JJ
Uploaded byJeremiah Jackson
PPTX, PDF289 views

Tales From the Crypt(ography)

This document provides an overview of cryptography from a historical and practical perspective. It discusses early crypto systems like the Scytale and Caesar cipher. Modern systems like the Enigma machine and the One-Time Pad are explained. It also summarizes public key cryptography pioneers like PGP and the "Crypto Wars" debates around government access to encrypted communications and privacy rights.

Internet
Related topics:
Information Security

Embed presentation

Download to read offline
CRYPTOGRAPHY A HISTORY, PRACTICAL, AND APPLIED PRACTICES
OVERVIEW The purpose of this presentation is to give a brief overview of cryptography. Both from a historical perspective, through modern usage. The lesson will have one interactive section, taking possibly close to thirty minutes to complete. Topics covered will include: • Historic crypto systems • Symbols, Symbology, Anti-Language • Scytale • Letter substitution (Caesar Cipher, and ROT13) • Vignère cipher (keyed letter substitituion) • The Enigma Machine and Rotordisk Encryption • One Time Pads (OTP) • Secure, but not secure, thanks • Modern crypto systems • Steganography and Visual Cryptography vs. actual Cryptography • Shared Key Cryptography • Defining A Web of Trust • Cryptowars V1 (the Right to Privacy) • PGP/GPG • Cryptowars V2 (Post 9/11 Politics) • Cryptanalysis: A Very Brief Overview • Physical Attacks • Letter Frequency • Cribs • Statistical Analysis • Activity: Getting Started With Cryptography and Defining a Web of Trust
HISTORIC CRYPTO SYSTEMS Cryptography and Cryptanalysis—its sister study—are extremely old disciplines. While the first known use of cryptography is recorded in Egypt c. 1900 BCE. Where non-standard hieroglyphs were used, apparently playfully, to obscure the meaning of the text for literate readers. Other factors also came into play with hieroglyphs, primarily that the direction the animals were facing in the writing determined the direction the text was to be read. The oldest commercial use dates to near 1500 BCE, where a craftsman wrote down his recipe for pottery glaze in a cipher text. Even later Hebrew scholars used letter substitution around 500 to 600 BCE. Asian writing, particularly Chinese writing systems have an easier time encoding their data due to their inherent complexity. In China (as an example) the direction to read/write depended on the class of the writer, the class of the recipient, the era the writing was made, and various other factors. Arabic based texts are similar in that the texts themselves omit vowel sounds. This means that translation efforts rely heavily on verbal knowledge, as well as contextual based clues. While not deliberately being a cryptographic system the goal was obviously to obscure content to limit its understanding. Essentially the same goal as cryptography.
SYMBOLS, SYMBOLISM, ANTI-LANGUAGE • Similar to the hieroglyphic methods of encoding language. Groups may tend to use symbols to hide meanings and definitions, effectively creating a cipher for those that don’t know what a symbol means, as opposed to those who do. • Examples of this are: Hobosigns War Chalking Tagging (Anti- Fa sign from Greece) • Other examples, of codified language are cryptolects: argots, or “anti-languages” such as Thieves’ Cant, Rhyming Slang, Jive. • Urban Dictionary – useful reference for modern cryptolects, may be slightly off due to crowdsourcing and locale. • Disinformation – language is hard to prove/disprove due to it’s constantly fluid state. This also allows for bad translations/disinformation of anti-language to be leveraged to discount a given meaning. Etymology (n): The origin and historical development of a linguistic form as determined by its basic elements, earliest known use, and changes in form and meaning.
SCYTALE • The Scytale was an early form of physical encryption. Roman military leaders and their subordinates were dispatched with octagonal sticks. When a message needed to be dispatched a piece of leather would be wrapped around the stick, and the message written on the leather. After unwrapping the leather the message was scrambled. Only a recipient with a similarly sized stick could decode the message (in theory).
