Code Making and Breaking

We dive into the murky world of cryptography...
17 September 2019
Presented by Chris Smith, Adam Murphy
Production by Adam Murphy.

PADLOCK-HACKING

A padlock, superimposed over a map of the world, with binary code written across it.

Share

We're making codes and breaking ciphers this week as we look at the world of cryptography! Coming up, Cold War spy rings, and how does your computer keep your data secure? Plus in the news, why it's hard to keep the weight off when you get older, and seagulls are stealing more than our chips, they're stealing our superbugs...

In this episode

Sunrise over the rim of a planet seen from space.

00:52 - Water discovered on a habitable planet

It's orbiting a distant star and it's covered in clouds...

Water discovered on a habitable planet
Ingo Waldmann, UCL

Scientists in the UK have tracked down what might be a habitable world orbiting a distant star. The planet’s called K2-18b, and Ingo Waldmann told Chris Smith what his team’s discovered and how they did it…

Ingo - We found a planet outside our own solar system which is rocky and it has an atmosphere which is potentially habitable. That means that it has the temperatures that may allow liquid water to exist on its surface, and it has an atmosphere, and that atmosphere has water vapour in it.

Chris - Sounds amazing. Where would I need to look in the night sky to able to see it where this is? And how far away is it?

Ingo - It's in the constellation of Leo, and it's 110 light years away from us. So it's not the closest, but it's also not the farthest exoplanet we've ever discovered.

Chris - And how did you find it?

Ingo - The Kepler mission discovered this planet, and the Kepler space telescope discovered the planet using the Transit Method. The Transit Method means that the planet orbits in our line of sight to the star. So it goes between us and the star. So that means that the light of the star dips slightly whenever it goes in between our line of sight and that's how you discover these planets.

Chris - That tells you it's there. How do you then interrogate what it's made of, the fact that you told me it's a rocky world, that you've got signatures of water there, how are you doing that?

Ingo - The fact that it's a rocky world we know from its density. So we know its mass, it's about 8 Earth masses, and its radius. We know from the Transit measurement, and that's about two radii. So that's about the density of Mars. So that tells us that there is a rocky core inside. Now, what we've done is that we took Hubble space telescope observations to measure the atmosphere of the planet, and the atmosphere is measured by observing the same transit as the planet goes in front of the star, but we observe the tiny little speck of stellar light that filters through the atmosphere while it goes in front of the star.

Chris - And how does looking at the light coming through the atmosphere tell you what chemicals are there?

Ingo - Different chemicals absorb light in different ways, so at different frequencies of light you have a very characteristic signature of the chemicals. So if we observe the transits at different wavelengths of light, we can identify what chemicals are in the atmosphere.

Chris - And when you total up what you see, what is the recipe of the atmosphere of this distant world?

Ingo - Well so far we've discovered water only. So we've discovered that there is an atmosphere around this planet which is a world first. So this is really exciting because we had never discovered an atmosphere around a habitable planet. And so far we've only seen water because the Hubble Space Telescope is only sensitive to the water feature. There's probably going to be more molecules such as methane, acetylene, ammonia and so on and so forth, but we're just not quite sensitive to that yet.

Chris - And how do you know the temperature? Because you're saying it's a habitable world, what would it be like on that planet?

Ingo - So the temperature you can quite easily calculate from the distance of the planet from the star. So the planet orbits its star, and it's a small red star, in 33 days. So every Earth-month is a year on Kepler-18b. That means that the radiation on the surface of that planet is just enough to keep water liquid. So the surface conditions are probably okay but we don't actually know what the surface is like at the moment. It could be a water world, or it could be entirely barren and rocky.

Chris - Given that you've got this set of findings, you now have a relatively small planet, quite similar to our own, with evidence of water. How does this shift the balance of probability that, when we look out into the universe, that there are other worlds like our own out there?

Ingo - Well, I mean that's the exciting bit, right? So this is hopefully only the first of many to be found in the next couple of years.

Chris - What about the thing that, I guarantee, everyone listening to this is gonna be thinking, well, if there's a habitable planet out there, could it be inhabited?

Ingo - That's the million dollar question, and we don't know whether there's a biosphere on that planet yet, because Hubble is not sensitive to the chemical fingerprints of life. Now, the James Webb Space Telescope will be sensitive to those and I bet you all my tiny little research salary that we will spend a significant amount of the James Webb time observing this planet. It might well be that we find an atmosphere which is, what we call, “out of equilibrium”. A chemistry that cannot be explained by natural processes other than our life. So in our Earth example if you look at the Earth from afar, what we would see is the existence of methane and oxygen and ozone. Now on that planet we don't know what that might be. It might be very similar because life may have evolved in a similar way but we just don't know yet.

A patient's blood pressure being tested by a doctor.

06:26 - Nigeria's HIV epidemic reassessed

One of the largest ever surveys of HIV has found the rate may be half what was thought...

Nigeria's HIV epidemic reassessed
Sani Aliyu, National Agency for the Control of AIDS in Nigeria

Two years ago the Naked Scientists were joined by Sani Aliyu, an infectious disease consultant from Addenbrooke’s Hospital, who was about to embark on a secondment to Nigeria - a country with one of the world’s highest populations and also one of the world’s highest burdens of HIV infection. In his role as Director General of the National Agency for the Control of AIDS in Nigeria, Sani set up and ran their largest HIV survey ever conducted. He’s now returned and has come in to report to Chris Smith and Adam Murphy on what his survey showed...

Sani - Well it's important because HIV, as we know, is an epidemic. You need to know the numbers in order to know how much resources you need to put in. You also need to know the numbers in order to define where the location is, what the population risks are, et cetera. In other words, for you to have impact - both in terms of testing, and putting people on treatment - you need to have an idea of the data. Data is what drives programming. And that's why it's so critical to have a survey that's accurate, that's good, and that can allow us to invest money properly.

Adam - Now surely this study didn't cost nothing, so wouldn't it have been better to buy, say, anti-HIV medication with that instead of this?

