About the SA Blog Network



Opinion, arguments & analyses from the editors of Scientific American
Observations HomeAboutContact

Information Is Everywhere, How Can Science Protect It?

The views expressed are those of the author and are not necessarily those of Scientific American.

Email   PrintPrint

encryption,security,privacy,dataEditor’s Note: The following blog post first appeared May 15 on the World Science Festival’s Web site

Underscoring the importance of encryption in our increasingly data-driven digital lives, this year’s World Science Festival features its first-ever session on cryptography, entitled "Keeping Secrets: Cryptography in a Connected World." During this discussion expect a well-rounded panel—including mathematician and computer scientist Brian Snow, scientist/journalist Simon Singh, cryptoanalyst Orr Dunkelman and cryptography researcher Tal Rabin—to break down cryptography, addressing its strengths and weaknesses as well as its impact on security and privacy.

At its heart, modern cryptography is all about mathematical algorithms, computer programming and physics, but there’s a practical side to the discussion as well, particularly when you consider the nature of the data that’s being encoded and decoded.

The debate over when, why and how to keep secrets—while certainly not new—has taken on a new sense of urgency in the current age of digital information. Just about every piece of vital information about us is stored somewhere on computers, and those computers often have connections to the Internet, forming the so-called "cloud" we keep hearing about. This means our personal information—credit card, bank account and Social Security numbers, Web browsing habits and online accounts (not to mention the passwords used to access those accounts)—is vulnerable for poaching and posting for all to see.

We can employ a number of tactics to guard our privacy—changing passwords regularly, using common sense about the personal information we volunteer and keeping vigilant watch over our smart phones, laptops and other connected mobile gadgets. Of course, none of these guarantees that our secrets are completely safe, especially when someone with the will and skill to steal digital data really wants it.

Just ask Sony, which recently admitted that hackers had breached its PlayStation Network and stolen customer information (including possibly credit card numbers). The company was quick to point out that some of the customer data taken was encrypted and that encryption levels would be "enhanced" moving forward.

If encryption works so well, why isn’t all data encrypted? First of all, encryption is not infallible. Think of it as a puzzle that someone must solve in order to decode a message. If puzzle isn’t very well thought out, there are computer programs that can easily decipher an encrypted message. Also, encryption requires extra time, money and effort on the backend by the people storing your personal information (aka the people in the cloud). They’ve got to add software and hardware to manage encrypted data as well as the keys needed to encode and decode this scrambled info, so they usually pick and choose what they want to encrypt. (Sony, for example, says it encrypted credit card numbers but not personal information on its PlayStation Network.)

Any cyber security expert will tell you that the best way to protect data is to create a layered defense. When it comes to securing online info (whether it’s for keeping secrets or protecting privacy) there is no layer more important than the ancient art of cryptography.

Image courtesy of Amanda Rohde, via

Rights & Permissions

Comments 2 Comments

Add Comment
  1. 1. jtdwyer 12:47 am 05/17/2011

    The enthusiastic early adopters and trend setters who jumped on the web around twenty years ago and have been doing every thing possible ever since not only opened Pandora’s box but have been wallowing around in it most of their lives. Best wishes for us all…

    Link to this
  2. 2. bobgeezer 9:22 pm 05/18/2011

    We can spend increasingly more resuorces, privately and publically, protecting the contents of our messages. I guarantee you, those who want to break into them will win: guaranteed from decades of personal experience.

    Or, we can behave intelligently and make the breaking into our messages trivial and not worth the effort, by making them trivial: I use a credit card and debit card with $200 in it. Go ahead: break into it: waste your time. And from me, the friendly finger of congratulations. Let’s make the people who propogate fear of piracy and invasion earn a real living by doing something usefull. Invade a trivial account and get trivial results: Nanner Nanner on you.

    Link to this

Add a Comment
You must sign in or register as a member to submit a comment.

More from Scientific American

Email this Article