LETTER SUBSTITUTION OR CAESAR CIPHER • Simple letter substitution ciphers rely on swapping parts of the alphabet in a 1:1 relationship. Decoding these ciphers is as simple as reversing the swap. • The principle is to map one letter to another letter. A wide spread example of this is the ROT13 algorithm, which maps the first 13 characters of the alphabet to the last 13 characters. As such the clear text “Hello” would be translated to “Uryyb” • Another example, called a pigpen cipher, works at breaking up the alphabet into “pens” and swapping out parts of the pen for the location of the letters. • A similar scheme to letter substitution is the transposition cipher, which relies on rearranging the plain text in a complex manner, but not actually changing the text itself.
VIGNÈRE CIPHER • The Vignère Cipher is a form of polyalphabetic substitution cipher that combines both a key and multiple scrambled alphabets (that is multiple Caesar ciphers with different offsets). It was one of the strongest early forms of encryption developed without the aid of a computer. • To process a Vignère Cipher a table of alphabets (called a tabula recta) was laid out (as pictured to the right), and a key phrase was generated along with the clear text. • The key phrase was then repeated until it matched the clear text in length. For example: “San Dimas High school Football rules” with a key of “Whoa” would appear similar to: sandimashighschoolfootballrules whoawhoawhoawhoawhoawhoawhoawho • By using the letters in the key (here four letters w, h, o, a) the corresponding row in the table is matched with the column determined by the clear text. That is (in our example): w + s = o Full cipher text is: h + a = h -------------------- o + n = b ohbdetosdpuhojvokstokapahsfuhlg a + d = d • Before the algorithm for the Vignère cipher was figured out, attacking the cipher was difficult as it helped to obscure commonly seen letter frequencies. This was a time consuming process to handle by hand and reversing it was equally difficult. With today’s technologies there’s multiple websites that can reverse a Vignère and give you the key in seconds.
THE ENIGMA AND ROTOR DISK ENCRYPTION• Letter substitution took a turn shortly before WWII with the inception of Rotordisk Encryption. This was most famously seen in the German Enigma machine. • Rotordisk encryption works by having a series of mechanical disks (three in the case of the Enigma) that would be set to a certain pre-defined key. Clear text messages could then be typed in on a keyboard. The mechanical action of the keyboard would turn the rotors—at least the right, but often all of them—to change the path of an electrical current which would illuminate letters in an output board, these were noted down and after encoding were radioed out using Morse Code. This allowed a multiple-offset substitutional cipher. • Decryption could be handled by setting the rotors to match the initial key, and entering the coded message on the keyboard, recreating the original operator’s steps. This allowed the electricity to flow back through the enigma on the same pathways and would illuminate the clear text light. • It was discovered that an additional layer of security could be added through the addition of a plug board. This allows pairs of letters to be swapped both before and after encoding. • Initial attempts at cryptanalysis by Polish mathematicians proved successful, and the information was shared with the Allies. Combined with poor operating practices on the part of the Enigma operators, and recovered information (codebooks, machines, and other intelligence). As well as the development of the Bombe (named after the Polish Bomba) by Alan Turing and his team at Bletchley park. The Enigma was eventually broken. Similar units to the Bombe were also developed by the US Army and US Navy but were engineered differently. This all helped to turn the tide of the war in the Allies’ favor. Enigma photo By Alessandro Nassiri - Museo della Scienza e della Tecnologia "Leonardo da Vinci", CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=47910919
ONE-TIME PADS • Intended to be used once and then disposed • Multiple pads required to send messages • Both sender and received must: • have copies of the same pad • must maintain sequencing • Must not stray off established formula • Not as cryptographically secure as one would think • Pseudorandom number generation vs. true random number generation • The Cryptonomicon
