The Television Writer's Guide to Cryptography

Tuesday January 13, 2009
On television shows, sometimes characters encounter encrypted data.  There are a number of popular tropes regarding this:
  1. A technically savvy villain has encrypted some data.  The hero needs to guess the password to decrypt it.  To do so, the hero delves into the villain's psychology.  Eventually we discover that the most important thing to the villain is actually their pet rabbit, named "fluffy bunny", not their secret terrorist organization as we initially guessed.  The hero enters "fluffy", just in the nick of time.  Hooray, the hero has cracked the encryption!
  2. A technically savvy villain has encrypted some data, and the hero has their hard drive.  It will take 10 hours to decrypt, but the first bomb goes off in 8 hours!  The hero manages to deal with the first blast, giving our diligent technicians time to decrypt the data.
  3. A technically savvy villain has encrypted the data.  Normally it would be easy to break, but there are multiple layers of encryption, each somehow more devious than the last!  However, our diligent technicians report hourly progress as they break through each "layer".
  4. A technically savvy villain has a computer system that the heroes wish to acquire remote access to.  In order to access this system, the hero hacker must "break the encryption".  This will take some time, but, when the "encryption" is "broken", they have access to the villain's computer, and can control it completely.
These are wrong.  They are so wrong that they set my teeth on edge.

I am not an expert on cryptography.  I have a passing interest in computer security, but I am by no means an expert.  So, I will not approach the topic as an expert.  I won't try to explain any of the math involved; I suspect that previous explanations may have failed to reach these writers' ears because they were too confusing.  Here are a few simple facts about the plot-lines above:
  1. Nobody who has even twenty minutes of experience with encryption software will choose a password like "fluffy".  Of course, many users have weak passwords for their Facebook accounts, but a child-prodigy criminal mastermind who expects federal agents to get his encrypted hard drive will have a password like "qua2IeshvePhu2QuAeShohd8".  They will train themselves to type this from memory, very quickly.  Better yet, if their data is encrypted, it is likely encrypted with a key.  This key will most likely be separate from their data, and the key will itself be encrypted with the password.  These are not crazy military-grade precautions; this is the default behavior of the free encryption software present in various operating systems.
  2. Here's a simple rule of thumb.  If you only take one thing away from this article, I hope it will be this:

    You cannot "break" encryption.  Ever.

    In the days where movie stars will spend months and millions of dollars intensely learning kung-fu so that they can accurately portray martial-arts moves, it is amazing to me that it isn't worth one hour's time for the average television writer who is incorporating cryptography as a plot device to learn this one, very basic piece of information.
    Brute-force attacks against current cryptographic methods would, using present-day cryptographic technology, take — and this is not an exaggeration — a billion billion billion billion billion years to crack.  While there have been a few successful attacks against modern cryptographic methods, they are almost exclusively attacks which involve a bug in a popular piece of software, not a flaw in the cryptographic math.  Those bugs are fixed quickly when they are discovered, and someone concerned about the integrity of their encrypted data could quickly and easily find out about them and get a fixed version of the software in question.  If one cryptographic algorithm were well and truly cracked, there are dozens of others which our villains could upgrade to.  Again, none of this is crazy military-grade security.  This is software that any teenager with a free hour to search the internet could find.  I was encrypting my hard drive with stuff like this when I was 12.
    That's not to say that you can't have encryption being cracked on a television show.  Please be aware, however, that generalized crypto-cracking as a routine task performed by technicians, even extremely skilled technicians, is science fiction.  It is inappropriate in a dramatic show that is trying to be realistic.
    Again, for emphasis: cracking crypto isn't "really hard".  It isn't "practically impossible".  You don't need an "elite hacker" who is "really good" to do it.  Breaking crypto is really, totally, theoretically impossible, and there is a worldwide, very public community of mathematicians and researchers trying to make sure it stays that way.  If your heroes work for some kind of secret spy agency, they should remark upon the ethical considerations of their special access to technology that the general public and the scientific community does not have and are not aware of.
    The one exception to this rule is if the villain chooses a weak password, which can be guessed by a random password guesser.  Our heroes may get lucky and discover that they chose a password which a brute-force decryptor guesses in the first quintillion or so tries.  However, in this case, there is no way to know how long the cracking will take, before it is done.  Each new guess for the password is totally blind; either it decrypts the data or it doesn't.  There's no way to tell how many more guesses you have to go, or in fact whether any of the guesses will work before your guesser runs out of things it could reasonably try.
  3. Since one "layer" of encryption is effectively impossible to break, it would be very strange for our villain to use "layers" of encryption. There's rarely a need.  Ther e are some obscure possible exceptions: the villains might be if they wanted to ensure co-operation within their group, and encrypted data in such a way that multiple keys were required to decrypt it.  Or they might be using onion routing.  However, each "layer" of encryption is equally impossible to break, so it still wouldn't make sense to talk about breaking them one at a time.
  4. All "encryption" is, is converting a block of sensible data ("plaintext") into a block of what appears to be unreadable nonsense ("ciphertext") unless you have the secret decoder ring.  If the hero "breaks the encryption" (which, as I've said above, is probably impossible) they still can't access the villain's computer over the internet, unless the thing that was encrypted was the villain's remote access password.
In summary, the worst recurring theme here - although I recognize its dramatic value - is the "progress bar" approach to computer security problems.  If someone is going to break into a attempt to decrypt some data or remotely access a computer system, either it will work nearly instantly (we know the password for the encrypted data, we know an exploit for the remote system) or it will not work at all. "Your progress indicator will sit at 0% complete forever."

