To. Marti's house
11:27
to explain it to him. So.
11:30
Clinton, Back to that problem of you and I.
11:32
Train a share messages without ever
11:34
meeting in person. Lives idea was
11:36
something like. What? Has to face
11:39
had a mere thought and at. That
11:41
way you did some by any time
11:43
and drop off your letters in the
11:45
second set. you wouldn't need seas and
11:48
then I to come. By later open
11:50
the safe had my. Keys and read
11:52
your letters so encrypting putting
11:54
them information in the safe
11:57
is a different steps and
11:59
decrypting. taking the information out. Which
12:02
idea was to split the encryption
12:04
and the decryption? This
12:08
also solves the second problem of
12:10
identity because you know that that's
12:12
my safe and my mail slot.
12:15
I'm the only one with the keys to the safe and
12:18
so I'm the only one that can open
12:20
the door and take the information out. Having
12:23
the keys is a way of proving
12:25
my identity. Of
12:28
course you'd need your own safe and your
12:30
own mail slot where I could come by
12:32
anytime and drop off letters for you. But
12:35
then we would have a secure way
12:37
to exchange information. The
12:40
bottom line is if we both have safes
12:42
and we both have our own protected
12:45
personal keys we can trust
12:47
that we're talking to each other and
12:49
trust that we're talking privately without
12:52
ever having to meet in person. It
12:58
was a stunningly elegant idea. Something
13:01
they called public key cryptography.
13:03
Whit had come up with the idea of
13:06
public key cryptography but no way to do
13:08
it. Now Marty and Whit had
13:10
to figure out how to build these safes.
13:13
The trick was of course they couldn't build them
13:16
out of iron and steel they needed to build
13:18
them out of math. In
13:20
cryptography the safe isn't a physical
13:22
object. It's like a mathematical
13:25
cloak covering up
13:27
private information with random static.
13:30
Transforming understandable
13:32
and usable information into
13:36
incomprehensible useless
13:39
garbage. But it isn't just
13:41
about locking up information under
13:43
random static. You also
13:45
have to be able to easily unlock
13:47
that randomness with the key and
13:50
turn it back into readable
13:52
usable information. Marty
13:55
and Whit wanted to find the simplest
13:57
system that could fit that pattern and
14:00
They looked into a type of math
14:02
problem called One Way. Functions. One.
14:07
Way functions are math problems that.
14:10
Are designed to be easy to solve but take
14:12
a lot. Of time and energy
14:14
to reverse like. A
14:16
seven. Times. Thirteen I
14:18
could do seventy Two Hundred Ninety
14:20
Six Ninety One. I. Could do that my head
14:22
in a few seconds. But as you gave
14:25
me ninety one and asked me to
14:27
factored into to primes it takes longer
14:29
so multiplying as easy and that during
14:31
is hard. But if you
14:33
have one of the factors already, Than
14:35
you can easily get the other one so
14:38
that's the secret key, but not every one
14:40
way function can be made into a cryptographic
14:42
systems. Nano one way functions
14:44
are good at meeting encryption is,
14:46
but all inscriptions have a one
14:48
way function at their heart. And
14:51
for this also works these one. Way
14:54
functions need to be super hard to
14:56
solve without a key. So
14:58
tough that it's it's not even worth a
15:00
hacker's time to turn a. One.
15:06
Night it was probably one am. Mighty
15:08
was at his desk. For. The
15:10
pencil and paper wracking his brain, trying to
15:12
figure out a way. To bring with idea
15:14
of public key cryptography the life. I
15:17
was playing and I tried or new permutation
15:19
on what secret what's public was private and
15:21
all the sudden it came out. After
15:23
a few months of work, Marty and
15:26
with published their findings. They.
15:28
Put together everything that they had been thinking
15:30
about, The safe, the public
15:32
key cryptography, the one way
15:34
functions. Who. The first
15:37
line of they wrote. We. Stand today
15:39
on the brink of a revolution
15:41
in cryptography. And. Was
15:43
probably with. That's. That sounds more
15:45
like within me. The. With will with
15:47
is not. Above. Grandstanding.