Sani - Well in the first instance, you need to identify people living with HIV first before you buy the HIV drugs and put them on treatment. And the only way you can do that is knowing where to target. In other words, hotspots. And what surveys do is they allow us to identify the main risk factors within a population - what we call a population-location approach - so the population that's most likely to have HIV; and then allows us to know exactly where to put our resources in. So in other words you'll be throwing good money after bad money if you don't know what you're targeting. In fact the Nigeria programme was a typical example. The US government have spent more than 4.5 billion US dollars on HIV in Nigeria over the last 15 years, global fund more than 1.5 billion. But despite that we're still pretty far off from identifying people living with HIV.

Chris - Sani, it’s soon going to be 40 years since we first discovered the virus that causes HIV/AIDS. Why is it only now you're collecting this sort of data in Nigeria? And why just focus on Nigeria? Why not the whole world?

Sani - So as you said earlier on, Nigeria has a very large population: about 200 million people. And before we did our survey, the estimates in terms of HIV burden was about 3... we estimated about 3.2 to 3.4 million people were living with HIV, which made Nigeria have the second largest HIV burden in the world.

Chris - I mean that's 1 in 10 of the world's HIV patients, isn’t it.

Sani - Exactly. So if you're really talking about epidemic control, you cannot have epidemic control without getting on top of the HIV problem in Nigeria. This is the first time that money has been invested properly in a survey to define the problem, because I think our own partners realise that they can continue chasing cases, testing thousands, hundreds of thousands of people to get a few positives. We need to be able to test a few hundreds in order to get positives so that we can put money, we can have the greatest impact when it comes to our investment.

Adam - So what did this study actually find then out the other end?

Sani - In summary we had three or four findings. First of all the burden of HIV, the prevalence of HIV turned out to be half of what was initially expected. So we estimate about 1.9 million people are living with HIV in Nigeria now instead of the 3.2-3.4 million initially. So the prevalence went down from 2.8% to 1.4% for ages 15 to 49. So that's huge. Secondly we realised that there were a lot more women having HIV than men - although globally that's the case. But what was even more significant was that young women were at least three times more likely to have HIV than young men of the same age group.

Chris - Does this mean you can strategically target better? If you know that now, you can go in and target certain demographics, certain groups, certain geographies much more specifically than we could before. So before it's just a blanket bomb approach, we've got a problem with HIV in Nigeria and countries like it. Now you've got this data you can be much more strategic.

Sani - Absolutely. So I'll give you an example: in the North West of Nigeria, the HIV prevalence was 0.6%. In the South South it was 3.1%. Fivefold. So really where we should be investing, where we should be putting money, is where we have the problem. So in the past we've been putting money mostly in the North Central and we've saturated the North Central, as was seen by the population-level biological suppression rates, which were pretty good, they were more than 60% in the North Central. But in other parts of the country, particularly the South South, the numbers were so low in terms of the number of people on treatment and biologically suppressed. And if you're biologically suppressed you do not transmit the virus. That's the best way to cut the epidemic really. So in a way this has allowed us to identify the areas, the location identified, the people that are most at risk, and put more resources in. In fact the US government in March, we had a meeting in Johannesburg, and they have put forward the money to put half a million Nigerians on treatment between now and the end of December 2020. So if that trend continues, as a public health threat, HIV will cease to be a public health threat in Nigeria. And it's simply because of the value of the survey we've had.

Chris - But just very briefly, 30 seconds: why should someone who doesn't live in Nigeria care about what you found? Why is this important?

Sani - From a human angle, it's important that we make sure that those that do not have the money to be able to have treatment are provided with that opportunity. The only reason why we still have, we have about 1.1 million Nigerians on treatment, is because they have been on treatment for a while. If today that treatment is taken away most of them will be dead within five years. In fact we looked at the burden of the HIV epidemic in Nigeria: without an HIV program in Nigeria we would have had at least 1.5 million more people dead, and we would have had at least 5 million Nigerians infected with the virus by now.

Two people walking with hiking poles

13:31 - What causes middle age spread

Everyone’s rate of fat burning drops with age, a study using nuclear fallout shows...

What causes middle age spread
Kirsty Spalding, Karolinska Institutet

As you get older, it seems to get harder and harder to stop yourself piling on the pounds. Now, in a study that used fallout from historic nuclear bomb tests to measure the rates at which people burn fat, biologists in Sweden have confirmed that this is a definitely true, and it’s also not your fault! Everyone’s rate of fat burning drops with age. Phil Sansom heard why from Kirsty Spalding…

Kirsty - We decrease the rates at which we burn fat as we age. It's quite a simple message. If you don't adjust how much you eat, over the lifespan, you will gain weight. We followed people for up to 16 years and roughly, over a 13 year period, those people that didn't adjust the amount of food they ate, they went up roughly by about 20 perc ent in their body weight.

Phil - What's surprising about that?

Kirsty - I don't think it's particularly surprising. I think it's just that it's the first time it's been scientifically proven. In this study we were actually able to take a biopsy from a person at the beginning of the study and then, later, take another biopsy; so we could really see what is happening within one individual as they age.

Phil - The tricky thing to measure here is the rate that your body turns over fat cells - burns old ones and makes new ones. When she does a biopsy, Kirsty needs to figure out how old the cells are that she's looking at, and they have an ingenious solution that uses - of all things - nuclear bombs...

Kirsty - So during the 50s and 60s period of the Cold War there was a lot of aboveground nuclear bomb testing. And there's a significant increase in the levels of radioactive carbon in the atmosphere. And so what we see is that these radioactive levels shot right up and then, around 1963 when the test ban treaty came into effect, these values start to go down exponentially.

Phil - The radioactive carbon is called carbon-14; and you can get a graph of how the ratio of carbon-14 to normal carbon in the atmosphere went down every year after the test ban.

