Cryptography

The History and Mathematics of Codes and Code Breaking

Author: Jerry

Expecting Privacy When Posting Publicly

In chapter 2 of It's Complicated, danah boyd discusses the propensity of youths to share information publicly, despite their insistence on maintaining their privacy. Youths post on public forums with the intention of communicating with their friends and peers, but don't like it when their parents or teachers monitor them by creating their own accounts. Recounting an experience with a youth, boyd writes, "Although many adults believe that they have the right to consume any teen content that is functionally accessible, many teens disagree. [Chantelle] continued on to make it clear that she had nothing to hide while also reiterating the feeling that snooping teachers violated her sense of privacy."

On one hand, Chantelle's argument is completely reasonable. She's arguing for the right to privacy, not because she wants to hide information but because she wants communications intended to be private to remain that way. In this case, the "snooping teacher" takes on a similar role to the federal government, where both surveil people who just want private matters to remain private.

On the other hand, all of the cases discussed in the chapter involve posting on public forums, with the operative word being "public". With all the private mediums that youths could choose from, they chose to post publicly, which raises the question of whether people deserve privacy when posting publicly. I'm not sure what the options were in 2014 when boyd published It's Complicated, but now there are plenty of apps and messaging services to choose from that don't allow unwanted access. By choosing to post publicly, one essentially forfeits the expectation of privacy.

The Current Role of the Internet

In the beginning of chapter 7, Singh makes several predictions about the future roles of the Internet, many of which are true now. It's definitely true that the Internet has become a significant, if not the most popular medium for exchange, with a massive volume of transactions nowadays taking place solely online. Email has indeed become more popular than conventional mail, and online tax declarations do exist, but for the most part voting still occurs at physical locations. However, Singh's claim that information is the most valuable commodity is the truest and most significant of his claims. Now, a surprising (and scary) amount of information about nearly every individual can be found online, and it doesn't even take that much digging to find it. If you really wanted to, you could easily search through Facebook's repositories of all your information that they collect (and sell!). Digital information has become extremely valuable to advertising companies, because they're willing to pay a lot of money to determine the best way to sell you stuff.

Going along those lines, the elevation of the importance of cryptography is mainly due to the negative consequences of others getting a hold of your information. The most obvious bad example is when identity thefts use your information for malicious reasons, but other concerns include government surveillance and targeted advertising. It's pretty clear why you wouldn't want the government to surveil you, and encryption can help you get around that. It's less clear why targeted advertising is bad, but the reason they can deliver ads tailored to your interests is because they've done extensive research on your browsing history to figure out what you might be interested in, and have probably paid other websites for their data too. While this may not seem terrible, it should be unsettling to everyone that an extensive online profile has been compiled on pretty much everyone who uses the Internet.

A Killer Podcast

The part of the podcast I found most interesting was when Kelsey talked about Corey Starliper and how he supposedly decrypted the Z340 cipher. Before, I had thought that the Zodiac codes were almost all unbroken, and that the identity of the killer was completely unknown. However, if Starliper's decryption of the Z340 cipher is correct, that means there's a very solid lead on the Zodiac killer's identity. Whether or not it's actually Leigh Allen is up to debate, as it could have been intended to misdirect investigators, but it sheds more light on the mystery of the killer. Since I had previously thought that none of the decrypted codes yielded any useful information, this part of the podcast really stood out for me.

In the podcast, the producer introduced several technical concepts like cribs, frequency analysis, and substitution ciphers, while talking about the Zodiac killer. When the concepts were first brought up, she would add in a little side note explaining exactly what the term meant as well as how it applied in the context of whatever she was talking about. For example, when the concept of cribs came up, Kelsey gave the definition of a crib, and then connected it back to how the crib "KILL" was used to crack Z408 by Donald and Bettye Harden. Additionally, she refrained from using overly complex language that would push away listeners with less knowledge of cryptography and cryptographical history.

Thoughts on the Assault on Intelligence

I went into the lecture thinking that General Hayden was going to talk for the most part about the privacy vs security debate that we had been discussing in class, but instead it seemed like he talked about politics for the most part. I admit that I didn't understand most of what he, the Chancellor, and Professor Meacham discussed, and what little I did understand I had to look up certain terms to keep on the same page.

Over the course of the lecture, Gen. Hayden made many references to Jeffersonian and Jacksonian concepts of democracy in the context of the attitudes of recent presidents towards public policy. It wasn't until I looked it up that I realized that Jeffersonians, which he categorized Obama as, value a decentralized government with Congress and the educated elite having more say in governing. On the other hand, Jacksonians, which he categorized Trump as, value a stronger executive branch and believe that the common people should rule the country. He listed examples of how Trump's brash and unsupported actions contribute to his power independent from Congress and how he appealed to the common people by promising to give factory jobs back to the industrial workers, which all contribute to the idea of a Jacksonian Trump.