15:50
And he's often right. I've
15:52
got that was right. For.
15:55
The first time in history there was
15:57
research that could make encryption available on
15:59
a. Marshall scale. And.
16:02
The Open Research. Community was thrilled.
16:04
For. enter say had a whole
16:06
nother reaction. The. An essay Was
16:09
not happy that they had lost their
16:11
monopoly on cryptography. There was actually a
16:13
fight and as a loosely speaking maybe
16:15
more than lucy speaking wanted to throw
16:17
me in jail. Marty and Widths
16:19
work threatened the whole way that the
16:21
an Essay did business. Of
16:23
all this cryptography research without my
16:26
open. Than. More foreign
16:28
governments can encrypt their information.
16:30
And. That made the and essays job
16:33
much harder or was telling. Foreign.
16:35
Entities How to protect their secrets are trying to
16:37
tell American Entities how to protect their is that
16:40
there's no way to do one without the other.
16:42
In. An essay Employee. Wrote a letter
16:44
to the journal that publish their work.
16:47
And accuse them of breaking the law. Specifically.
16:50
The international traffic and I'm
16:52
circulations. It's against the
16:55
law, obviously to export a jet fighter
16:57
plane, right? without it export license. It's
16:59
also. Against the law to exports the plants
17:01
that are makes a fighter. Because.
17:04
That can be used to make
17:06
it and the I tar the
17:08
international traffic an orange regulations to
17:10
find anything cryptographic as an employment
17:12
of war. And so by
17:15
publishing in international. Journals. How
17:17
to design good cryptographic systems. We
17:19
were right. We were exporting technical
17:21
specification odds on Implements of War
17:23
without an export license. Marty.
17:26
Immediately brought this accusation to the
17:28
General Counsel. At Stanford University.
17:31
Is. Unconstitutional because it was be violation
17:33
of freedom of the press and freedom
17:35
of speech. That was his legal opinions.
17:37
But he also warned me and I'll
17:40
never forget this. If I was prosecuted,
17:42
Sanford would defend me. but if I
17:44
was. Found. Guilty and all appeals were
17:46
exhausted. They couldn't go to jail for me. We're
17:49
in. Marty continues. There's bite
17:51
from robust, accessible encryption. And.
17:54
Mighty came to see himself as
17:56
a security officer for the public.
17:58
No one was representing. the public and
18:00
the public needed protecting and the group that you'd
18:02
expect to protect them, the part of the government
18:05
that should be doing that, wasn't doing it. So
18:07
I realized that's the role I
18:09
had assumed. The reaction from the
18:12
NSA sparked a nationwide debate about
18:14
the government threat to open publication
18:16
and who had the right to access
18:18
tools of privacy. Articles
18:20
came out in Science and the New York
18:22
Times. The media was all on our
18:25
side. I mean, the Times, for example, because this is freedom
18:27
of the press. And remember, it was right after Watergate. My
18:30
wife was really happy when this became big
18:32
news because she said up to that point,
18:34
if something happened to me, nobody would
18:36
really know what had happened. Whereas now, if
18:39
you're a public figure and suddenly you have
18:41
an accident, there would be questions, hopefully. Remember,
18:44
I'm also pissing off not just NSA,
18:46
but their foreign equivalents. And
18:48
I had other friends worked in the community who told
18:51
me that, yes, my life was in danger. So who
18:53
knows? People told me to watch
18:55
my ass. I never worried about
18:57
it. Various people have told me
19:00
NSA threatened them and things like that. It
19:02
was never more than rude to me. Eventually,
19:05
the NSA backed off. They
19:07
never pressed charges against Marty and Witt.