MODERN CRYPTOSYSTEMS • Computers have changed the game • Telecommunications • Politics • Software • Hardware • Social Media & Steganography • REALLY BIG NUMBERS • Quantum computing • The heat death of the Universe
CRYPTO WARS V1 (THE RIGHT TO PRIVACY) “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” – Article IV, United States Bill of Rights • Computer Fraud and Abuse Act (CFAA) – 1985 meets 1984 (https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act) • The Clipper Chip (https://en.wikipedia.org/wiki/Clipper_chip) • Military Grade Encryption Classified Technology – RSA Two-factor Encryption Illegal to export without munitions license (letters are now bullets)
SHARED KEY AND PUBLIC KEY CRYPTOGRAPHY • Software • Private Key • Public Key • Web of Trust
PRETTY GOOD PRIVACY (PGP), OPENPGP, GPG • First released in 1991 for free (thanks Internet!) • Developed as a human rights tool by Philip R. Zimmerman • Three year criminal investigation (thanks legal gray area of the Internet!) • Offered military grade encryption for the public • Based around Diffie-Hellman, AES, and RSA, also offered Two-Fish • RedPhone – telephone port of PGP that used a modem • OpenPGP • Created in July 1997 by PGP in concert with IETF, based around concerns that RSA was legally menacing • GPG – FOSS port of PGP, compliance with OpenPGP. PGP is Closed Source and now owned by Symantec
STEGANOGRAPHY AND VISUAL CRYPTOGRAPHY VS. ACTUAL CRYPTOGRAPHY • What is Steganography? A process of encoding plaintext information into an existing noise stream. Particularly used with graphic images due to their high noise tolerance. Due how the human eye perceives color, it’s easier to hide a very small amount of text in the large color pallet of an image while causing minimal distortion of the image. (https://en.wikipedia.org/wiki/Steganography) • What is Visual Cryptography? Similar to Steganography and Watermarking, but using some elements of shared-key cryptography. Visual cryptography hides half of a public-private key pair inside another image. When the image is shared the message goes with it, and the recipient (holding half of the key pair) can find the apparent noise in the image, compare it with their key and receive a visual confirmation that the image belongs to the other user. Particularly useful for DRM, and copyright protection. (https://en.wikipedia.org/wiki/Visual_cryptography) • How do they differ from ‘actual’ cryptography? Steganography, and Visual Cryptography rely on hiding a message in existing noise. That is, by breaking the message up and slipping it into an existing image, text, or digital source the information can be obfuscated far enough to be difficult to detect by those not in the Web of Trust. Cryptography instead generates random noise using a key, algorithm, and plaintext in combination. A frequent user of Steganography is ISIS who use it to communicate in plain sight via Reddit, eBay, and other image sharing sites. (http://www.independent.co.uk/news/world/middle-east/isis-and-al-qaeda-sending-coded-messages-through-ebay-pornography-and- reddit-10081123.html)
CRYPTO WARS V2 (POST 9/11 POLITICS) “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” – Benjamin Franklin • Steady Erosion of Privacy Rights (not to mention other rights) • Ubiquity of high-level encryption vs. criminals’ ability to crime • One man’s freedom fighter… • TOR, i2p, Freenet, and tools of political dissent • The “Darknet” • NSA monitoring • Facebook, Gmail, and Social Media • Smartphones, and 1984 (Orwell didn’t expect us to buy the cameras.) Footnote video (iPhone):
ON PGPDISK, TRUECRYPT AND ON-DISK (OTFE) ENCRYPTION • On disk encryption uses a cryptographic format to mask the contents of hard drives (see CGP Grey Footnote video) • Previous encryption standards: • PGPDisk (still actively developed, no longer free, closed source) • TrueCrypt (FOSS, no longer actively developed, closed up and killed the canary) • BitLocker (closed source, bundled with Windows, strongly suspected of being back-doored)
CRYPTANALYSIS • Physical attacks – good for physically guarded systems, such as Scytales, and physical locks. • Letter and Frequency Analysis • Cribs