Another point that Gen. Hayden brought up was that social media is very susceptible to fake news. In our post truth world, he stated that decision making has started to become less based on fact than feelings. This is mostly due to the huge influx of information and news that we are now receiving, as it's both less curated and more susceptible to faking. In order to process everything, we take less time to think about what we're reading and instead base our opinions on how we react emotionally. We naturally gravitate towards news that agree with our preconceived biases and make us feel good, which is addictive and makes us gravitate more and more towards those news sources, and eventually echo chambers are formed. As a result, it becomes hard to differentiate good news sources from ones that tell us what we want to believe, which is dangerous if we want to keep our free thought.

Ethics and the Zimmermann Telegram

When Reverend Montgomery and Nigel de Gray broke part of the Zimmermann telegram and realized that German U-boats were about to unleash unrestricted warfare on civilian ships, they handed the telegram to Admiral Hall expecting him to pass it on the the Americans. Instead, Hall decided to keep the telegram secret and chose not to warn the Americans. As a result, when the Germans launched their attack, two ships were sunk, which could have been prevented had Hall sent the telegram. In addition, since the message had been completely deciphered at this time, Hall's excuse of not wanting to send an incomplete message was no longer valid, and he did it for the sole reason of not wanting the Germans to know that their code was broken.

To consider whether this action was ethical or not, we can only consider the hypothetical outcome of the Germans finding out about the broken code and making their codes more secure. The benefit of this is that the two ships wouldn't have been sunk. However, if the Germans had found a revolutionary encryption as a result of the broken code, it could potentially have cost many more lives while the Allies tried to decrypt messages. If the Germans had invented the Enigma machine in the first world war instead of the second, the Allies might not have broken the code in time to prevent Germany from winning, though the Enigma machine would most likely not have been as effective during WWII. In the case of all hypotheticals, however, it's impossible to tell what could have happened and compare the costs and benefits to what did happen based on severity of consequences and probability of occurrence. We can only think about what might have happened with either relief or hope.

The Balance Between Privacy and Security

On the whiteboard, there are several phrases that are indicative of opinions that side with either privacy or security. Most notably, there is a quote from Benjamin Franklin that reads "those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." In this quote, Franklin seems to express a pro-privacy viewpoint, and is saying that people who give up the essential right to liberty and just blindly go along with any policy that takes away privacy in the name of security should have neither privacy nor security. There are also other snippets that express pro-privacy viewpoints, such as "don't take our freedom away" and what seems like "...fear of freedom being taken advantage of."

On the other hand, some phrases supported a pro-security argument. "As much as necessary to feel safe" suggests that the writer is willing to give up all of their privacy if it meant adequate security, which is similar to the view that Marcus's dad holds in Little Brother. Another quote that stuck out was "we have nothing to hide," which is a major argument that pro-security activists use. If we have nothing to hide, then theoretically we shouldn't fear surveillance, but who'd want surveillance watching our every move, even if the actions are completely normal?

Another thing I noticed about the whiteboard is that for the most part, people used it as a medium for expressions that had nothing to do with the topic at hand. Many people just wrote their name or their Snapchats, or the numerous generic quotes about love, hate, and life. On an unmoderated forum, it's in human nature to say whatever they want as long as they know that they will remain anonymous. It also shows that a lot of people simply don't really care about the whole privacy vs. security debate, and would rather write something completely irrelevant to the question than express their opinion on the topic.

The Allure of an Undecipherable Cipher

The Beale Ciphers, despite the attempts of hundreds if not thousands of cryptanalysts, have never been broken before, and might never be broken in the future. Two of the three pages that Beale left behind are still shrouded in complete mystery, and likely will remain a mystery unless someone manages to find the key that Beale used to encode the ciphers. In all likelihood, all the cryptanalysts working on the cipher are wasting their time while hoping for an outcome that will never come. So why are so many people so interested in cracking the Beale Cipher?

The first and most obvious, though perhaps not the primary answer is the promise of wealth. Allegedly, the rest of the Beale Ciphers will lead the one who cracks the code to the treasure trove that Beale hid somewhere within 4 miles of Buford's Tavern. This was the primary motivation of the cryptanalysts during and immediately after Beale's time, because everyone wanted to be the first to solve it and get Beale's fortune. However, as time went on, hope of getting the money slowly faded, but people still actively try to crack the Beale Cipher. For them, the pursuit of fame, glory, and the unknown is enough to keep them going. Being the first person to solve a 200 year old, perviously unbreakable cipher would certainly be neat, even if the papers didn't actually lead to a $20 million grand prize. Their name would go down in history along with Babbage, Kasinki, and Bazeries as the people who finally cracked ciphers that completely baffled everyone else. It's a similar story with the Zodiac letters. Two of the letters have been decoded, but the remaining two are still completely undecipherable. Despite the many failed attempts by amateurs and professionals alike, many people still actively try to solve both ciphers, though not as much for practical purposes as for the thrill of the hunt.