19:10
And over the years, the NSA
19:13
stopped trying to classify all cryptographic
19:15
research. They came to agree
19:17
with Marty and Witt and saw
19:19
that everyone could benefit from encryption. And
19:23
secrets of great commercial importance, they
19:26
also have national security importance. Instead
19:28
of classifying all cryptography research from
19:30
the start, Witt told
19:32
me that the NSA began to
19:35
scout talent from early drafts of
19:37
scientific journals. So they
19:39
were very good at observing
19:41
papers and approaching people
19:43
informally and saying some
19:46
combination of, would you
19:48
please not publish this? And maybe you'd like to
19:50
get a clearance and come to some of our
19:52
meetings. We work on interesting problems. And
19:55
today, nearly 50 years
19:57
later, public key encryption is
19:59
a... Fundamental building blocks of
20:01
the Internet. And of our
20:03
daily lives. The. How many of
20:06
you have. Surf. The Internet? Haven't
20:08
have you bought something with a credit card
20:10
on the Internet? How many of you do
20:12
are trying to baggins you using photography. Used
20:14
to realize it's because is integrated, automatic and
20:16
transparent which is wage should be. So they
20:18
were well over the brink. Where we don't
20:21
We know of the said on the brink
20:23
of revolution Cryptography It's happened. When.
20:27
And Marty They saw a vision
20:29
of a future. That they helped
20:31
create. And all
20:34
that an that we use
20:36
every day. It depends on
20:38
those one way functions, those
20:40
mathematical lox. The.
20:42
Problem is math is always.
20:44
Changing and evolving. Today,
20:47
multiplying large prime numbers may be
20:50
a good. One way function. It's
20:52
easy to solve that takes lots of. Time
20:54
and effort to reverse without. But
20:58
tomorrow tomorrow somebody might big
21:01
route. Of. A new way to
21:03
factor numbers. A new way
21:05
that much much more efficient.
21:07
and then the asymmetry. It
21:09
disappears and is easy to
21:11
get into without the. After
21:15
the break is it possible
21:17
said future proof encryption. And
21:20
how answering that question might break
21:22
then an app? store
21:35
for the show comes from zoc doc it's
21:37
a new year which means it's a great
21:39
time to finally schedule all those doctors appointments
21:41
you been putting off and if you want
21:43
to find the easiest way to do it
21:45
you might wanna try zoc doc a you
21:47
suck all the time whenever i'm looking for
21:49
a new doctor and i love how easy
21:52
it is from start to finish zoc doc
21:54
is a free app and website where you
21:56
can search and compare in network doctors who
21:58
are highly rated in their system them and
22:00
are near you, and you can
22:02
instantly book appointments with them online. And
22:05
this isn't like some sort of small
22:07
list. ZocDoc's got tens of thousands of
22:10
doctors, all with verified patient reviews,
22:12
so you can make the best choice you can
22:14
before you ever meet in person. You
22:17
can go to zocdoc.com/unexplainable and
22:19
download the ZocDoc app for
22:21
free. Then you can find
22:23
and book a top-rated doctor today. That's
22:28
zocdoc.com/unexplainable.
22:30
zocdoc.com slash
22:33
unexplainable. Wow,
22:37
that guy means business. Just an amazing
22:39
player. No, not him, the sports photographer
22:41
behind him. Uh, what? He has a
22:43
business bank account with QuickBooks Money, where
22:46
he earns 5% annual percentage yield, so
22:48
he's scoring big on and off the
22:50
field. You might even say he's the
22:53
MVB. MVB? The
22:55
most valuable business. Making
22:57
your money work harder. That's how you business
23:00
differently. Intuit QuickBooks, banking services provided by Green
23:02
Dot Bank, member FDIC. Only funds and envelopes
23:04
earn APY. APY can change at any time.