More Related Content

PPTX
Cryptography
byKushagro Dhar
 
PDF
Introduction to Cryptography Parts II and III
byMaksim Djackov
 
PPTX
My cryptography
byNAVYA RAO
 
PDF
Introduction to Cryptography Part I
byMaksim Djackov
 
PPT
overview of cryptographic techniques
byShubham Jain
 
PPSX
Cryptography
byAskme.com
 
PPT
Cryptography cse,ru
byHossain Md Shakhawat
 
PPT
Fundamentals of cryptography
byHossain Md Shakhawat
 
Cryptography
byKushagro Dhar
 
Introduction to Cryptography Parts II and III
byMaksim Djackov
 
My cryptography
byNAVYA RAO
 
Introduction to Cryptography Part I
byMaksim Djackov
 
overview of cryptographic techniques
byShubham Jain
 
Cryptography
byAskme.com
 
Cryptography cse,ru
byHossain Md Shakhawat
 
Fundamentals of cryptography
byHossain Md Shakhawat
 

What's hot

PPT
Cryptography - An Overview
byppd1961
 
PPTX
cryptography
byAbhijeet Singh
 
PPTX
Cryptography
byshubham Kumar
 
PPT
Cryptography
byIGZ Software house
 
PPTX
Cryptography
byHassan Osama
 
PPT
Cryptography - A Brief History
byprasenjeetd
 
PPT
Classical Encryption Techniques
byuniversity of education,Lahore
 
PPT
Cryptography
byPPT4U
 
PPTX
Cryptography
byKARNAN L S
 
PPT
Lecture 11
byHemin Essa
 
PPTX
Cryptography.ppt
byUday Meena
 
PPSX
Cryptography
byNishant Pahad
 
PPT
Ch02...1
bynathanurag
 
PPT
Cryptography
bySuhepi Saputri
 
PPT
Ch03
byssusere796b3
 
PPT
Ch02
byssusere796b3
 
PPT
Cipher techniques
byMohd Arif
 
PPT
Elementary cryptography
byPrachi Gulihar
 
PPT
Crypt
byMir Majid
 
DOCX
Cryptography
byfsl khan
 
Cryptography - An Overview
byppd1961
 
cryptography
byAbhijeet Singh
 
Cryptography
byshubham Kumar
 
Cryptography
byIGZ Software house
 
Cryptography
byHassan Osama
 
Cryptography - A Brief History
byprasenjeetd
 
Classical Encryption Techniques
byuniversity of education,Lahore
 
Cryptography
byPPT4U
 
Cryptography
byKARNAN L S
 
Lecture 11
byHemin Essa
 
Cryptography.ppt
byUday Meena
 
Cryptography
byNishant Pahad
 
Ch02...1
bynathanurag
 
Cryptography
bySuhepi Saputri
 
Ch03
byssusere796b3
 
Ch02
byssusere796b3
 
Cipher techniques
byMohd Arif
 
Elementary cryptography
byPrachi Gulihar
 
Crypt
byMir Majid
 
Cryptography
byfsl khan
 

Similar to Tales From the Crypt(ography)

PPT
8-encryption.ppt
byDavidOfosuHamilton
 
PDF
Crypto_Artemis Final oooo Presentation.pdf
byferar27708
 
PPTX
cryptography presentation this about how cryptography works
byvimalguptaofficial
 
PPTX
Intro to Cryptography (Futures Friday)
bySean O'Mahoney
 
PDF
CRYPTOLOGY AND INFORMATION SECURITY - PAST, PRESENT, AND FUTURE ROLE IN SOCIETY
byijcisjournal
 
PPTX
Dark Side of the Net Lecture 2 Cryptography
byMarcus Leaning
 
PPTX
Cryptography, Cryptology, Encryption and types
bysowaibakhan3
 
PDF
Classical Encryption Techniques in Cryptography
bygokona3855
 
PPTX
CACT 1.pptx Computational Complexity in Cryptology & Coding Theory
byelvispagekamunanwire
 