Kirsty - We incorporate the atmospheric levels of carbon that are represented in the plants get incorporated into our body. So we look at the ratio of the radioactive carbon to stable carbon in the triglycerides - the fat cells.

Phil - That ratio gives you the date the fat cell was made and voilà...

Kirsty - I had expected that we would find middle age, perhaps, that was when you would see the effect of the decrease in the burning rate of fat. But actually we found it across the lifespan. So even in people at the start of the studies, that were in their 20s, they equally reduced the turnover rates of their fat cells. So it's not like we're all fine until suddenly we hit 50 or 60 and then it starts to decrease.

Phil - Kirsty and her colleagues did a second study where they followed women who had just undergone bariatric surgery - weight loss surgery - they were looking at whether the women would gain weight again straight afterwards...

Kirsty - What could be predicting and contributing to those women that maintain the weight loss, and those women that didn't? Intriguingly, it wasn't the obvious things like their BMI; their body fat at the start of the study; their age. It was the rate at which they turn over the fat. Two thirds of the women that actually had a low burning capacity, they were the ones that actually had significant weight loss. Five years later, they managed to maintain the weight loss. It sort of suggests that they have an ability to increase the rate at which they burn their fat that enables them to maintain the weight loss all these years after the surgery. I mean, the fact that they had a slow burning rate of fat in the beginning might have been what, you know, also predisposed them to becoming obese. But this was the strongest predictor who was going to go on to maintain weight loss and who wasn't.

Phil - So it's a confusing picture but the key message is that your body's rate of burning fat makes a big difference to putting on weight. But what can you actually do about it?

Kirsty - The old mantra that no one really wants to hear or they want the magic answer is exercise. Exercise is one of the major ways to increase the rate at which you burn fat. This is common sense, and this is commonly known, but this scientifically really hammers home this point. But it also opens up an avenue for therapeutics. Potentially, if you can stimulate the rate at which you burn fat, I mean this now is the target. But there is no commonly-accepted therapeutic right now that will increase the rates in which you burn fat. There is no magic pill...

Seagulls flying

18:11 - Seagulls and superbugs

In Australia, one in every five seagulls is carrying antibiotic-resistant bacteria...

Seagulls and superbugs
Sam Abraham, Murdoch University

Recently we were advised that to stop a seagull stealing our chips and ice-creams at the seaside, we should stare at them... but a recent study also revealed that gulls are making off with something else much more serious, and this is something staring can’t prevent: they’re picking up our superbugs. In Australia, one in five seagulls studied was harbouring antibiotic-resistant human bacteria. Chris Smith went to see Sam Abraham, the scientist behind the discovery…

Sam - I’m Sam Abraham, I’m a microbiologist from Murdoch University. Seagulls across Australia are carriers of bacteria that are resistant to drugs of last resort, the ones that we really need the doctors to have to save our lives. So we went across Australia to pretty much most states. We took the seagull droppings and then placed them onto agar plates which are infused with certain drugs. Then we took the bacteria out to confirm that they are absolutely a resistant bacteria.

Chris - Are they resistant in the same way that those sorts of bacteria that cause infections in humans are resistant?

Sam - Absolutely, they are identical. So if you have an infection with this bacteria from these gulls you cannot treat it with the drugs available.

Chris - Where did the gulls get it then?

Sam - It's a very interesting question. In Australia we have a lot of gulls all around in beaches, parks, everywhere. They are typically marine feeders, but they've also picked up a habit of foraging on food waste. So if you come to Australia you will get your chips attacked by our gulls.

Chris - My Sat Nav counselled me to do the windows up and don't let the seagulls steal my chips. And you think that's how they catch, how they get these bugs?

Sam - That's one of the ways they interact with us, but they interact with human waste from landfill. They also hang around in our sewage and there is a lot of contact with drug resistant bacteria, for example bread in hospitals or nursing homes, where there's a lot of antibiotics used. And if the gulls are foraging for food in that area, they get exposed to it.

Chris - Would gulls normally have E. coli living in their intestines?

Sam - Normally we wouldn't expect these bacteria to be part of gull gut. These are human pathogens. So it is actually not the gull bacterium picking up the resistance, it's actually resistant bacteria from humans going into the gulls. There are no genetic differences between the bacteria we got out of the gulls and the bacteria causing disease in humans.

Chris - Do you think it's just here in Australia? Something inside me says absolutely not because gulls are everywhere and human practises about how we handle our rubbish, our waste and our sewage, they're going on everywhere as well.

Sam - Absolutely. If you have similar foraging habits, similar waste treatment, and the birds had the same behaviour, it will be a global phenomenon and it’s just that in Australia we did a very comprehensive study to prove that this is there, and I'm sure it'll be the same in the UK or in New Zealand or even the US.

Chris - And just gulls? Are you going to extend this to other birds, because there are lots of other foragers, crows, the crow family, magpies for example, they're really good at picking through rubbish and they hang around in the same sorts of places that gulls do. Do you think that the same phenomenon may well emerge there?

Sam - That is an area that we are studying. So gulls are what we call “colonial breeders.” They live in large colonies with a limit of predation. Any birds that are scavengers and have similar lifestyle to gulls we expect to see that. So we are looking at ibises, ducks, we have a study running in penguins and pigeons as well.

Chris - So would you anticipate that, because they are these colonial breeders, they’re hanging around these big groups, that as soon as one picks this up, is going to poop it out into the environment where the others are all hanging around. So even if only one picks it up initially, it can quite quickly establish in the rest of the colony? Is that why you've got this dramatic prevalence?

Sam - That's the hypothesis that we're working on at the moment, because the colonial breeding habitat also provides for the accelerated dissemination.

Chris - Closing the loop, it's gone from a human into a gull, and quite possibly other bird species as well. Evidence that it could come back, or feed back into and cause human infection again?

Sam - It goes back to your Sat Nav that’s giving you information about what to do with gulls. So it's to do with… if we interact with the same areas where the gulls interact and live, beaches, parks. So for example, my child going and playing in the play equipment that had fresh seagull dropping, and if he goes and plays and puts his hand on some fresh dropping, and accidentally put his hand in the mouth, he's going to immediately get inoculated. That is where our public health concern for this finding lies actually.