23:07
Calling all female runners, it's time to
23:09
lace up and join Team Milk. Since
23:12
the 2022 New York City Marathon,
23:15
Team Milk has sponsored female marathon
23:17
runners nationwide, providing support and shining
23:20
a spotlight on their unique stories,
23:22
perseverance and drive to go the
23:24
distance. Why milk? Berry
23:27
Milk is an excellent nutritional ad for
23:30
both marathon training and recovery. Milk
23:32
contains 13 essential nutrients, including
23:34
high-quality protein, making it a
23:37
crucial component of a training diet. Plus,
23:39
it's one of the best beverages for hydration,
23:41
even better than water. The
23:43
same electrolytes that are added to many
23:45
of your favorite sports drinks are found
23:47
naturally in milk. And in
23:49
2024, Team Milk is taking the next
23:52
step to empower female runners by launching
23:54
the only women's marathon in the US
23:56
designed for and by women. Empirical,
24:00
empowering, and community building, the Inaugural
24:02
Every Woman's Marathon will take place
24:04
in Savannah, Georgia on November 16,
24:06
2024. You
24:09
can learn more and register for the
24:11
marathon at everywomensmarathon.com. What
24:23
encryption does Tesla use? You're
24:25
Meredith, I'm Brian. Because
24:45
of encryption, I know you are
24:47
you because we're on an encrypted
24:50
channel. And
24:53
there's not just some, you know,
24:55
kind of deep fake man
24:57
in the middle giving me fake Meredith.
25:00
This has all been an elaborate ruse. So
25:03
we've like built up this pretty secure
25:05
internet. Like, I feel pretty good on
25:07
the internet. I don't think about it.
25:10
I see like the little lock icon in
25:12
my web browser and I know this is
25:15
encrypted. So
25:17
is this the internet we might have
25:19
forever? Are we
25:21
cool? So the one
25:24
way functions at the heart of the internet
25:26
security today like are hard to break.
25:30
But that's really subject to changing
25:32
technology. Oh, so these so
25:34
the simple question here is these
25:36
one way functions kind of math problems,
25:39
easy to do hard to reverse. These
25:42
are our locks on the internet. These locks
25:44
can be picked. Is that what you're saying?
25:47
Oh, definitely. One example that
25:49
comes to mind is there's a really
25:51
common one way function based on multiplication
25:53
and factoring and the
25:56
invention of quantum computers, which
25:58
are on the horizon. eyes
26:00
and a twinkle in a lot of researchers'
26:02
eyes, the way that
26:04
those computers are built would actually make
26:07
factoring as a one-way function
26:09
totally obsolete. And
26:12
so there's a lot of work and
26:14
research in cryptography right now looking
26:16
into these one-way functions and making
26:18
them, quote unquote, quantum safe. It's
26:21
a little bit like an upgrade to your
26:23
security system on your operating system on the
26:25
computer. Like, people are seeing
26:28
new technologies, new types of computing
26:30
power on the horizon and
26:32
trying to add patches or
26:34
figure out what we would need to
26:36
change in order to keep that safe. Yeah.
26:40
There's a bit of a cat and mouse thing here.
26:42
You see new tech coming. You try to beef
26:45
up the locks, but then, you know, I'm
26:47
sure new, even new new tech can come
26:50
and then beef up and then we'll need even new
26:52
locks. Yeah. That's an example
26:54
of a threat that people can see coming.
26:58
But what if there's a threat that you can't?
27:00
Okay. So can all locks be
27:03
broken? Is it possible to not
27:05
do this cat and mouse game of seeing
27:07
new tech and building a new lock? Yeah.
27:11
So that's the main question that's been
27:13
motivating the cryptographer Rafael Pass. My
27:15
name is Rafael Pass. I'm a
27:17
professor of computer science. He
27:20
basically believes that, like,
27:22
cryptography is math magic.
27:24
There's a bunch of just beautiful
27:27
and such contradictory concepts
27:29
in cryptography. Things that
27:31
just seem impossible at first and then using
27:35
cryptography, the
27:37
impossible becomes possible. It's like finding
27:39
magic in mathematics, but it's real.
27:41
It's actually true. So
27:44
this math wizard, the
27:47
sorcerer of math, what
27:49
is this question when it comes to these math locks?
