Cryptography

The History and Mathematics of Codes and Code Breaking

Author: mackense

Figuring Out Location Services

Currently, I am still very early in the process for writing my practical cryptography paper. I am starting to realize the amount of effort the paper will  take, which gives me a sense of urgency to really get underway. So far, I have really enjoyed thinking about the ways that I will be able to relate the ideas in my paper to other college students' lives. Location services is an interesting topic because it is very prevalent right now. People in the United States are becoming wary of the control that government can have in their lives. Therefore, it is possible that people will want to take steps in order to protect their location. The difficult question that I will have to deal with is why people will want to take these steps.

 

If a mother and father wish to take a family trip to New York and take pictures of their kids in front of the Statue of Liberty, they will want to post a geotag to show off their family vacation to an awesome city. However, they are much less likely to want a geotag if they are taking pictures of their kids inside of their home. This is just one side to location services. I am still early in the writing process and there is much to learn about why location services should be concerning to the average college student.

Safer From Government With Privacy

In the newer technological age, cryptography is becoming more and more relevant in everyday life. Unfortunately, there is a down side to this increase in technology and encryption. Encryption helps to protect the interests and communications of criminals and terrorism. The goal is to allow the public to enjoy these cryptographic advances with out letting criminals take advantage of them. Unfortunately, this is very difficult and therefore, some people think that the US government should be given wide latitude to use electronic surveillance in the interests of national security, even if this sacrifices some privacy. In reality, the national government will overstep its bounds and take advantage of its surveillance if it has the opportunity.

Photo credit: 'Privacy' by Sean MacEntee. Flickr. Creative Commons.

Photo credit: 'Privacy' by Sean MacEntee. Flickr. Creative Commons.

Singh puts forth the example of wiretapping and the negative consequences of it in the 1960’s. Martin Luther King Jr. was wiretapped and recorded telling bawdy stories. These stories were then played in front of President Johnson and organizations that were debating supporting him. Other stories included President Kennedy wiretapping senators with the concern that they were being bribed. Although it was later determined that the senators were not being bribed, Kennedy was provided with valuable political information to win the bill. Not only does this prove that recording private conversations, whether its over the phone or via the internet, is unethical, it also shows that there is no moral way to trust a government with this power.

German Confidence Proves Costly

After early domination of the seas by German U-boats, Bletchley desperately needed to end the intelligence blackout. Through a series of dangerous raids on German U-boats, a German Naval codebook was captured, thus making the Naval Enigma transparent. Finally, Ally convoys could evade the deadly German vessels and British destroyers could

"German U-boat" Photo Credit: Joe Neary via Flickr

Photo Credit: "German U-boat" by Joe Neary via Flickr

go on the offensive. The Allied powers went to great lengths to not raise suspicion in Germany that their sacred Enigma machine was compromised. Fortunately for Bletchley, Germans were far too confident in the strength of their encryptions.

Although the Allies were now aware of the locations of numerous U-boats, they had to be careful not to attack all of them because this would warn Germans that they could no longer trust their communications. Therefore, they were careful to prudently attack and never risk destroying too many enemy ships at once. In one case, Bletchley became aware of a numerous amount of German tankers and decided to sink most of them, but not all as to not raise suspicion. The British destroyers successfully sank the ones they were supposed to, but then spotted the remaining German supply ships and sunk those as well because they did not know about this situation. Fortunately for the Allies, when the Germans realized about their lost ships, they thought of it as a misfortune because their Enigma was unbreakable. If the Germans had had less confidence in their encryptions, it is possible that they could have stopped the amount of information they were feeding the Allies, or even have used it against them.

Watch Out for the Middleman

The section of the book that most caught my attention can be found at the beginning of Chapter 10. Marcus is in the early stages of setting up the Xnet and is beginning to realize that his heavily encrypted system is most likely already infiltrated by members of Homeland Security. He asks himself what the right course of action would be and makes clear his intentions of feeding the false information to both sides in what he calls a "man-in-the-middle attack". The process of steaming open letters is described and Marcus uses the metaphor of being a fat spider in the middle of communication to cause as much havoc as possible.

I find the idea of "man-in-the-middle attack" very interesting and it is something we have discussed a few times in our cryptography course. A prime example of this attack can be found in Singh chapter one when Mary Queen of Scots is imprisoned but still sends out instructions to attack Queen Elizabeth with weak encoding methods. Cryptanalysts were able to intercept Mary Queen of Scots's letters, thus allowing her to be incriminated and manipulated by Queen Elizabeth's men. Marcus's solution to the problem of a "man-in-the-middle attack" is crypto of course. He describes a confusing method of encryption involving a double key which creates a double enciphering. I, however, was more interested in Marcus's form of attack rather than his double key form of defense.