Beard

23:09 - What's buggier: beards or fur?

Which actually has more bacteria lurking inside: dog fur, or a human beard?

What's buggier: beards or fur?
David Williams, The Queen's Veterinary School Hospital

A shortage of veterinary scanners means machines for humans are increasingly being used to image our pet dogs, leading some people to wonder about infection risks. But which actually has more bugs lurking inside: dog fur, or a human beard? To sniff out an answer, we let Naked Scientists Ben McAllister and Ruby Osborn off the leash to investigate. In the interests of confidentiality, the names of some of the furry subjects in this report have been bleeped to protect their identities...

Ben - Recently, there's been a lot of hullabaloo about the relative cleanliness of dogs and humans with the study from the journal European Radiology finding that, on average, men's beard hair contains higher populations of bacteria than dog fur.

Ruby - That's interesting and a bit gross, but why was a study in a radiology journal we hear you shout?

Ben - And if they aren't shouting it, I certainly am. So please enlighten me.

Ruby - The study was initially trying to determine whether it was safer and/or cleaner to get an MRI...

Ben - Which is a common type of medical scan also known as a Magnetic Resonance Image.

Ruby - ...in a machine that was shared by both humans and dogs compared to a machine that was just used by humans?

Ben - Shared at different times I expect.

Ruby - Who's to say.

Ben - Well, what did they find?

Ruby - Ben, surely you remember that we contacted the study author, Dr Andreas Gutzeit to find out more. Sadly, Dr Gutzeit was not available for an interview but they found that the MRI shared by humans and dogs in fact contained fewer bacteria than the MRI only use by humans. The shared machine was carefully cleaned after every doggy patient meaning it actually got cleaned more often than the human only machines.

Ben - It seems that the conclusion of the MRI thing is that whether you've got humans or dogs in your scanner you should probably just clean it out regularly.

Ruby - Yep. But let's not gloss over their results about facial hair versus dog fur.

Ben - That's right. They swabbed dogs fur in 30 dogs and people fur in 18 adult men and compared the bacteria found in each.

Ruby -  Dr Gutzeit commented that the study showed that humans and animals are very similar and the paper explains that they actually found slightly higher populations of bacteria, on average, on the men's faces.

Ben - And the astute of us will note at this point that I know how to grow facial hair.

Ruby  - And I know how to test for bacteria.

Ben -  So given this shows called the Naked Scientists and not just the naked people who talk to you about stuff, we went to the Queen’s Veterinary School here at Cambridge University to see how I compared to a dog.

We’re here with…

David - David Williams. I'm veterinary surgeon here.

Ben - And well, who else is with us Ruby?

Ruby - I have my two test subjects. I have beep, the black labrador and also Ben and Australian man.

Ben - And we are going to find out who's got more bacteria. David, who do you think is going to have more bacteria in their hair? Do you think it's going to be beep here or do you think it's going to be me?

David -  Well, I would have thought it would be beep, because beep doesn't wash herself on a daily basis, and I hope that you might.

Ben - That makes some sense, but I guess, proof is in the swabbing, so let's get down to it shall we.

Ruby - I'm going to swab beep's neck. Come here darling, there we go. Good girl.

Ben - Okay. One sample down... And swab number two -  I'm very nervous about this one...

Okay, all done.

Ruby - As well as Ben's beard, I also swabbed his hairless cheek to see if it's really the beard that's the problem or just human's faces.

Ben - And we made one more stop at the Animal Hospital's MRI machine to see how clean that was?

We are here in the radiology department with...

Mari - Mari Ode.

Ruby - So how often do you clean your MRI machine?

Mari - We'll be cleaning our MRI machine between every patient, and at the end of the day we’ll be giving it another clean.

Ben - Right. So that sounds  quite clean and I'm expecting it's going to have less bacteria than I'm gonna find a human MRI machine which, apparently, aren't cleaned all that thoroughly all the time. You work with animals quite a lot I expect?

Mari - Yeah, every day.

Ben - All kinds of different animals or?

Mari - All kinds, every sort of species. Our main species are cats and dogs but we will have all sorts. We've had tigers, we've had many cheaters, we've had lots of different animals.

Ben - And, so given your vast experience of different animals, who do you think is going to have more bacteria on their face? Do you think it's going to be beep, the black Labrador who we swabbed or do you think it's going to be me, a 25 year old human man?

Mari - Uh, oh. I think the interesting question will be, also, what kind of bacteria? Do you have more dangerous bacteria or do you just have more as a human being compared to an animal?

Ben - I did wash it this very morning.

Ruby - I was about to ask if you'd washed your beard.

Ben - Well, I suppose only time will tell. So were about to swabbed the MRI machine.

Mari - And this is the coil that the animal sits in.

Ben - It sounds like they clean that thing a good deal?

Ruby - Yep. And that was supported by our swab results which showed a very low levels of bacteria.

Ben - Our doggy helper also showed low amounts of bacteria, actually lower than any of the dogs in the original study.

Ruby - And then there's Ben...

Ben - Oh dear.

Ruby - Ben's beard did in fact contain high levels of bacteria. Five times more than the moderate amount on his cheek.

Ben - Even though I'd just washed it that morning!

Ruby - So it seems our little experiment...

Ben - Which is not very rigorous, by the way, with just one person and one dog.

Ruby - Stop trying to get out of it Ben! Our little experiment supported the paper's findings that human beards contain more bacteria than dog fur. A secondary aspect of the study that was in addition to having a higher density of bacteria overall, the density of human pathogenic bacteria, or bacteria that can harm humans was slightly higher in men than in dogs.

Ben - It's important to note that the secondary result of this paper didn't reach what is called "statistical significance," which means it wasn't clear from the data that human hair does contain more harmful bacteria than dog fur, and we can't really draw that conclusion with any confidence. That being said, even if it is true, perhaps it's not surprising then humans carry more human-related bacteria than dogs given we're well -  humans.