27:52
Is there a perfect
27:54
lock? That would be nice.
27:57
So this is very theoretical. This is like
27:59
the perfect. fixed lock as
28:01
a concept. Yeah, before we build it, we
28:03
have to like know if this concept can
28:05
even exist. Exactly, exactly. So the
28:08
way that Raphael puts this is
28:10
like, does a true one way
28:12
function cannot exist. So
28:15
right now we've been like talking about one
28:17
way functions is like easy to solve, but
28:19
hard to reverse. But that
28:21
hard is a moving target. It's subjective to
28:24
the technology and the knowledge that we have.
28:27
But what if there was a true
28:29
one way function that was easy
28:31
to solve, but impossible to reverse. And
28:34
then I can buy things on the
28:36
internet forever and that's it.
28:39
That's what I want. Yeah. No
28:41
matter what fancy quantum computers are
28:43
coming down the road, this would
28:46
be mathematically impossible to reverse. So
28:49
how does he figure out if
28:51
this type of lock even can
28:53
exist? Like how does he even
28:55
figure out if it's even
28:57
possible? Right. So he's looking
28:59
for a unifying theory
29:03
across all one way functions. So
29:05
we try to see whether it exists some
29:08
kind of like mother problem
29:10
or master problem that can
29:12
tell us whether one way functions actually do exist
29:14
or not. Tell me, has
29:16
he, has he figured this out? So a
29:18
few years ago in 2020, I don't
29:20
know. You're
29:22
going to like tell me a whole story. Yeah,
29:25
basically, yes. He found, he found
29:28
maybe not exactly the answer, but
29:30
he found a very,
29:32
very promising lead. So
29:36
a few years ago, Raphael and
29:38
his grad student, Yani, they were
29:40
digging into this unsolved
29:42
problem of computer science. So
29:44
like totally different field than
29:47
cryptography. And they were looking
29:49
at this problem. It's called Comogorov
29:51
complexity. Comogorov
29:54
complexity. Yeah.
29:57
And so this is like a
29:59
famous. unsolved
30:01
problem in computer
30:03
science. A problem that's been studied at
30:07
least since the 1960s. And
30:09
it has to do with the nature of randomness.
30:13
Randomness is so critical in cryptography.
30:15
That's the walls of the safe that
30:17
you're locking the information behind.
30:19
You're transforming usable
30:22
information into gibberish to
30:24
do that. Gibberish is randomness, right? Yeah,
30:26
because we don't have like a physical
30:28
space here. Like our information on the
30:31
internet is cloaked in randomness.
30:34
Instead of seeing my credit card number passing
30:37
through the cyberspace, you
30:39
see some things that just
30:41
look like gibberish. And
30:44
randomness, that gibberish is
30:48
at the heart of this
30:50
complexity problem. Yeah. And
30:52
so basically the problem to solve
30:54
is like, can you write a
30:56
computer program that
30:58
can analyze randomness?
31:02
I think this is a deeply philosophical question. I
31:04
guess we're looking at something in nature and we're
31:06
trying to see, was this just random or is
31:08
there something interesting going on? So
31:11
the solution to this
31:14
complexity problem, it's
31:16
not just like some math problem
31:18
on a chalkboard somewhere where all
31:20
you have to do is like
31:22
beautiful-minded. Oh, x equals 3
31:24
is the answer. Right, exactly. There's not
31:27
like a solution like that. The solution
31:29
to this problem would actually be a
31:31
computer program that could analyze
31:34
the randomness of any given
31:36
information. And that itself is
31:39
a tool. Like if you had the
31:41
tool to really see through randomness and
31:43
see if something was truly random or
31:45
if there was like a signal, some
31:47
information buried in it, like this
31:49
computer program could
31:51
basically see through the safe
31:54
walls of any encryption scheme. Yeah,
31:58
because if our information is protected... by
32:00
randomness and if you can see
32:02
through randomness you can probably fetch out
32:04
that information. Exactly. If
32:07
you solve the complexity problem, what happens? If
32:09
you solve the complexity problem, then
32:14
one-way functions, true one-way functions
32:16
cannot exist. And not
32:19
only that, everything that we've
32:21
built on potential one-way
32:23
functions is instantly
32:25
broken. You've broken all
32:27
candidate one-way functions, all encryption
32:29
schemes, all digital signatures, everything
32:31
can be broken. So
32:38
solving this problem could give
32:40
you the power to break the internet.
