Cryptography

The History and Mathematics of Codes and Code Breaking

Author: giordas

Behind the Scenes of a Practical Cryptography Paper

While writing my practical cryptography paper, there have definitely been some challenges. The first and probably hardest part of my paper was choosing a topic. I had no idea what someone would want to read about that would directly relate to cryptography and didn’t know what advice I could give. Eventually, I settled on searching the internet anonymously and began my research. This part was equally enjoyable and frustrating, because while I like perusing interesting articles for information, oftentimes the articles I was finding were saying the same things. To solve this problem, I searched for sources that pertained to different parts of my paper; there were sources I used for history and background, sources I used about actually taking steps to search anonymously, and sources I used about the ethics and legality of it all. With a little creative searching, I found most of what I needed.

Now, I am still in the process of actually putting all this information into a coherent guide and finishing writing my paper. So far, it hasn’t been extremely difficult to organize; the paper itself is fairly straight forward in its components, and it’s easy to choose an organization scheme that boils down to ‘introduction, background, methods, ethics, and conclusion’. This was unquestionably the easiest part of my journey writing this paper. One of the things that I’m still struggling with is adopting the proper tone for the paper. Because it is supposed to instruct college students in a practical cryptography topic but is still an academic paper, I find myself needing to balance two different tones (one more casual, and one more formal).

Protect our Privacy

In my opinion, the U.S. government should not be given a large ability to use electronic surveillance for national security. Surveillance might catch criminals, but it also catches a lot of innocent people in its path. Citizens have a right to their privacy, a right that the government should not intrude upon without good cause. Giving the government a wide latitude to use electronic surveillance seems to me like it would give them the opportunity to surveil people even if they weren’t suspicious, doubtlessly intruding on countless private messages that a completely innocent person is sending. Our government is by no means flawless; some of their actions in the past regarding surveillance have definitely fallen into a moral grey zone. For instance, the U.S. government used unjustified wiretaps on Martin Luther King Jr. for several years, gathering not only information that would help them in debates concerning civil rights but “bawdy stories” and “embarrassing details about King’s life” (Singh, p. 307). Clearly, they have used wiretapping unduly before; allowing them a breadth of access to electronic surveillance would undoubtedly result in them pressing their advantage too far in some cases.

Photo Credit: "Security" by Dave Bleasdale via Flickr CC

Photo Credit: “Security” by Dave Bleasdale via Flickr CC

 

In addition, citizen privacy during transactions is extremely important to the economy of the United States as well as the economy of the globe. Without secure encryption, messages sent using the internet and purchases on the web would be far less trustworthy. Furthermore, as purchases on the internet have increased, there is greater incentive for criminals to try to decode these purchases and reach credit card information (Singh, p.308). Imagine all of the purchases that occur over the internet in this day and age; it would be incredibly destructive if someone could break into the encryption scheme we use to protect them. Millions of people could lose their credit card information, and a break in to this effect would undoubtedly dissuade some people from purchasing much on the internet anymore. Allowing the U.S. government a larger reach in electronic security would surely mean that the encryption we were using for online transactions would have to go down; the U.S. government has been trying to decrease the private citizen’s level of encryption for years in order to allow easier access to the government to their information. They might try to switch us to the American Escrowed Encryption Standard, which would allow them a databank of all private keys, or even try to limit the length that a private key can be (Singh, p.310). Both would decrease the power of our encryption methods, hardly keeping us safe from criminals who might be searching for a way to steal credit card information. Overall, allowing great government power for electronic surveillance hardly seems like a good idea; not only would the security of our internet transactions decrease with a decrease in encryption, the government could invade our privacy much easier.

Human Error and Forced Flaws

Photo Credit: “Chiffriermaschine ‘Enigma’ ” by Walther licensed by Wikimedia Commons under Creative Commons

The Enigma Machine was practically impregnable if all of its information was kept secret and all its operators worked without human error. With billions and billions of possible settings, it would have taken cryptanalysts an obscene amount of time to sort through all of the possible keys. Additionally, with an ever changing pattern and shifting scramblers it would be incredibly hard to find a method to deduce the plaintext if all one had was pure ciphertext, even with if the most brilliant minds in Britain working on a solution. Essentially, cracking the Enigma required some sort of “crib”, some insight into how the code was working on a specific day that would take out some of the possible Enigma settings.  Because of this, the cryptanalysts would not have had the success that they did without the help of two things; German cryptographer’s mistakes in using the code and the espionage and tricks of the Allied forces.