Ruby -  There's also the question of if bacteria being present in dog fur or human fur is really that big of a problem to begin with?

Ben - Bacteria are everywhere.

Ruby - Keyboards.

Ben - Phones.

Ruby - Doorknobs.

Ben - Handrails.

Ruby - You get the idea. Whether or not bacteria are denser in human beard than in a dog's fur, a beard is probably not the only bacteria dense in you'll come across in your day-to-day life.

Ben - The study authors even said there's no reason to believe that women may harbour less bacteriological load than bearded men. So leave us beardies alone! We are no worse than the rest of you.

Ruby - Yep. Beards are fine. You should probably still wash them regularly though.

Ben - I do!

Ruby - Well then, it's fine.

Ben - Some would say - cool - even.

Ruby - Some might, although our research found no evidence to support that assertion.

Ben - Oh!

Tank

26:57 - Mailbox: why does my digital watch drift?

The part of the show where we read out your correspondence...

Mailbox: why does my digital watch drift?
Chris Smith

This is the part of the show where we read out your correspondence. First up, Mark Jacobsen is pondering how a tank moves forward on its continuous track...

Chris - Right well, this is very similar to the way that a digger on tracks actually moves. Inside those tracks, there's a cog on each end of the digger, and that cog engages with a groove on the underside of the track, and as the cog moves around, and the same way as a bicycle crank moves the bicycle chain, it actually advances the track and because the track is basically being picked up at one end and laid down at the opposite end, the digger rolls forward inside the track it's leaning forward, and the enormous surface area that you've got with those tracks against the ground means you get an enormous amount of traction, which is why things like big heavy earth moving machinery and tanks use them.

Adam - Brilliant. And meanwhile Nev asks: Why does the time on my digital wristwatch always end up being five minutes ahead within three months? I always turn it back but it still jumps ahead. Every digital wristwatch I have ever had did this.

Chris - Yeah I'm with you Nev, happens to me as well. The reason is that lots of these watches use crystals, they actually use a piezoelectric crystal. Basically what you do is you apply a small electric current to the crystal. The crystal is very finely shaped so that it vibrates when you put the electricity in, and it vibrates a bit like a miniature tuning fork and it does it, usually in those crystals 32,768 times a second, which means you can use that to work out roughly how fast the watch is ticking, but it does that at a certain speed which is determined by the temperature, and if you warm the watch up it will vibrate a bit faster. If you cool it down it will vibrate a bit slower, and because most people's watches are not very well insulated and they’re not a constant temperature, there is a wandering of that vibrational frequency of the crystal. So the watch timekeeping wanders. Really high quality watches and timepieces do two things; one, they insulate the crystal to stop the temperature variations happening so much, and also they incorporate machinery to correct for temperature variation but cheap watches like you’re £2.50 one you get from a Christmas cracker don't do that. So you just have to put up with the fact you're gonna be either very early or very late for you’re meeting pretty quickly.

 

An enigma machine, used by German forces in the Second World War to send coded messages

29:55 - How was the Enigma code broken?

One of the world's most famous codes, and how it was broken...

How was the Enigma code broken?
James Grime; Elizabeth Bruton, London Science Museum

First up, we’re winding back the clock to look at one of the most famous code-breaking endeavours: the effort to crack the Enigma code. Adam Murphy went to the Science Museum in London to speak with Elizabeth Bruton, who’s the curator of a new exhibition all about cryptography and the Enigma Code...

Adam - Cryptography, or hiding information so no-one can see it, has a long and storied history. From ancient times right up to today, people have wanted to hide their sensitive data. One of the most famous cases of this was of World War II and the German Enigma code.

Elizabeth - So we're in an area that looks a little bit like a Bletchley Park hut during the Second World War; that's the centre for British codebreaking in the lead up to - and indeed during - the Second World War. And the initial display relates to the Polish contribution to cryptography, and indeed to breaking the Enigma cipher system used by the German military before - and indeed during - the Second World War. So one of the rarest objects we have on display - and one we’re truly honoured to have here - is an Enigma copy, or an Enigma double, loaned to the Science Museum for the duration of the exhibition by the Pilsudski Institute. Now from the early 1930s onwards, Polish cryptographers and mathematicians were able to intercept field messages sent by the German military using the Enigma cipher system. They'd also had a copy of the civilian version, and through this and some... I suppose the best way to describe it is some skullduggery in terms of describing the parts, they were able to essentially reverse engineer a German military Enigma cipher machine, having never actually seen one. They produced a design, which they built from sort of the late 1930s through to the 1940s when they transferred themselves from Poland to France after the fall of Poland in late 1939. And this is the very machine we have on display. Fewer than 100 were made before and during the Second World War, and as far as we know only two have survived. And we have one on display here.

Adam - So the British weren't the first to take a shot at breaking Enigma. But what was Enigma and how did it work?

Elizabeth - And what some people may not know is that Enigma was first and foremost a civilian system designed to keep radio traffic of banks and post offices and other commercial ventures secure. It was purchased by the German military in the late 1920s, and from there on the civilian version was no longer sold. And the more complex military version which had a plugboard, which significantly increased the number of options and therefore complexities, possible settings, was used as the main field communication systems across all three branches of the German military from the late 1920s through to the end of the Second World War. Those who worked with it believed that it was unbreakable, that there was millions of billions of possible combinations, and in order to try out every single possible setting - bearing in mind the settings changed daily, so it wasn't that you had forever - it would have taken more than the lifetime of the universe if you did it manually. And indeed that is the case, but there was a number of weaknesses of the Enigma cipher system. For example, it couldn't encrypt a letter as itself, so A would never be encrypted as A. You could produce these cribs, which is where you made a very educated guess as to some feature of the message: whether it was the opening thing, for example, maybe someone opened or finished a message with ‘Heil Hitler’; or it could be a weather report, which had a very standard form, so if you knew the form of the weather report and the weather as it was in that particular location, then you could make a very educated guess as to the content. And if you know what the decrypted version of it's going to be, you can essentially map the encrypted onto the decrypted to try and make an educated guess as to the key, the different sections of the rotors and plugboards and so on that it was set to. But it was a race against time, because you had essentially 24 hours before the key setting changed and you're almost back to square one.