PPT
Cryptography and Network Security
bySmt. Indira Gandhi College of Engineering, Navi Mumbai, Mumbai
 
PDF
What is Cryptography?
byPratik Poddar
 
PDF
How Spies Communicate – Mocomi.com
byMocomi Kids
 
PPT
Cryptography and E-Commerce
byHiep Luong
 
PPT
unit 2.ppt
byHetaDesai13
 
PPTX
Cryptography
byChristian Bokhove
 
PPT
UNIT 2.ppt
byManoj
 
PPTX
TOPIC 10 - CRYPTOGRAPHY [REPORTED BY PUSTA].pptx
bysndtcdya
 
PPTX
Cryptography (Revised Edition)
bySomaditya Basak
 
PPT
Classical Encryption
byShafaan Khaliq Bhatti
 
DOCX
Cryptography : The Art of Secured Messaging
bySumit Satam
 
8-encryption.ppt
byDavidOfosuHamilton
 
Crypto_Artemis Final oooo Presentation.pdf
byferar27708
 
cryptography presentation this about how cryptography works
byvimalguptaofficial
 
Intro to Cryptography (Futures Friday)
bySean O'Mahoney
 
CRYPTOLOGY AND INFORMATION SECURITY - PAST, PRESENT, AND FUTURE ROLE IN SOCIETY
byijcisjournal
 
Dark Side of the Net Lecture 2 Cryptography
byMarcus Leaning
 
Cryptography, Cryptology, Encryption and types
bysowaibakhan3
 
Classical Encryption Techniques in Cryptography
bygokona3855
 
CACT 1.pptx Computational Complexity in Cryptology & Coding Theory
byelvispagekamunanwire
 
Cryptography and Network Security
bySmt. Indira Gandhi College of Engineering, Navi Mumbai, Mumbai
 
What is Cryptography?
byPratik Poddar
 
How Spies Communicate – Mocomi.com
byMocomi Kids
 
Cryptography and E-Commerce
byHiep Luong
 
unit 2.ppt
byHetaDesai13
 
Cryptography
byChristian Bokhove
 
UNIT 2.ppt
byManoj
 
TOPIC 10 - CRYPTOGRAPHY [REPORTED BY PUSTA].pptx
bysndtcdya
 
Cryptography (Revised Edition)
bySomaditya Basak
 
Classical Encryption
byShafaan Khaliq Bhatti
 
Cryptography : The Art of Secured Messaging
bySumit Satam
 

Recently uploaded

PDF
Meta (Facebook) Extracts Hundreds of Billions of Wealth from European Citizens
byJulieMeyer42
 
PDF
The Guide on how to pray the rosary and the mysteries.pdf
byGianneCarloIway
 
PDF
Oracle Services Company in Riyadh - Grey Space Computing
byseoconsultantandy
 
PDF
Why Some Online Profiles Cannot Be Found in Search Results
bySocial Searcher
 
PPTX
Quality Assurance in nursing profession pptx
byDr.Anjalatchi Muthukumaran
 
PDF
Enshittification and the Current State of UX/Product
byAndrew Turnbull
 
PPTX
Standards-of-Quality-Improvement-in-Nursing.pptx
byDr.Anjalatchi Muthukumaran
 
PPTX
Universidad Internacional Villanueva Transcripts
bynxv6x4gd42
 
PPT
The Digital Opportunities Taskforce: How to Govern the Internet
byJeffrey Hart
 
Meta (Facebook) Extracts Hundreds of Billions of Wealth from European Citizens
byJulieMeyer42
 