32:43
Yeah. It would...
32:46
The way that it's been described to me is
32:49
that it would instantly break all
32:51
encryption. But
32:54
there may not be an
32:56
answer to this complexity problem. It
32:59
might just not be solvable at
33:02
all. We don't know if there's an
33:04
answer. What happens if we
33:06
just can't solve it? So
33:09
if this complexity problem
33:11
is difficult to solve, then
33:13
Raphael claims that he has a
33:16
very clear blueprint of how to
33:18
build the perfect lock, something that's
33:20
provably secure. Okay, so just to
33:22
acknowledge something here. You've
33:24
taken us on a journey, and
33:27
each step of the journey has an
33:29
unanswered question. We
33:31
proceed further into darkness here in
33:34
the story, because it gets a
33:36
little heady here. So first off,
33:38
you have this idea of one-way
33:40
function. We don't know
33:42
if there's a perfect lock out there. The
33:45
answer to the question, is there a perfect
33:48
lock out there, hinges on
33:50
the answer to
33:52
another unanswered question, this
33:54
complexity problem. So
33:56
there's two great big questions here, one leading
33:58
to the other. Exactly. Well,
34:01
Raphael has told us there's a road
34:03
to the answer. Right. And
34:05
if we work really hard on this math problem,
34:08
we might get an answer to the question
34:10
of, is
34:12
there a perfect lock out there? Yeah.
34:17
But this is kind of high stakes, because either
34:19
we might get perfect locks out of this or
34:22
we might realize that all locks will fail. Yes.
34:27
That would mean that communication on the Internet
34:29
would never be able to be secure. That
34:33
would be pretty bad. Do
34:35
you think that's going to happen? I
34:37
don't think so. I hope not. Is
34:40
that worth it? Is that worth pursuing
34:42
this path for that dream of perfection?
34:45
We might find ruin. And
34:47
is that worth it here? I would
34:49
maybe stay away from this complexity problem,
34:52
because I don't want to break the
34:54
Internet. Yeah.
34:57
I mean, I feel like to
34:59
me, this feels very similar to
35:02
nuclear physics. And
35:04
the study of that through the 30s
35:06
and the 40s opened the
35:08
door to weapons of tremendous power, the
35:10
atomic bomb. So that would be the
35:13
path that would lead us to breaking
35:15
all encryption on the Internet. But
35:18
it also gave us really fundamental
35:20
answers about the nature of
35:23
matter in our universe. And
35:26
then led to tremendous tools
35:29
in medicine and agriculture and
35:31
carbon free energy. The
35:34
pursuit of knowledge and the
35:36
pursuit particularly of these very
35:38
fundamental truths, they have powerful
35:40
and dramatic consequences. Yes,
35:43
there could be this world
35:45
of the atomic bomb for
35:48
encryption, but it could also
35:50
lead us to
35:52
a whole new era of
35:55
encryption and lead us to tools
35:57
that we don't even know what they are yet.