Adam - What was the answer then? What was the Enigma antidote?

Elizabeth - The British used a system called bombe based on a manual version developed by the Poles. And essentially it tried a number of possible key settings until it found a possible version that didn't clash with their thought of what an encrypted-to-decrypted letter was. Then they would stop; they would check that with an adapted British Typex machine, that is the British cipher machine; see if a message was produced in comprehensible German. If it was then they'd found the key setting for that particular network for that particular day; if it wasn't, then they would go back again and try again until they found the key settings.

 

Numbers

How to make (and break) a code
James Grime

It's time look at the maths side of codes. In the studio with Chris Smith and Adam Murphy is mathematician James Grime. They're discussing the World War II Enigma machine and the fact that the Poles cracked Enigma, and even built a replica machine to decode it, without ever having seen the real thing...

James - I know and people don't know that. And people should know this.

Chris - Have you seen one, because you know you work on this?

James - Yes. Yeah. So the Polish Double, which is where they reconstructed what an enigma machine must be. They had one at the Polish Institute and I did do some work with the Polish Institute a few years ago, where I did a talk at the Polish embassy about the Polish mathematicians.

Chris - How did they do what they did at Bletchley Park, then? How did that Bombe technique that she mentions work in order to crack that code? And what was the nature of the code that made it so hard to actually grapple with?

James - Okay so there's two things that make enigma difficult. First of all, there are lots of combinations. So I think we talked about, there's lots of combinations; too many to check. But the other thing that makes it very difficult is the moving wheels.

Chris - Because the simplest level is just substituting one letter for another isn't it?

James - It is.

Chris - But you're saying is moving wheels, is that because the substitution isn't the same every time. It's not - today A is E and tomorrow A is Z, it’s actually, right now A is Z but next turn of the wheel it's going to be D or something.

James - You’ve got it exactly right. So when the wheels turn, each letter of the message, it's been sent with a different code essentially, which makes traditional code breaking techniques impossible.

Chris - So how did the Bletchley Park team attack that?

James - Yeah. So what they were doing when they built these large BOMBE machines, what it was doing it was a process of elimination. So actually was trying to work out the plugboard, if I can tell you the truth. That’s the little wiring at the front and it was trying to work that out, if it found it was impossible, it would move on to another position and if it's impossible, it would reject, and it would reject, and it would reject. And this process of elimination was actually faster. So whatever you can't reject must therefore be the correct answer.

Chris - So in other words what they're doing is basically, a brute force attack on this thing, you take what you've stolen as the encrypted message, try what you think might be the solution, and see if you can decode it.

James - Just one step cleverer than brute force, because once you reject one answer, there's a whole family of answers you can reject at a stroke.

Chris - Oh, so you narrow down the opportunities and so that speeds it up. So how long was it taking them to do the average, to get the code for that day.

James - So on a good day you could check all your positions and find the correct setting in 20 minutes.

Chris - Right. But then obviously the work began, because then you got to feed all of the messages you have intercepted in, using that code and break them for that day.

James - Yeah. And what the codebreakers at Bletchley could do is, they could be reading these messages, these secret messages from the German army before the Germans had a chance to decode what they said. It’s amazing you can do that.

Chris - And how does everyone know what the settings will be for each day? Was that published somewhere so the German army knew what settings to use for what date?

James - Yes, so the Germans were given a key sheet, a large sheet of paper, and for each day of the month it told you how to set the machine for that day. Nice little story: The Navy would write those on blotting paper. So if your ship gets torpedoed and wet, that would wash away. That's how you keep the secrets of those codebooks.

Chris - Now people thought this was unbreakable. Obviously, it wasn't because the clever people in Poland, and also at Bletchley Park did suss it out and they got to the bottom of it. Is it possible mathematically though James, to make codes that are not breakable?

James - Yeah. There is such a thing as an unbreakable code. So that is called a one time pad cipher. And it's not that difficult to explain. I could explain it now. So you might have tried as a child, a shift code where you shift the alphabet across. You might shift it three across, or four across.

Chris - Do you mean that every time I should write A, I write C or D or something?

James - Exactly. Yeah. So if we shift it one, A would become B and a B would become a C. Now there are 26 possible ways we could shift the alphabet. Now a one time pad, does the same idea but it uses a different shift for each letter of the message.

Chris - That's what an enigma does, isn’t it?

James - Exactly that's what it has in common with enigma. Now if you do that, me and my friend, we have to share that sequence of shifts. Then my friend can just reverse it and get the message back.

Chris - But the vulnerability is that I could find out what that series of shifts is because someone else knows it?

James - Yeah. If you can steal that key. Absolutely. That's one of the problems. But if you steal the code and don't know the key, you'd have to try every possible shift on each letter of the message. What you get is every possible decryption. What you're doing is taking each letter for the message and you're allowed to shift it as many places as you want. Now if you don't know and you just try every possibility, you could make it say any possible message

Chris - Oh. Oh that would be nasty wouldn't it? Is anyone actually using that? Is that in industrial use.

James - I have heard that it is something that is used between the president of Russia and the president of America. I can't believe Trump and Putin are sat there doing their one time pad ciphers. But that is something I've heard, but it is slightly impractical as a code. The closer we can get to that idea in principle, though, the closer we are to an unbreakable code.

Chris - And did you have a code as a kid? Because I mean people like Samuel Pepys wrote his diary in code. Julius Caesar wrote in code, did you have a secret James Grime code as a kid.

James - I did. I used to write my words backwards and put a Z at the end.  And I thought, Ah, no one will ever be able to break my secret code.