The Guide on how to pray the rosary and the mysteries.pdf
byGianneCarloIway
 
Oracle Services Company in Riyadh - Grey Space Computing
byseoconsultantandy
 
Why Some Online Profiles Cannot Be Found in Search Results
bySocial Searcher
 
Quality Assurance in nursing profession pptx
byDr.Anjalatchi Muthukumaran
 
Enshittification and the Current State of UX/Product
byAndrew Turnbull
 
Standards-of-Quality-Improvement-in-Nursing.pptx
byDr.Anjalatchi Muthukumaran
 
Universidad Internacional Villanueva Transcripts
bynxv6x4gd42
 
The Digital Opportunities Taskforce: How to Govern the Internet
byJeffrey Hart
 

Tales From the Crypt(ography)

  • 1.
  • 2.
    OVERVIEW The purpose ofthis presentation is to give a brief overview of cryptography. Both from a historical perspective, through modern usage. The lesson will have one interactive section, taking possibly close to thirty minutes to complete. Topics covered will include: • Historic crypto systems • Symbols, Symbology, Anti-Language • Scytale • Letter substitution (Caesar Cipher, and ROT13) • Vignère cipher (keyed letter substitituion) • The Enigma Machine and Rotordisk Encryption • One Time Pads (OTP) • Secure, but not secure, thanks • Modern crypto systems • Steganography and Visual Cryptography vs. actual Cryptography • Shared Key Cryptography • Defining A Web of Trust • Cryptowars V1 (the Right to Privacy) • PGP/GPG • Cryptowars V2 (Post 9/11 Politics) • Cryptanalysis: A Very Brief Overview • Physical Attacks • Letter Frequency • Cribs • Statistical Analysis • Activity: Getting Started With Cryptography and Defining a Web of Trust
  • 3.
    HISTORIC CRYPTO SYSTEMS Cryptographyand Cryptanalysis—its sister study—are extremely old disciplines. While the first known use of cryptography is recorded in Egypt c. 1900 BCE. Where non-standard hieroglyphs were used, apparently playfully, to obscure the meaning of the text for literate readers. Other factors also came into play with hieroglyphs, primarily that the direction the animals were facing in the writing determined the direction the text was to be read. The oldest commercial use dates to near 1500 BCE, where a craftsman wrote down his recipe for pottery glaze in a cipher text. Even later Hebrew scholars used letter substitution around 500 to 600 BCE. Asian writing, particularly Chinese writing systems have an easier time encoding their data due to their inherent complexity. In China (as an example) the direction to read/write depended on the class of the writer, the class of the recipient, the era the writing was made, and various other factors. Arabic based texts are similar in that the texts themselves omit vowel sounds. This means that translation efforts rely heavily on verbal knowledge, as well as contextual based clues. While not deliberately being a cryptographic system the goal was obviously to obscure content to limit its understanding. Essentially the same goal as cryptography.
  • 4.
    SYMBOLS, SYMBOLISM, ANTI-LANGUAGE •Similar to the hieroglyphic methods of encoding language. Groups may tend to use symbols to hide meanings and definitions, effectively creating a cipher for those that don’t know what a symbol means, as opposed to those who do. • Examples of this are: Hobosigns War Chalking Tagging (Anti- Fa sign from Greece) • Other examples, of codified language are cryptolects: argots, or “anti-languages” such as Thieves’ Cant, Rhyming Slang, Jive. • Urban Dictionary – useful reference for modern cryptolects, may be slightly off due to crowdsourcing and locale. • Disinformation – language is hard to prove/disprove due to it’s constantly fluid state. This also allows for bad translations/disinformation of anti-language to be leveraged to discount a given meaning. Etymology (n): The origin and historical development of a linguistic form as determined by its basic elements, earliest known use, and changes in form and meaning.
  • 5.
    SCYTALE • The Scytalewas an early form of physical encryption. Roman military leaders and their subordinates were dispatched with octagonal sticks. When a message needed to be dispatched a piece of leather would be wrapped around the stick, and the message written on the leather. After unwrapping the leather the message was scrambled. Only a recipient with a similarly sized stick could decode the message (in theory).
  • 6.
