Cryptography

The History and Mathematics of Codes and Code Breaking

Category: Practical Cryptography

The Process of Writing

Writing my practical cryptography paper requires a lot of time and effort. Firstly and most importantly, I have found all of the sources I need in writing this paper. This took a great amount of time to find the perfect articles on the internet to address my topic, phishing. After finding and printing out all of my sources, I then needed to figure out how to organize this paper from beginning to end. In addition, it is imperative that I organize this paper without the classic "slow wind-up" and make it interesting for the audience.

I have made good progress so far in this paper with about one-third of the word count left to go. I need to continue improving my introduction and conclusion and expand my body paragraphs to increase the word count. By far the most challenging part of completing this paper is getting to the word count. It is difficult to write a large amount about this topic without feeling like I am just rambling or repeating. Perhaps I need to add another source or two to my paper. It has been enjoyable to learn all about phishing and its impact on our society. I have enjoyed becoming familiar with the topic as a whole and even learned new steps and measures I should take to avoid being "phished".

Practical Cryptography - Rubric

Here's a nearly final version of the rubric I'll use to grade your practical cryptography papers: Paper #3 Rubric [PDF]. I say "nearly" because I reserve the right to tweak the rubric once I start grading your papers. This version should, however, give you a good sense of what I'm looking for in these final papers. If you have any questions about the rubric, please feel free to ask.

As a reminder, here's what I said about your final paper in the syllabus. All of this is still relevant to the assignment.

For your final assignment, you will contribute a chapter to an online guide to practical cryptography written by our class.  Each chapter will focus on one way that cryptography is (or could be) relevant to the digital life of a college student in 2014.  You might address one of the ways that cryptography is embedded in the computer systems we already use (e.g. how credit card information is encrypted by websites) or explain how to better protect one’s online privacy by adopting new practices (e.g. sending and receiving encrypted emails).  Your chapter will have an expository component, in which you explain cryptographic and/or mathematical processes in ways a fellow student can understand, and an argumentative component, in which you make the case for why a fellow student should care about the topic you’ve chosen.

Your chapter should be between 2500 and 3000 words in length, and it will be graded on the strength and clarity of your arguments as well as the effectiveness of your technical explanations.

Lesson Learned about Keeping Secrets

Just before Thanksgiving break, I asked you to spend some time reflecting on lessons you've learned this semester about keeping secrets, given all the examples of cryptography and cryptanalysis we've seen this fall. Here's what you came up with:

Lesson Learned (Part 1)Lesson Learned (Part 2)(Click on a photo to see a larger version.)

Here's the same list, without all the nonlinear connections:

  • You can't keep secrets forever.
  • Someone will break your cipher.
  • You don't know how clever the enemy is.
  • Change ciphers frequently.
  • One of your allies will screw up / betray you.
  • Minimize errors through simple systems.
  • Keep your circle of allies small. (Trust no one few.)
  • Persistence / computing power will defeat you.
  • Assume the worst. Double check.
  • Use discretion in your plaintext.
  • Kerckhoff's Principle: The strength of your system shouldn't depend on keeping its mechanics secret.
  • Schneier's Principle: Use a system lots of people have tried to break.
  • Prioritize your secrets. Which secrets? From whom?
  • Minimize ciphertext.

Be sure to draw on these lessons learned in your final papers on practical cryptography!

Practical Cryptography - Brainstorming Notes

From last week's brainstorming sessions for the Practical Cryptography class project...

What topics might we include in this guide? What do you want to learn about? What might your fellow students be interested in learning? What should they know about cryptography?

  • Deep Web and privacy
  • University censorship
  • Online shopping security
  • Phishing: VUIT, sports
  • School tech policies
  • Take advantage of / not get taken advantage of
  • University data mining
  • Online / cell phone tracking
  • Twitter hacking

What tools might we use to produce this guide? Diigo, WordPress, Twitter, others? Consider both production and distribution phases.

  • Twitter: for publicity, mention @vanderbiltu
  • WordPress: Dedicated site and URL
  • Diigo: topic ideas, shared references

Related: How should we tell Vanderbilt students about the guide? How can we get the word out, either during or after production?

  • Twitter
  • Pyramid scheme
  • Some kind of event re: 1 or more topics
  • Email all students?
  • Tree posters with QR codes
  • Commons email
  • VU Facebook / VU News
  • Hustler

What timetable should we follow to produce this guide? Notable dates: 11/24-28 is Thanksgiving Break. 12/3 is the last day of classes. 12/6 is the date of our “final exam.”

  • Topics by Monday, November 17th
  • Spring: (more) publicity

How might we use class time productively over the next few weeks?

  • Discuss / brainstorm topics
    Writing days (e.g. “Can you read this?”)

You're writing a guide to practical cryptography. Let's hear some possible chapter titles.

A torr way of life
The Cloud is Leaking
Cryptography!
The Darkness of the Deep Web
Protect yourself
How to be nowhere
Is your password strong enough?
How to wear an invisibility cloak online
What does the government know about you?
How secure are your passwords?
Hacking into Emails 101
Rebooting Your iPhone Just Might Save you Jail Time
Navigating the Dark Web
Censorship: What you can and can't say on campus
Hacking Emails 102
RSA: How does it really work?
How To Be Nowhere: Avoiding Government Tracking
Who's watching you?
Leave No Trace: Avoid Being Tracked
Instead of "The Cloud is Leaking," why not say "raining"?
Don't Lose Your Life Savings Trying to Get a Discount: Staying Safe When Shopping Online
Cookies are not to eat
hi
Don't Take the Bait: Preventing Phishing Attacks
Cookies are not all bad.
Cookies are not to eat.
Thinking a cookie is chocolate chip when it's actually oatmeal raisin leads to sadness
Phishing: trying to get any type of personal information about someone over the internet by pretending to be a reliable source
Axciom: The Next Frontier of Privacy Invasion
XKeyscore: The previous frontier of privacy invasion
Canadian Netflix Has Downton Abbey: A Beginner's Guide to Using Proxy Servers
Avoiding Online Price Discrimination: Trash your Cookies
1 Comment

Powered by WordPress & Theme by Anders Norén