Chris - And?

James - Of course no one did. No one cared!

Spies

41:25 - The science of spycraft and spying

Back with Elizabeth Bruton at the Science Museum in London…

The science of spycraft and spying
Elizabeth Bruton, London Science Museum

Adam Murphy is back with Elizabeth Bruton at the Science Museum in London to talk spycraft…

Adam - Spycraft and encryption moved on after World War 2 and eventually we landed in the James Bond Cold War era world of spycraft, with spies around every corner, and hidden messages shrunken down on tiny pieces of microfilm. But how ridiculous is that, really?

Elizabeth - The Portland Spy Ring was one of the most successful Soviet spy rings in Britain during the Cold War. It consisted of five people, but the two people we were particularly interested in were Helen and Peter Kroger. They were ostensibly a Canadian couple living in Ruislip in north London, that well-known centre for spying. He was an antiquarian bookseller, she was a housewife, but they were actually American Communists spying on behalf of Soviet Russia. They were using powerful radio sets and microdots. That is where you photograph a document or image and you shrink it down to the size of a full stop so you can send it in books and letters and so on. And they were using those to send top secret naval documents back to Soviet Russia, particularly relating to Britain's nuclear submarine program. The spy ring was detected and then arrested in January 1961. All five members were imprisoned. All of their homes and other locations were searched for the spycraft that they were using. And we have a number of examples on display: we have their radio set which they would have used to communicate with Soviet Russia...

Adam - You still have to hide though. Keep your top secret Soviet spy ring under the radar so to speak. How would you go about keeping yourself secure?

Elizabeth - They believed that by locating themselves in Ruislip that their wireless messages which were sent in high speed Morse code bursts would be undetected because they were near RAF Northolt, which would have had a lot of wireless traffic as well. That wasn't indeed the case, but nonetheless, we still don't know what naval secrets they stole specifically because the documents were taken out, photographed, and then returned. They were all imprisoned, some of them ended up going back to Soviet Russia, but it's a really fascinating piece of Cold War history and one which really captured public attention. There were books and plays about it at the time, newspaper headlines which we've plastered over the outside of a replica of their house. One for example: “Villa was wireless station for a spy ring.” It just really captured people’s public attention and concerns about what spycraft is available, and can you trust people to be who they say they are.

Adam - How would you even know where to look on a document like this if you got your hands on it though?

Elizabeth - They would have hidden it in books or letters that would have gone on a secure route back to Soviet Russia, and they would have sent wireless messages in advance telling people in Russia where to look and where to find it.

Adam - And that would mean the letters could be as innocuous as you like… the message hidden in a full stop.

Elizabeth - Yep. So you know, the letter or the books could have been anything and since Peter Kroger was an antiquarian bookseller, it was quite par for the course for him to be sending books out to all over the world.

Adam - That's the Cold War though, that's a long time ago. When it comes down to the best standards of encryption, the smartest thing to do is to take us humans out of the equation entirely.

Elizabeth - So we're standing in front of a case that contains lots of different objects, modern and not so modern. At the back we have things that look like very small scrabble tiles but they have numbers rather than letters. These were used by Government Code and Cipher School staff at Mansfield College in Oxford, where they created secure systems. And the reason why they had these tiles was that they would put them in a bag and they would encourage staff to take one out, to try and create a randomly generated number in the best way that they had available at the time during the Second World War, in order to create one-time pads and to create secure systems. However what we've learnt since then, and we have other more modern electronic systems here including one used to load keys onto an RAF Typhoon aircraft on loan from the Ministry of Defence, is that human beings, and also computers, are absolutely terrible at generating truly random numbers, strings, and so on. We seem predisposed to patterns. Computers are very good at calculating large numbers and so on, but not great at actually, truly creating randomly generated numbers. So next to that display case we have a chaotic pendulum which is used by internet security company CloudFlare along with other devices that gather information from the environment around them, so they have lava lamps which are on display in the CloudFlare lobby, and they use other environmental measurements to create truly randomly generated numbers which are incredibly hard for computers to break, because there is no pattern to them, because they are utterly random. And some of these are used to underpin the security of the Internet and indeed to keep our communications secure today.

QR code being read by phone in hands

46:33 - How does computer encryption work?

And how do we keep modern technologies secure today?

How does computer encryption work?
Markus Kuhn, Cambridge University

To consider how we keep modern technologies secure today, Chris Smith and Adam Murphy are joined by Cambridge University computer scientist Markus Kuhn... Do they really use a lava lamp to generate random numbers like that?

Markus - Not really! The lava lamp it's a bit of a PR gag. But it does illustrate that there is a problem that computers have. Computers are very deterministic devices: they do each time you ask them something to do exactly the same thing. So it's actually a problem: how do you cause a computer to generate a random number. For example you have devices that come off the end of a production line, there have been problems with things like Internet routers, Internet of Things devices, that had actually quite a lot of similar keys...

Chris - I'm with you. So when you build a security camera that's on a production line, the flaws in whatever the system are that makes it choose its secret number, that flaw is going to make all of them make a similar mistake make choosing similar numbers that make them more crackable?

Markus - There have been studies where people scanned the secret keys used by millions of Internet cameras, and they did find thousands that actually used the same key for that reason: because the manufacturer didn't have a lava lamp, or some other secure mechanism to create the random numbers!

Chris - So how do they then get round this?  What are they using?

Markus - So mouse movements are pretty good...

Chris - ...you're telling me, on a production line, there's a bunch of people wiggling a mouse like that! Surely not!

Markus - If it's a microprocessor that goes into one of these routers, Internet of Things things, the most modern ones actually have a special hardware random number generator on the chip, and what they normally use is a noisy amplifier. So they build a deliberately bad amplifier and a microphone input, and then they just sample the noise that comes out of that analog electronic amplifier for a second or so...

Chris - ...and that makes the random noise?

Markus - That's the randomness. Yes.