    LETTER SUBSTITUTION ORCAESAR CIPHER • Simple letter substitution ciphers rely on swapping parts of the alphabet in a 1:1 relationship. Decoding these ciphers is as simple as reversing the swap. • The principle is to map one letter to another letter. A wide spread example of this is the ROT13 algorithm, which maps the first 13 characters of the alphabet to the last 13 characters. As such the clear text “Hello” would be translated to “Uryyb” • Another example, called a pigpen cipher, works at breaking up the alphabet into “pens” and swapping out parts of the pen for the location of the letters. • A similar scheme to letter substitution is the transposition cipher, which relies on rearranging the plain text in a complex manner, but not actually changing the text itself.
  • 7.
    VIGNÈRE CIPHER • TheVignère Cipher is a form of polyalphabetic substitution cipher that combines both a key and multiple scrambled alphabets (that is multiple Caesar ciphers with different offsets). It was one of the strongest early forms of encryption developed without the aid of a computer. • To process a Vignère Cipher a table of alphabets (called a tabula recta) was laid out (as pictured to the right), and a key phrase was generated along with the clear text. • The key phrase was then repeated until it matched the clear text in length. For example: “San Dimas High school Football rules” with a key of “Whoa” would appear similar to: sandimashighschoolfootballrules whoawhoawhoawhoawhoawhoawhoawho • By using the letters in the key (here four letters w, h, o, a) the corresponding row in the table is matched with the column determined by the clear text. That is (in our example): w + s = o Full cipher text is: h + a = h -------------------- o + n = b ohbdetosdpuhojvokstokapahsfuhlg a + d = d • Before the algorithm for the Vignère cipher was figured out, attacking the cipher was difficult as it helped to obscure commonly seen letter frequencies. This was a time consuming process to handle by hand and reversing it was equally difficult. With today’s technologies there’s multiple websites that can reverse a Vignère and give you the key in seconds.
  • 8.
    THE ENIGMA ANDROTOR DISK ENCRYPTION• Letter substitution took a turn shortly before WWII with the inception of Rotordisk Encryption. This was most famously seen in the German Enigma machine. • Rotordisk encryption works by having a series of mechanical disks (three in the case of the Enigma) that would be set to a certain pre-defined key. Clear text messages could then be typed in on a keyboard. The mechanical action of the keyboard would turn the rotors—at least the right, but often all of them—to change the path of an electrical current which would illuminate letters in an output board, these were noted down and after encoding were radioed out using Morse Code. This allowed a multiple-offset substitutional cipher. • Decryption could be handled by setting the rotors to match the initial key, and entering the coded message on the keyboard, recreating the original operator’s steps. This allowed the electricity to flow back through the enigma on the same pathways and would illuminate the clear text light. • It was discovered that an additional layer of security could be added through the addition of a plug board. This allows pairs of letters to be swapped both before and after encoding. • Initial attempts at cryptanalysis by Polish mathematicians proved successful, and the information was shared with the Allies. Combined with poor operating practices on the part of the Enigma operators, and recovered information (codebooks, machines, and other intelligence). As well as the development of the Bombe (named after the Polish Bomba) by Alan Turing and his team at Bletchley park. The Enigma was eventually broken. Similar units to the Bombe were also developed by the US Army and US Navy but were engineered differently. This all helped to turn the tide of the war in the Allies’ favor. Enigma photo By Alessandro Nassiri - Museo della Scienza e della Tecnologia "Leonardo da Vinci", CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=47910919
  • 9.
    ONE-TIME PADS • Intendedto be used once and then disposed • Multiple pads required to send messages • Both sender and received must: • have copies of the same pad • must maintain sequencing • Must not stray off established formula • Not as cryptographically secure as one would think • Pseudorandom number generation vs. true random number generation • The Cryptonomicon