A clue into the how the code was being run a certain day was often acquired from the mistakes of the Germans. For example, when German operators were picking keys they would often choose “three consecutive letters from the Enigma keyboard” or even use the same key as they had used previously (Singh, p.164). These mistakes, known as cillies, became vital to Bletchley Park’s decoding of the Enigma machine. Because they knew that some keys were more likely to show up than others, they could try their hunches first and would save valuable time if they were proven correct. Basically, the Enigma machine was still doing its job; it’s just that the operators proved to be too predictable. In addition, the Germans took efforts to make the Enigma machine more secure that often backfired and lessened the impregnability of the cipher. For instance, they decided that a scrambler couldn’t stay in the same position for two days in a row (Singh, p.164). This may seem to make it more random, but it actually excluded many of the possible scrambler arrangements that British cryptanalysts had to weed through.

When all else failed, however, and German mistakes and bright Bletchley park minds didn’t produce a crib, espionage and trickery became key. When they couldn’t find a crib, it seemed, British cryptographers would create one. By manufacturing situations where the German U-Boats would have to send messages with a specific location in the cipher, the British cryptanalysts could gain insight into the way the cipher was working. Because they knew the location of whatever the U-Boats had sighted (be it a convoy or a mine), the British had a bit of plaintext to work with. With this plaintext, they could employ Turing’s loop method and decrypt the scrambler and plug board settings of the day. All in all, using the openings found in the Germans operational mistakes and those created by Allied operations, the cryptanalysts at Bletchley Park could decrypt the Enigma, collecting valuable information that would help them win the war.

Abolishing the Government: Terrorism, or Activism?

Of all the themes hit upon in this novel, one of the ones that intrigued me the most was that of the rights of American citizens to alter or abolish our government. In a passage from Chapter 11, Marcus’s teacher, Ms. Galvez, leads a discussion on social movements in the past and present. While some of the movements she describes were peaceful or just full of pranksters, she also described the more violent or illegal actions taken by some protesters. Theft took place, and some protesters even blew up buildings. Throughout the discussions, Charles continues to insist that these people, regardless of motives or methods, are all terrorists. However, Marcus brings up an interesting point; he cites the Declaration of Independence, which states that “that whenever any form of government becomes destructive of these ends, it is the right of the people to alter or abolish it, and to institute new government…” (p.180). Essentially, the book is introducing an interesting argument; when are acts considered terrorism, and when are they considered a method to alter our government?

In my opinion, terrorists aim to cause fear. They destroy buildings and cause violence to try to strike fear into the hearts of people who live in a certain country, or worship a certain way, or hold a certain opinion. The acts they are taking might be an attempt to alter the government, but it is done in a way that is completely unacceptable and malicious. However, most protesters are out there because they believe there needs to be a change to the way our country works and they believe they need to speak up about it. They are out there because they believe that they have a duty to change a government that is not serving them. So if they are out there with this intent, why do authorities so often try to stop them? When the Declaration of Independence was issued, America acted on their words of abolishing a government by fighting a war. Today, though, social and political movements are being shut down for far, far less than engaging in warfare. Many movements are shut down simply because they are challenging the status quo in a way that is not deemed appropriate by local authorities. A prime example of this is the protests happening in Ferguson, MO. Even if protesters are engaging in civil disobedience, don’t they have a right to attempt to inspire change in their own government? In the Gettysburg Address, Lincoln stated that America was a “government by the people, for the people”. However, now it seems that some believe our government is so important that the people can no longer change it. Basically, we are calling some of our citizen’s terrorists when all that they are doing is trying to change a system that was supposed to work for them in the first place.

What Your Account Settings Mean

One of the quintessential tools of all teenagers and college students is Facebook. Although it may be moving out of style, it’s almost a basic necessity to have a Facebook profile (it’s definitely seen as strange if someone tries to look you up and you don’t have a profile). For all we use Facebook, however, many of us hardly ever wonder about how secure our information might be. After all, we have an account and a password and our own customized privacy settings. How much safer could it be?

The answer is: so much safer. According to Christian’s bookmark, before recently Facebook did not have HTTPS support. This means that they used a plain HTTP server, which people with the right tools could easily crack into. Facebook may seem unimportant and doesn’t necessarily contain extremely private information, there are some things on each of our Facebook profile’s that we’d rather not have the entire internet see. Think of all the photos that you store on Facebook, all the posts and comments that might not necessarily meet an employer’s standards of conduct. Think of those pages you liked back when you were in middle school. These are not things that you need the entire world to see.

There are a few ways to protect your information from prying eyes when using Facebook with a plain HTTP. For one thing, you can avoid logging into Facebook using a public Wi-Fi server.  Furthermore, whenever possible you should use an HTTPS servers add on. But most importantly, dig into your account settings page on Facebook as soon as possible. It might take a little work, but it would be worth it to turn on the HTTPS server and keep your information as secure as possible.

Powered by WordPress & Theme by Anders Norén