Chris - In recent years there's been a really big shift towards encrypted connections on the Internet. So when you go onto Facebook, or you go onto your email, nowadays we're looking for "HTTPS" and that little padlock icon. What does that actually mean?

Markus - So there's three things going on that the HTTPS protocol does: it encrypts your connection; it provides you with confidentiality, so if someone taps your phone line they can't actually see what you're doing on the network; it protects the integrity of the connection, so it prevents someone to modify the data, and it protects the authenticity of the connection. So, for example, if you go to the website of your bank you can be assured that this is actually the genuine bank's website and it's not the mafia having copied the bank website and redirected your traffic to it in order to steal your password.

Chris - How would you know, though, or how would you defend against, let's say I set up a Wi-Fi hotspot and Adam comes along and he connects to it, and he connects to his bank and does some online banking. But let's say I actually I take the data he's sending and I fool him into thinking he's got a secure connection - because I make one to him - and, meanwhile, I take what he sends to me and I send this to you the bank. And you both think you're talking to the right person, but actually I'm copying all the information that's flowing between the two of you. How is that defended against?

Markus - This can be done. This is known as a "grand master chess attack" because it's a very similar trick you could play to pretend to beat a grand master in chess where you just have two chess games with two different chess masters and you just pass their moves on to each other. And both of them think they are actually playing with you, whereas you are actually causing them to play against each other. And in cryptography, this is also known as a "middle person attack". So it's quite important that there is some confirmation of the authenticity that both of these communications are actually using the same keys. And this is done using something called a "digital certificate" to digitally sign the host name - the name of the computer - with the key that's being used by your bank for example. And there exists organizations call certification authorities that publish a kind of phone book of which organization is using which keys. Web browser does is it makes essentially this kind of telephone book look up: does the key that's being offered by your bank actually match the official key of that bank?

Chris - But if my web browser can do that, a criminal can do that can't they? What's to stop a criminal just looking up these keys and then emulating or copying them?

Markus -  They can look up the public key, but the public key is only useful to verify the authenticity: the public key cannot be used to actually signed the data packets that come across. For that you need the corresponding secret key, but that is being kept by the bank. So there's a piece of information in the bank computer that the criminal does not have access to.

Chris - What are the criminal masterminds doing to try to outwit this?

Markus - So most attacks against these systems on the on the Internet today are not actually breaking the cryptography, because the methods have been become extremely secure, extremely sophisticated. They mostly trick the users into not paying particular attention. They for example will change the name of the computer to sound similar to your bank. But, actually, some of the letters are from a different alphabet. So there have been cases where the name of a well-known bank has been spelled in the Cyrillic alphabet, where some letters look identical and people didn't realise they're actually talking to a slightly misspelled version of your bank. So it's quite important that you are very carefully look at the name of your bank in this bar above the web page.

Chris - And just in finishing, Markus, are there three top tips you could offer our listeners for the best way not to fall prey?

Markus - Using a password manager - using separate password on every website - is probably the top one. The second one is whenever you enter a password, make sure you first check the address that this is exactly the address that you are expecting. The third most important tip is, whenever you receive unsolicited e-mail, be extremely suspicious of any links in that e-mail, because very likely this is a fraudulent e-mail and it's just designed to lure you into a fake version of the company's Web site...

A pot of boiling water on a stove

53:26 - Why does pasta or rice water boil over?

When you add pasta or rice to boiling water, why does it suddenly boil over?

Why does pasta or rice water boil over?

We received this im-pastable question from Anthony. To find the answer, Phil Sansom went to speak to Phillip Broadwith, business editor of Chemistry World magazine...

Phil - Ah, the classic pasta-water-rice-water surge. Enemy of carb-lovers everywhere! I got in touch with Phillip Broadwith, business editor of the Chemistry World magazine - and he said that to understand this, you first have to understand how boiling works.

Phillip - Boiling is the process of a liquid turning into a gas. It starts with a tiny bubble, formed by a small amount of water vapourising into steam – usually at some kind of imperfection on the bottom or sides of the pan.

Phil - When the bubble is big enough it detaches from the bottom or the sides and rises up, growing bigger as it rises, and bursts to the surface. Those bursting bubbles are what you see when the water rolls and boils.

Phillip - But how aggressively the water boils is determined by the temperature and the number of sites where bubbles can form. If you have water that’s hot enough to be boiling, but doesn’t have a lot of surface for bubbles to form on, it won’t boil very hard. But if you suddenly add more surface – for example by adding pasta or rice – then a lot of bubbles will form all at once, so you get that big surge. This phenomenon can be particularly spectacular if you superheat the water in a very smooth container – for example a mug in a microwave oven. It’s then possible to get the water well above 100°C without boiling, but then if you add coffee granules, you can get a huge surge of boiling, which can be quite dangerous as it'll spit scalding liquid all over you.

Phil - So boiling happens a lot quicker once there are lots of corners and edges and surfaces where the bubbles can form. Regular forum user Alan Calverd got to the same answer, but he also said, “if the added material contains starch or gluten, the bubbles can form a strong mat instead of bursting at the surface, so the next group of bubbles pushes the mat upwards and the pan boils over." So there’s a second dimension to this. Rice and pasta both contain starch and gluten, and that’s why you sometimes get that foam on the top, which adds to the boiling over problem. For rice, there’s an easy fix that I myself approve of: rinse it! And do it properly in a bowl rather than a colander, multiple times, until the water runs clear.

Phillip: This gets rid of a lot of the loose starch particles on the surface, which will also make your cooked rice less sticky. Even better cook your rice by the absorption method, which starts with the rice in a measured amount of cold water and heats it gently with a lid on until it’s absorbed all the water.

Phil - Thanks Phillip. I’m off to make dinner. Next week’s nail-biting question comes from John.

John - I want to know, if enough people in the world donated their finger and toenail clippings, could enough keratin be produced to satisfy the demand, and thus stop poaching of wild animals in Africa?

Comments

Add a comment