36:00
One-way functions are great, they're awesome,
36:02
but they're not everything we want
36:05
from cryptography. We have much lost
36:07
your goals, so it would
36:09
be awesome to also achieve these more
36:11
advanced cryptographic tools using
36:16
some problem like this. But also
36:18
strikes me there's a counterpoint here in
36:20
that, yes, I'm usually extremely optimistic about
36:22
an unanswered question. But here I'm
36:25
realizing that sometimes looking
36:27
into an unanswered question could
36:30
lead you to dangerous things too. Yeah,
36:32
I mean I think when you
36:35
look for fundamental truth, the
36:37
consequences of that are just inherently
36:40
bigger. If you're looking for something
36:42
that connects all locks,
36:45
then if you find a flaw, that's a flaw
36:47
in all locks. It's just
36:49
like a nature of the question. It's
36:51
a little scary. It's a little scary
36:53
for sure. On the other hand, is
36:56
it less scary to live in a world where you
37:00
have reasonable
37:02
security in the locks that
37:04
you have and like reasonable faith that
37:06
they haven't already been broken? Yeah. All
37:09
of these things, all that the cryptography
37:11
that we've been talking about, they're, they're
37:14
tools. They're ways for us
37:16
to share information. They're, are
37:18
ways for us to build
37:20
our lives and our relationships
37:22
on the internet remotely.
37:26
Like we're having this conversation remotely. If
37:29
like the development of the encryption that we
37:31
have today allowed us to do this, then
37:35
what could we use the tools
37:37
of tomorrow to build in the
37:39
future? Like there's also an inherently
37:42
optimistic view. There's still even like for
37:44
now, right? You can still run
37:47
into some shady stuff on the internet.
37:49
People can still steal things. Yeah.
37:52
Yeah. I mean, like crucially, encryption
37:54
is really about that protecting
37:56
information as it travels
37:58
through the internet. But like, there's still
38:00
data breaches all the time. Like once it
38:02
gets to a destination, like who knows how
38:05
your information is getting stored on some like
38:07
company server. Yeah, and it strikes
38:09
me that even if you have a
38:11
perfect lock and perfect encryption, you could
38:13
still give away the password or the
38:15
keys to that, potentially. Yeah, you click
38:18
on some suspicious link and it's like
38:20
10 new bread recipes. And
38:22
they ask for my Apple password. I'm like, sure,
38:25
why not? This
38:31
episode was reported and
38:34
produced by Meredith Hodnot
38:36
with help from Bird Pinkerton. It
38:38
was edited by Catherine Wells and
38:40
Brian Resnick with help from Noam
38:42
Hassenfeld and Gillian Weinberger. Scoring by
38:44
Meredith and Noam. Eh,
38:47
Epheme did a little something something too,
38:49
but you know, mainly Meredith and Noam.
38:51
Mixing and sound design by me, Epheme
38:53
Shapiro, and fabulous music by
38:55
myself, and of course, the guy
38:57
who created the song, me, Epheme
38:59
Shapiro, and fact checking by Zoe
39:01
Mullick. Mandy Nguyen is off to
39:03
adventure in the great north. Christian
39:06
Ayala found his way home. Special
39:09
thanks to Russell Brandom and Erica
39:11
Klarreich. If you want
39:13
to learn more about one-way
39:15
functions and complexity, check out
39:18
Erica's article, Researchers Identify Master
39:20
Problem Underlying All Cryptography in
39:22
Quanta Magazine. If you have
39:24
thoughts about this episode or ideas for the
39:26
show, please email us. We're
39:28
unexplainable at vox.com. We'd
39:31
also love it if you wrote us a review
39:34
or a rating. Unexplainable is part of the Vox
39:36
Media Podcast Network, and we'll be back
39:39
next week. A
39:58
marathon is a journey. 26.2
40:01
miles. And while the distance is
40:03
the same, no two journeys are
40:05
exactly alike. Team
40:07
Milk is shining a spotlight on female
40:10
marathon runners across the country, helping
40:12
them on their journey from training to
40:14
recovery. And in 2024, Team Milk
40:16
is launching the only
40:18
women's marathon in the U.S. designed for
40:21
and by women. The Every
40:23
Woman's Marathon will be a weekend of
40:25
wellness and celebration, inviting runners
40:27
of all levels to be a marathon finisher.
40:30
The inaugural race will take place in Savannah,
40:33
Georgia on November 16, 2024.
40:35
You can learn more
40:37
and register for the marathon
40:39
at everywomansmarathon.com.
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More