Finally, I meant to share during class something that I bookmarked this morning, a story on the hacking of Keurig's new scheme for preventing competitors from making coffee pods that work in Keurig coffee machines. I'll call this an example of cryptanalysis, since Keurig's scheme essentially involved encrypted messages between coffee pod and coffee maker. Keurig's competitors have now broken that encryption and are able to send messages of their own -- not unlike how Sir Francis Walsingham sent fake messages to Mary Queen of Scots and her conspirators.
Month: August 2014 Page 1 of 3
It's confession time. I did not know much, if anything, about cryptography when enrolling in this class. With this lack of a background, what we read in Singh and the content that we later discussed in class were extremely fascinating to me since I hadn't had much previous exposure to the topic.
One topic that we discussed further in class was the resources that are needed in a society in order for cryptography to be present and flourish. As societies advance mathematically, statistically, and linguistically, skills in those areas tend to be ingrained in the population of that society. As we sat down in class on the first day, we were able to figure out the cypher alphabet and then decode a message. If you had put that same coded message in front of kids our age 600 years ago, there's not a doubt in my mind that they would struggle with it much more than we did.
While we automatically have a leg up due to our advanced society, another resource would have allowed someone our age to decode the message 600 years ago. This resource is of course the funds that would have provided an education to make up for the lack of societal knowledge. I thought it was really interesting to note how money could give you what would be more readily available in the future, just like most other commodities.
As I read the first chapter of The Code Book by Simon Singh, I found that the ways to protect yourself while making encryptions is what resonated with me most deeply. Obviously, Mary Queen of Scots was not able to cover her tracks and was executed for her participation in a conspiracy that would try to kill Queen Elizabeth. Before taking Cryptography, I had always assumed that encryptions and codes were secure regardless of the strength of the enemy. Now I realize that one had better make sure that they either have a strong communication system or a strong encoding system. However, there are many more things that a code maker can do to protect themselves.
In my opinion, the largest mistake Mary Queen of Scots made was not changing her codes between her and her conspirators. Although changing the key of their encryptions would be a more thorough cover, changing the cipher can be done often and will deter the efforts of any hackers. Simply by putting a number in the text of an encoded message, the receiver would know to shift the numbers in the text to change the message. There are simpler ways to enhance an encryption as well. This could involve intentionally misspelling words to make the message more difficult to decode, but remain legible for the recipient. These changes enhance an encryption and help to protect the sender. There are many more truths I hope to discover in Cryptography.
The evolution of cryptography and the methods of both hiding and revealing information has had an interesting path. In the early usage transposition ciphers such as the scytale were used, although transposition ciphers seem much less secure (especially for shorter messages) if the scrambling method is too simple and an intercepted message could be translated through a few well-placed key letters. For example, some word scrambles can be solved just by looking at the letters for a while. What I always wondered, though, is why substitution ciphers and transposition ciphers were the norm for so long without any real development past the basic forms.
The statement Singh made discussing how cryptanalysis would only evolve once a society had reached a sufficient level in several disciplines of math and linguistics cleared up a lot for me. Since there were no major breakthroughs in techniques such as frequency analysis until the Renaissance period, stronger ciphers weren’t needed. When it was realized that frequency analysis was being used to break ciphers, different methods of encryption like the Vigenère cipher were created to counter letter frequencies. When that method’s flaws were found, even stronger methods of encryption were developed.
Cryptographers and cryptoanalysts are, in a sense, an extremely smart predator and an extremely smart prey. Those who make ciphers are almost always a little bit ahead of those who try to break them, though, because they are able to see their encryptions’ weaknesses and adjust to hide their information before the cryptoanalysts come along to reveal it. Like many have said, cryptography is a constantly evolving field and also serves to inform us that no matter how secure something may seem, one should never bet the farm on its infallibility.