Not Your Average Monoalphabetic Cipher

The Great Cipher used by Louis XIV remained unbroken for 200 years.  What were the factors that led to such a secure cipher?

The father-son team of Antoine and Bonaventure Rossignol invented The Great Cipher while working closely with Louis XIV as his cryptanalysts. Initially, they were mainly code breakers, but their skill gave them the idea to create a much stronger way to encrypt messages. This idea turned into the Great Cipher. This cipher was very useful for the French and no enemy cryptanalysts were able to crack it. Unfortunately, the Rossignols's death also meant that the Great Cipher's secrets were lost and any archives encoded using it could no longer be read. Although this was inconvenient for the French, the real struggle would be experienced by future generations of code breakers. Eventually letters encrypted by the Great Cipher were passed on to Étienne Bazeries who worked tirelessly to decipher the letters. The high security of the cipher made it nearly impossible to decode.

The first factor that led to this secure cipher was the amount of characters included. 587 different characters immediately made it clear that the it was not a substitution cipher and later, Étienne also discovered it was not a homophonic cipher (a cipher that replaces letters with a proportional number of symbols to how often that letter is used). Later he would also try to decipher it as a digraph (one number represents a pair of letters), but this also was not correct. The grunt work that decoding the Great Cipher must have required is astonishing because the text says each idea could take Étienne multiple months to prove wrong. Eventually, Étienne was struck with the idea that each number represented a whole syllable. After tirelessly working on this idea, he was able to decode 124-22-125-46-345 as meaning "les ennemis". This crucial breakthrough led to Étienne's eventual success despite variations in the cipher and traps laid by the Rossignols. This elaborate cipher truly deserved its name as "The Great Cipher".

Don't be a Cyber Idiot

For this blog assignment, I have decided to respond to the article discovered by Nate called “The 5 biggest online privacy threats of 2013”. This article is based around protecting online users from privacy threats. Based off this reading, the number one way for college students to protect themselves is by limiting the amount of personal data they post on the Internet. Understanding this is vital to having a safe four years in college and for protecting their future. The article says “you love how easy it is to grab data from the cloud – and so do law enforcement agencies” (Riofrio, 2014). I find this especially interesting because of the recent iCloud hackings. Riofrio said to protect yourself from posting personal things into the cloud because there are definitely “privacy loopholes”. Jennifer Lawrence and multiple other celebrities should have heeded her warning. She also says that the increase in law-enforcement agencies’ requests of cloud-based data is increasing at an alarming rate. Although this article was written in 2013, I think it is a safe assumption to say the same is true this year.

Another risk that is common, and I would guess even more common in college students, is checking into locations on FB or dropping pins that are very trackable. Riofrio says that it is easy for the government to obtain location data and that the laws protecting mobile service users are “not horribly stringent”. Personally, I have location services turned off to avoid giving away location data and I refrain myself from checking into places on Facebook or other social medias. I suggest other students do the same. Riofrio discusses other alarming ideas in her article including tags on Facebook leading to tracking of people and the government misinterpreting security threats. Although there are many different strategies for online protection, in my opinion, the best one is just to be smart and limit the amount of personal data on the Internet.

Securing Codes

As I read the first chapter of The Code Book by Simon Singh, I found that the ways to protect yourself while making encryptions is what resonated with me most deeply. Obviously, Mary Queen of Scots was not able to cover her tracks and was executed for her participation in a conspiracy that would try to kill Queen Elizabeth. Before taking Cryptography, I had always assumed that encryptions and codes were secure regardless of the strength of the enemy. Now I realize that one had better make sure that they either have a strong communication system or a strong encoding system. However, there are many more things that a code maker can do to protect themselves.
In my opinion, the largest mistake Mary Queen of Scots made was not changing her codes between her and her conspirators. Although changing the key of their encryptions would be a more thorough cover, changing the cipher can be done often and will deter the efforts of any hackers. Simply by putting a number in the text of an encoded message, the receiver would know to shift the numbers in the text to change the message. There are simpler ways to enhance an encryption as well. This could involve intentionally misspelling words to make the message more difficult to decode, but remain legible for the recipient. These changes enhance an encryption and help to protect the sender. There are many more truths I hope to discover in Cryptography.

Powered by WordPress & Theme by Anders Norén