The underlying misconception, I think, is to believe that cryptography is like a locked box that the villain has put their data into.  If the cops found a locked box with some evidence in it, they could ask you for the key (which you would have to hide in one of a limited number of places) or they could simply drill a hole in the box.  Stressed technicians in these TV shows frequently declare that they are "going as fast as they can" with the decryption, as if they were drilling through some very hard metal.

Cryptography is not a metal box.  It's more like a parallel dimension.  There isn't really a good analogy, because no physical security system is quite like cryptography.  But since you're a TV writer if you're reading this (right?) think of it like a Stargate.  Imagine that portable stargates are cheap to manufacture.  Everybody has one; when you buy stuff over the internet, you put your credit card into a stargate and it comes out near the payment processor securely.  (This is how the little lock on your browser works.)

The Cryptogate is not exactly like a Stargate, either.  There isn't a small, limited number of places it can go.  These little devices can go to any point in the multiverse.  Rather than a rotating wheel with a number of characters, they have a little slot, where you insert a piece of glass.  It etches a random pattern on the glass (this is your "private key") that describes the point where your object will be sent: you don't know where it is, except that it will be a spot where it's safe to stick your hand to retrieve it.  It could be anywhere in an infinite number of worlds, in a cave, in the sky: nobody knows, not even you.  You put your "private key" in the key slot, the gate opens up, you drop your valuables in, and then you take your key out.  Those valuables are gone forever.  The gate is a useless hoop of metal without your "key"; there's no way to guess what mysterious pattern of scratches it put on that glass, the destination was random.

You may notice there's no password in that extended metaphor, and indeed, one can use cryptography entirely without passwords; the private key is the important bit.  However, since many people leave the private key on their hard drive, rather than separately, it is itself encrypted with a password.  We can extend the metaphor even further to include this: let's say that your little piece of glass only describes what galaxy will be selected, and you choose a magic phrase that selects what location within that galaxy will be selected.  So, you insert the key, but the gate is still useless until you say the word.  Then it opens up to reveal your stuff.

If you need a physical analogy in your mind, this is what you should imagine breaking cryptography is like.  A bunch of very frustrated technical people sitting around, staring at a useless loop of metal, knowing that it contains what they need, but totally unable to make it do anything useful without a tiny piece of glass that they don't have, and a magic word that they don't know.  They can sit around guessing words and scratching random patterns on glass all day, but they will never know if they're "20% done".

Now that I've destroyed any possible dramatic tension that can come from the race to "break the code", here are some suggestions you can replace these tired old fallacies with:
  1. It's not just bad guys who use cryptography.  In any secure super-secret anti-terrorism anti-supervillain government organization, encrypting all communication is likely to be routine.  What if one of the villains got hold of one of the heroes' private keys, via some kind of deception?  The heroes would be confident that their communications were secure and authentic, because the code is "unbreakable" — but humans are always the weakest link.
  2. A bad guy is planning something bad, and encryping their plans.  The good guys know that if they barge in, the bad guy is going to instantly destroy the key, making the data they need permanently irretrievable.  Cryptography may be secure, but there are some real-life things that aren't.  Like monitors and keyboards.  (Wouldn't it be spooky to show your spy characters determining what someone was typing by listening to them with a stethoscope against a wall?  Or looking at their screen through a solid object?  That's something you can really do!)
  3. A bad guy is using SSL encryption to communicate with a web site.  Luckily our baddy doesn't really know how security works, so the good guys execute a man in the middle attack with the complicity of the baddy's ISP and a valid certificate authority such as VeriSign, for all intents and purposes becoming the "real" web site.  If you're one of those too-clever-by-half writer types that likes that highfalutin social commentary stuff, this might be an intriguing look at our society's blind trust of the flawed security model of the web.
  4. I took away four plot devices, so I'll give you four back: one of our heroes (either temporarily or permanently) loses their encryption key, and cannot access vital information.  Can they get the key back in time?  Or: can they remember enough of their data to work without access to their computerized information?
  5. As a bonus: Spooks ran an interesting episode about a game-over exploit for TLS.  There was still a lot of cringeworthy misunderstanding of what crypto really is, though.  (In a typical mistake, the guy who possesses the crypto crack can mysteriously control computers with it.  But I could suspend my disbelief, because if he could really break crypto that easily, he could observe any communication with the supposedly secure systems, including network sessions that included passwords.)
If anyone reading this knows someone who works as a writer for television shows or movies, please, please recommend that they read this post.  These days, a lot of people learn about technology from popular culture.  We need to have better understanding of basic, everyday technologies like cryptography and digital media, if we are ever going to get sane laws about those things.