I can honestly say that going into this class I had very little knowledge of what cryptology is or its implications. I had most likely heard the word in passing but never fully tried to comprehend the true meaning. The first chapter of Singh was to say the least an eye opener. I was shocked by the widespread use and history of codes and ciphers. The chapter expanded on the history of ciphers in various societies and cultures. The main example of the first chapter is Mary Queen of Scots and her cipher mishap. This situation displays the risks of ciphers. As discussed in class, sometimes a weak cipher can be worse than no cipher at all. The reasoning behind this is the false sense of security that a cipher can give the sender and recipient. Mary Queen of Scots also made the mistake of trusting someone else to deliver and keep the secrets safe. As the saying goes, “loose lips sink the ship.” Well in Mary Queen of Scots case deception, ciphers, and double agents sank that ship. The discussion in class led me to realize that Mary had no other option than to trust that her correspondences were honest since she had very limited resources. This ties into another topic that we discussed about the impact that resources has in ciphers. In Mary’s case, the limited option of resources and possible ways of communication forced her to relay on her a double agent. She had no way to change the cipher or strengthen it without him knowing so she was sort of doomed. If she was more vague and a little less trusting in the strength of the cipher she could have saved herself but that did not happen. The discussion in class aided me in seeing the scope of ciphers along with the potential drawbacks of them.
Before this course, when I thought of cryptography I primarily thought of advanced groups and organizations who made unbreakable codes so that nobody else would ever know the information they were communicating except for the people they were communicating to. However, this is definitely not the entire story. First, most everyone in society uses cryptography in some way in their lives. A lot of the time people aren't even aware that they are utilizing cryptography, primarily when they are online. I was previously unaware of how much cryptography was involved in things online such as passwords and other sensitive information. I'm glad though that online passwords and other information gets encrypted before it is sent as if it weren't then it would be extremely easy for anyone to get your sensitive information.
Now the other main thing which my eyes were opened to was the potential weakness in encryption. Before I thought that for the most part, codes weren't ever cracked or figured out by people other than those that the messages are to. The story of Queen Mary taught me otherwise. While there are over 4*10^26 different ways to encrypt using a basic substitution cipher, it is not always that difficult to figure out the encryption methods. Cryptanalysis and its methods are new topics to me, but when thinking about them, I had even used some of them in the past (primarily frequency analysis). The main point however is that any encryption method can be figured out and thus no method of encryption is 100% secure. Other weaknesses include that you can't make an encryption method so complex that your recipient cannot understand the message, and it isn't necessarily possible to tell if someone else has figured out your encryption method. Particularly the latter is a major weakness as one's method of encryption can in fact be used against them and this was an interesting possibility which had never occurred to me before. Cryptography can be extremely useful and has its advantages, but it is not without disadvantages either.
Mary Queen of Scots made the fatal mistake by not only sending messages through code that could be broken, but also incriminating herself in the messages by saying exactly her plan. It never occurred to me that perhaps the most important part of making a code is not making a code thats hard to decipher; instead, it is if someone deciphers the code that they still should not be quite sure what the message is talking about. The sender and the receiver of the message should already have decided on certain words set for other words and make the message more ambiguous. Otherwise, if someone can decipher your message, then all of the plans discussed will not be a secret anymore. Had Mary Queen of Scots gave a more ambiguous coded message, once it had been deciphered she still might have been able to complete her plan. Instead she was executed. By reading this chapter in The Code Book by Simon Singh, I have learned that if I am ever in a difficult situation in which I need to pass a code along, it is paramount for me to discuss a separate code with key words to make the message impossible to understand for the reader because almost all types of codes can be deciphered eventually. Coding, ciphering, and deciphering is quite the risk reward business.
What surprised me most in the first chapter of this text was just how old cryptography is. I guess I had never really thought about it's origins before the reading. I thought it was really interesting to learn of the origins and to begin learning some history. It made me draw come comparisons to cryptography today. Cryptography really has come a long way since Queen Mary used it from her jail cell. Although it's incredibly unlikely that a ruling leader would ever be held in jail by another, if the situation would arise, and they needed to use cryptography, it would happen quite differently. First of all, I think they would have a better understanding of the likelihood of the messages being intercepted and broken, and would not use such plain terms to describe their plan. Mary and Babington's foolishness reminded me of in middle school, a group of girls would speak in pig latin, thinking nobody else could understand them. Unfortunately for them, many people also knew of this "secret" language, and those who didn't quickly caught on. Another advancement is simply the difficulty of the cipher that would be used today. In this day and age, a simple substitution cipher, like the one used by Mary and Babington, would be deciphered in minutes. To really keep something private, a much more advanced and complicated cipher would be needed.
Here's your first problem set, available in Word and PDF formats: Problem Set 1 (Word) and Problem Set 1 (PDF). It's due at the start of class on Monday, September 1st. You're welcome to turn in typeset or handwritten solutions, but please turn in a hard copy of your work. In other words, don't email me your problem set.
Also, here's an Excel file you can use to aid your decryption of the ciphertext in the first problem: PS01 - Cryptanalysis.