  • 10.
    MODERN CRYPTOSYSTEMS • Computershave changed the game • Telecommunications • Politics • Software • Hardware • Social Media & Steganography • REALLY BIG NUMBERS • Quantum computing • The heat death of the Universe
  • 11.
    CRYPTO WARS V1(THE RIGHT TO PRIVACY) “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” – Article IV, United States Bill of Rights • Computer Fraud and Abuse Act (CFAA) – 1985 meets 1984 (https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act) • The Clipper Chip (https://en.wikipedia.org/wiki/Clipper_chip) • Military Grade Encryption Classified Technology – RSA Two-factor Encryption Illegal to export without munitions license (letters are now bullets)
  • 12.
    SHARED KEY ANDPUBLIC KEY CRYPTOGRAPHY • Software • Private Key • Public Key • Web of Trust
  • 13.
    PRETTY GOOD PRIVACY(PGP), OPENPGP, GPG • First released in 1991 for free (thanks Internet!) • Developed as a human rights tool by Philip R. Zimmerman • Three year criminal investigation (thanks legal gray area of the Internet!) • Offered military grade encryption for the public • Based around Diffie-Hellman, AES, and RSA, also offered Two-Fish • RedPhone – telephone port of PGP that used a modem • OpenPGP • Created in July 1997 by PGP in concert with IETF, based around concerns that RSA was legally menacing • GPG – FOSS port of PGP, compliance with OpenPGP. PGP is Closed Source and now owned by Symantec
  • 14.
    STEGANOGRAPHY AND VISUAL CRYPTOGRAPHYVS. ACTUAL CRYPTOGRAPHY • What is Steganography? A process of encoding plaintext information into an existing noise stream. Particularly used with graphic images due to their high noise tolerance. Due how the human eye perceives color, it’s easier to hide a very small amount of text in the large color pallet of an image while causing minimal distortion of the image. (https://en.wikipedia.org/wiki/Steganography) • What is Visual Cryptography? Similar to Steganography and Watermarking, but using some elements of shared-key cryptography. Visual cryptography hides half of a public-private key pair inside another image. When the image is shared the message goes with it, and the recipient (holding half of the key pair) can find the apparent noise in the image, compare it with their key and receive a visual confirmation that the image belongs to the other user. Particularly useful for DRM, and copyright protection. (https://en.wikipedia.org/wiki/Visual_cryptography) • How do they differ from ‘actual’ cryptography? Steganography, and Visual Cryptography rely on hiding a message in existing noise. That is, by breaking the message up and slipping it into an existing image, text, or digital source the information can be obfuscated far enough to be difficult to detect by those not in the Web of Trust. Cryptography instead generates random noise using a key, algorithm, and plaintext in combination. A frequent user of Steganography is ISIS who use it to communicate in plain sight via Reddit, eBay, and other image sharing sites. (http://www.independent.co.uk/news/world/middle-east/isis-and-al-qaeda-sending-coded-messages-through-ebay-pornography-and- reddit-10081123.html)
  • 15.
    CRYPTO WARS V2(POST 9/11 POLITICS) “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” – Benjamin Franklin • Steady Erosion of Privacy Rights (not to mention other rights) • Ubiquity of high-level encryption vs. criminals’ ability to crime • One man’s freedom fighter… • TOR, i2p, Freenet, and tools of political dissent • The “Darknet” • NSA monitoring • Facebook, Gmail, and Social Media • Smartphones, and 1984 (Orwell didn’t expect us to buy the cameras.) Footnote video (iPhone):
  • 16.
    ON PGPDISK, TRUECRYPTAND ON-DISK (OTFE) ENCRYPTION • On disk encryption uses a cryptographic format to mask the contents of hard drives (see CGP Grey Footnote video) • Previous encryption standards: • PGPDisk (still actively developed, no longer free, closed source) • TrueCrypt (FOSS, no longer actively developed, closed up and killed the canary) • BitLocker (closed source, bundled with Windows, strongly suspected of being back-doored)
  • 17.
    CRYPTANALYSIS • Physical attacks– good for physically guarded systems, such as Scytales, and physical locks. • Letter and Frequency Analysis • Cribs