Strong encryption hasn’t always been freely available to the public. Nate Drake tells the story of how the first Data Encryption Standard transformed the cryptography landscape

© THINKHUBSTUDIO /ISTOCK / GETTY IMAGES PLUS

IN THE INTRODUCTION to his awesome treatise on the history of cryptography, The Code Book, Simon Singh likens the ongoing battle between those who seek to keep communications secret and the consequent efforts of others to expose them to an intellectual “arms race.”

It’s easy to be smug about older ciphers, such as the Caesar cipher, which simply shifts each letter in the message three places, A becoming D, B becoming E, and so on. These kinds of monoalphabetic ciphers are so easy to crack, Edgar Allan Poe even used to run a column breaking enciphered messages sent in by readers of Alexander Weekly Messenger.

The arrival of affordable computers in the ’60s didn’t initially herald a new wave of encryption. Secure cryptography was still the preserve of governments, though it was becoming increasingly obvious that individuals and businesses also needed to keep communications safe.

To this end, IBM set up a program to develop high-grade cryptosystems to protect its products.

This, in part, led to the implementation of DES (Data Encryption Standard), and in time AES (Advanced Encryption Standard), which we use to this day. These developments didn’t happen overnight, given the competing interests of citizens and shadowy organizations like the NSA. Many cryptographers also made their careers either debunking flawed schemes or introducing ciphers of their own.

This is the story of how the first publicly available encryption algorithm, DES, came to be, as well as how ultimately it was replaced by the more secure AES.

FEISTEL’S FIRST STEPS

Horst Feistel nearly missed out on having any impact on the field of cryptography. After arriving in the USA from Berlin in 1934, he applied for American citizenship only to be placed under house arrest upon the outbreak of World War II.

Even after gaining American citizenship and studying ciphers for the likes of the US Air Force Cambridge Research Center and the Mitre Corporation in the ’60s, Singh alleges that the NSA foiled Feistel’s efforts so it would continue to have a monopoly on cryptographic research.

Feistel eventually landed a job at IBM’s Thomas J. Watson research laboratory. Since 1966, the tech giant had decided to offer data security to its customers. This was very important to Lloyds Banking Group, which was working with IBM on the burgeoning technology of ATMs.

Clearly if financial data like a person’s bank balance were sent to an ATM unencrypted, it would be easy for bad actors to monitor the connection and steal the data. Worse still, the traffic could be manipulated to have the ATM pay out cash even if the balance couldn’t cover it.