Practical Cryptography - Resources

As I mentioned in class, you'll want to use reputable and scholarly resources for your final paper. I've listed several categories of resources below, along with examples of each.

For more scholarly sources, check Google Scholar or the Vanderbilt Library's Database Search. For the latter, I recommend selecting a subject (e.g. Business) and leaving the search field blank. For most subjects, you'll receive a list of key databases for that subject. Open the database to search by keyword for articles relevant to your paper.

The Debate: Security vs. Privacy

During class last week, we held a debate on the following proposition:

The US government should be given wide latitude to use electronic surveillance in the interests of national security, even if that means citizens' privacy is not always respected.

We've discussed this proposition several times during the course, notably on the first day of class, when we discussed Edward Snowden's revelations about the NSA, and then a few weeks ago, during our class sessions on Cory Doctorow's novel Little Brother. Last week, we read Simon Singh's treatment of the issue in his book, The Code Book, and so it was time for a proper debate.

Before class, students were asked to make arguments for or against the statement in blog posts. You can read all of those blog posts here.

During class, six students volunteered to debate. Three were randomly assigned to the "PRO" side (security), three to the "CON" side (privacy). Each side had ten minutes to prepare opening arguments, then five minutes each to present opening arguments. Then the jury, consisting of three other students, evaluated the strength of the arguments made and gave each team of debaters feedback. That lead into round two, during which each side responded to the arguments made by the other side during the first round.

How did the debate play out? See this Google Doc capturing the main points of the debate, with notes taken by two of our three notetakers. The third notetaker live-tweeted the debate using the course Twitter account, @practicalcrypto. Below, you'll find a collection of those tweets, which were more entertaining than expected.

As I said at the end of the debate, if we had a bit more class time, we could have brainstormed some compromise solutions that responded to concerns of both sides. We might still come back to that, depending on how the last few weeks of the class go.



Telegraph Security

Telegraph SecurityHere's the telegraph security diagram I shared in class today. To better understand it, consider the following scenarios.

Scenario 1a - Messages Sent via Horses, Agent C Decrypts Messages

In this scenario, once Agent C intercepts the ciphertext as it travels via messenger between Agents A and B, he'll decrypt it, then get on his own horse and travel to Agent B's location to cause trouble. (There is no Agent D in this scenario.)  How much time does Agent B have to act on the message before Agent C shows up? Assuming Agent C and the messenger are riding horses with equal speeds, Agent B has precisely as much time as it takes Agent C to decrypt the message.

Scenario 1b - Messages Sent via Telegraph, Agent C Decrypts Messages

Now, after Agent C intercepts and decrypts the message, he sends it along via telegraph to Agent E, who then causes trouble with Agent B. How much time does Agent B have to act on the message before Agent E shows up? Again, precisely as much time as it takes Agent C to decrypt the message. Switching from horses to telegraphs doesn't make Agents A and B any more vulnerable.

Scenario 2a - Messages Sent via Horses, Agent D Decrypts Messages

Now suppose that Agent C merely intercepts the message and gets to Agent D. Agent D decrypts it, then travels via horse to Agent E, who causes trouble for Agent B. How much time does Agent B have to act before Agent E shows up? That would be the time it takes to decrypt the message and the travel time between Agents C and D and Agents D and E. Assuming Agent D isn't located along the A-B route, this means that Agent B has more time than in Scenarios 1a or 1b.

Scenario 2b - Messages Sent via Telegraph, Agent D Decrypts Messages

Same thing, but with telegraphs. Now there's no travel time involved, so Agent B is back to having only the time it takes to decrypt the message as his lead time.

What's the takeaway here? If you're Agent A, then the advent of the telegraph means your buddy Agent B has less time to act on your messages, assuming the other side has to get their intercepted messages to Agent D for decryption. If there's no Agent D, then it doesn't matter if you're sending messages via horses or telegraph, but if there is an Agent D, then you'll want stronger encryption than you used to have.

Academic Integrity Resources

Victory!Some links relevant to our discussion of academic integrity and plagiarism:

Image: "Victory!", Jannis Andrija Schnitzer, Flickr (CC-BY-SA)

Friday, August 29th - Resources

Thanks for catching the error in the first problem set. Here's the corrected version: Problem Set 1 (Word) and Problem Set 1 (PDF).

Also, here are copies of the two Excel files I used in class today: Modular Arithmetic and Decimation Cipher.

Finally, I meant to share during class something that I bookmarked this morning, a story on the hacking of Keurig's new scheme for preventing competitors from making coffee pods that work in Keurig coffee machines. I'll call this an example of cryptanalysis, since Keurig's scheme essentially involved encrypted messages between coffee pod and coffee maker. Keurig's competitors have now broken that encryption and are able to send messages of their own -- not unlike how Sir Francis Walsingham sent fake messages to Mary Queen of Scots and her conspirators.

Substitution Ciphers - Some Sources

I hope you found today's cryptanalysis activity interesting. As I mentioned in class, you'll get the chance to work on a new ciphertext from start to finish in your first problem set, which I'll post next week.

Here's the worksheet from today's class with all four ciphertexts. The plaintext for the first one (the shift cipher) comes from this news article on Chelsea Clinton's wedding a few years ago. We'll talk about poem codes in a future class.

The plaintext for the second one (the atbash cipher) comes from WIRED writer Mat Honan's story about how his entire digital life was hacked. I'll say a few words about this on Monday, but if you have the time to read the entire article, do so. It's pretty incredible.

Remember, for Monday you should read the first chapter in Singh and create your blog account. Look for those account creation emails soon. And go ahead and finish decrypting the second ciphertext on the worksheet, too.



Pecha Kucha

Before I share a few Pecha Kucha resources, here's the list of possible titles you generated for blog posts, short papers, or presentations:

  • Turning the Tide of WW2 Cryptography
  • Turing the Mathematics of Cryptonomicon
  • The Beautiful Mind of Lawrence Waterhouse
  • Ending Engima
  • Colors of the Rainbow: Japanese Ciphers of WW2
  • When You Can Go Too Far and Not Far Enough: Ordo and Keys
  • Only as Strong as the Weakest Link
  • Data Havens for Fun and Profit
  • Learning Modular Arithmetic in Three Pages or Less
  • Taking One for the Team: Detachment 2702’s Contribution to WW2
  • Lawrence Waterhouse: A Different View on Everything
  • The Psychology of Bobby Shaftoe
  • How Mathematicians Think
  • The Awesomeness of Bletchley Park
  • When Bits Become Bytes

(For the record, four of those suggestions are mine.)

Now for some Pecha Kucha resources. First, the Pecha Kucha organization, which coordinates Pecha Kucha nights all around the world, including Nashville. The organization has used their network in creative ways to aid in disaster recovery efforts, including the 2011 Japan earthquake.

Here's the sample Pecha Kucha presentation I shared, by the University of British Columbia's Tegan Adams:

For more examples, check out Pecha Kucha Atlanta's website, which features lots and lots.

Finally, if you forget how to pronounce Pecha Kucha, here's a Muppets-themed reminder.

Image: "pecha kucha night book," Brandon Shigeta, Flickr (CC)