Privacy or Terrorists?

One passage in Little Brother that I found particularly interesting was a line said by Drew Yallow, Marcus's father, while they were arguing about the effectiveness of the DHS budget increase. In response to Marcus claiming that the DHS investigations were a breach of privacy, Drew asks, "What's the big deal? Would you rather have privacy or terrorists?" (118) Ignoring the logical error (I'd much rather have privacy and not terrorists, thanks) and assuming that he meant to ask "no privacy or terrorists", this line caught my attention because it seems to perfectly encapsulate the central theme of the novel, and of the security debate in general. From the perspective of the government, the need for security vastly outweighs the need for privacy, which made it easy to justify the decision to take away all individual rights pertaining to privacy. However, from the perspective of the Xnetters, privacy is a right that should not be violated, even in the name of national security, so they found ways to circumvent the constant surveillance through internet encryption and secret meetings.

Personally, I stand somewhere on the spectrum between the views of the DHS and the Xnetters. I would be very opposed to the amount of surveillance the government in Little Brother imposed on its people, but I'm also not completely opposed to a certain extent of surveillance as long as it stays within reasonable bounds. I believe that governments and other administrations should be allowed to surveil certain networks, such as school-provided wifi, and public areas, but any privately owned property and private areas such as bathrooms should be off-limits unless there is probably cause. To answer Drew's questions, I'd much rather have no terrorists, but not if it costs all of my privacy.

Should We Mine Students' Data?

In his essay entitled "Mining Student Data Could Save Lives", Michael Morris argues that schools should surveil the online activities of their students in order to  predict and prevent acts of violence before they occur. Because all network traffic goes through the school's systems, the IT department in a school can monitor the online behavior of any student, which certainly has the potential to help administrators watch for behavior indicative of intent to act, as well as identify at-risk individuals who managed to fly under the radar before. Morris argues that despite the intrusion of privacy, the monitoring system should be implemented because of its potential to prevent crime. Furthermore, he justifies the lack of privacy by arguing that individuals willingly give up personal information on social media and that companies already collect data for marketing purposes.

Although I do agree with the premise of doing whatever possible to save lives, I don't agree with the blanket surveillance that Morris seeming to be advocating for. Ignoring the violations of privacy, I don't believe that looking for patterns in online behavior is an efficient method of determining risk. There are bound to be many false positives from students who don't actually pose any risk that would waste the school's resources while they investigate, or worse, students who have malicious intent but don't exhibit any observable patterns online would completely fly under the radar. In a similar situation, the Patriot Act was passed after 9/11 which allowed public surveillance with the goal to prevent acts of terrorism. However, out of all of the criminal referrals that resulted from investigations, none of them were for terrorism. Acts of terror obviously still occur in the country despite the FBI's resources, which leads me to question the effectiveness if implemented by a school system. I believe that a more effective method would be targeted investigations of online behavior based on tips from people, which would allow schools to focus their resources in a more efficient manner.

Different Applications of Cryptography Over Time

The only records we have of cryptography used in the past come from people with the resources and technical skills to encrypt and decrypt messages, whether they were World War II spies, Arab scholars, or Greek military leaders. Although not all of the encryption methods mentioned by Singh in Chapter 1 required exceptional resources (the Spartan scytale method used only a staff and parchment), they all required an understanding of the concept of encryption, which was a largely unused technique prior to the development of each cultures' breakthrough cryptography methods. Additionally, it's a reasonable assumption that cryptographers would have wanted to keep their methods secret from the general public, as knowledge of the code would have weakened the encryption. Therefore, I believe that the reason so few records of cryptography exist outside of well-resourced people is because they closely guarded the secrets to their specific codes after development, which, once revealed, often turned out to be simple and did not require exceptional resources.

However, this only applies to encryption and the building of ciphers. The techniques the Arabs developed for the decryption of substitution ciphers required extensive knowledge on linguistics and math, as frequency analysis only works if the cryptanalyst is familiar with the mechanics of a language.

Over time, techniques for encryption and decryption have been constantly improved in an arms race to create more secure codes and ways to break them. Nowadays, the most secure encryptions are created using supercomputers and unique encryption keys, which arguably requires more exceptional resources than simply deciding on a certain substitution cipher. However, the most significant difference between cryptography now and then is that very secure encryption is available to the general public, while people in the past who weren't involved in the encryption and decryption process had very limited access to effective cryptography. Although only the developers of specific encryptions know the specific mechanics, they are made available for anyone to use.

 

Powered by WordPress & Theme by Anders Norén