Cryptography

The History and Mathematics of Codes and Code Breaking

Category: Uncategorized Page 1 of 9

Show Notes - McCormick Cipher Podcast

Show Notes

Ranked amongst the greatest unsolved ciphers in history, Ricky McCormick’s notes have baffled intelligence agencies, wanna-be sleuths, and everyone in between for the past two decades. In 1999, Ricky McCormick was found dead in a ditch with two notes hidden inside his pocket. First revealed to the public a decade later, the notes appear to be filled with nonsense and unreadable sentences; but this seemingly random sequence of characters may not be so random at all. The authorities believe that these notes may hold the key, quite literally, to solving Ricky McCormick’s murder, but to this day the notes have yet to be deciphered.

References

Ricky McCormick. (n.d.). Retrieved from http://cipherfoundation.org/modern-ciphers/ricky-mccormick/.

Tritto, C. (2019, July 29). Code Dead: Do the encrypted writings of Ricky McCormick hold the key to his mysterious death? Retrieved from https://www.riverfronttimes.com/stlouis/code-dead-do-the-encrypted-writings-of-ricky-mccormick-hold-the-key-to-his-mysterious-death/Content?oid=2498959.

Help Solve an Open Murder Case, Part 2. (2011, March 29). Retrieved from https://www.fbi.gov/news/stories/help-solve-an-open-murder-case-part-2.

Nickpelling, & Nickpelling. (2013, March 12). Ricky McCormick's mysterious notes... Retrieved from http://ciphermysteries.com/2013/03/12/ricky-mccormicks-two-mysterious-notes.

More information may be found in any one of the hyperlinks pasted above.

 Audio Sources

https://incompetech.filmmusic.io/genres/genre/contemporary/

https://incompetech.filmmusic.io/genres/genre/mystery/

All music taken from Kevin Macleod on incompetech.filmmusic.io.

 

 

 

Whether we can or we should: an exploration of privacy in the digital age

“What’s at stake is not whether someone can listen in but whether one should.”

This quote from It’s Complicated by Danah Boyd perfectly illustrates the complex role of privacy in an increasingly digital age. As opposed to the past where locked doors and hushed conversations limited parents’ intrusions into their children’s privacy, the rise of public chat rooms, profiles, and pages on social media platforms have allowed increased access to the social media profiles of students. One common argument that parents often make for the stalking of their kids’ social media is the fact that it’s accessible to the public, and therefore they can look at it. But that argument fails to account for whether or not they should look at it. I have the ability to run through commons and make a scene when getting my breakfast; that doesn’t mean I should do it, because doing so causes a public disturbance that violates social etiquette. It’s this sense of social etiquette that drives our sense of morality, and what should prevent parents from excessively looking at their children's' online profiles without cause. This argument should be extended into the information age and evolve into a sort of digital etiquette. Even if online accessibility has increased, boundaries remain very real and should be respected no matter the medium of information exchange. It’s well known that government agencies such as the NSA possess the tools to decipher our encryptions and monitor our messages; but doing so knowingly violates citizens’ rights to privacy without just cause and can turn into a slippery slope where all communication is monitored by an overarching surveillance state. However dystopian that may sounds, its effects are being observed in realtime where increased violation of boundaries often leads to more secrecy and unexpected consequences.

Just because an action can be applied isn’t reason enough for its application. Those who use this justification often have ulterior goals, and it's necessary that parents, authorities, and everyone in between recognize that boundaries exist and respect them. The "can" vs "should" argument will no doubt persist, but I hope this blog post was able to clarify the debate around this topic with respect to privacy. 

The Different Social Medias

In chapter 2 of Its Complicated: The Social Life of Networked Teens, author Danah Boyd jumps into the role social media plays in the lives of today's youth. Specifically, she analyzes how much youth want to share, and how much they want to keep private. While reading the book book, I found the statement “As discussed in the introduction, technical affordances and design defaults do influence how teens understand and use particular social media, but they don’t dictate practice” particularly interesting. As I look back on my experience as a teen, it is very intriguing to me to think about what social medias were used for what purposes.

For me, instagram was and still is the main social media platform in my life. Instagram was originally structured as a photo sharing app. The main thing you could do was post photos of yourself for the world to see. It was a user to world communication rather than a user to user communication. Since then, instagram has added user to user communication, but because its original purpose was to post pictures of oneself, people’s main use of an instagram account is still to portray themselves to the world. 

Another social media I have used whose structure influenced its usage was ask.fm. In short, ask.fm was terrible. In ask.fm, each user had an account. Onj your account, people can anonymously ask you questions in your inbox. You could then choose to answer those questions, and your answers would appear on your profile. Because of the text-based anonymity, ask.fm became a hub for middle school bullying, There was a high level of privacy, but that only have license for kids to be mean because they knew they wouldn’t get caught. 

The Publicity of Social Media

"In other words, when participating in networked publics, many participants embrace a widespread public-by-default, private-through-effort mentality... By focusing on what to keep private rather than what to publicize, teens often inadvertently play into another common rhetorical crutch—the notion that privacy is necessary only for those who have something to hide. Indeed, many teens consciously seek out privacy when they’re trying to restrict access to a narrower audience either out of respect or out of fear."

I disagree with Boyd's assertion of public-by-default, private-through-effort and that teenagers have to make a conscious choice on what to make private online rather than public, supporting the belief that privacy isn't needed if you have nothing to hide. When you post something to social media, you are making a conscious choice to post said thing. I believe the opposite: the default is actually private, and it takes effort to make that post public. As a result, I would say most teenagers take quite a bit of time to think about what photos they are going to show to their follows prior to posting. No one is going to post a picture of themselves without assessing how they look in it first. Many of the forms of social media communication Boyd includes in the chapter are pretty much extremely obsolete and outdated to a certain extent: blogging, posting on friends' Facebook walls, status updates, basically the use of Facebook as a whole.

Private social media is not an indication of someone having something to hide. Private social media is also usually not created out of respect or fear. Many people  do not want strangers looking at photos of them and their friends, hence making an Instagram account public. In addition, I rarely post on my Snapchat story, not because I'm committing crimes, but because I understand that the majority of my followers do not care about what is happening in my life. If I wanted to share something, I would share it with my friends on my private story.

I think that Boyd's assessment of social media in teens isn't totally applicable to the current young adult generation as it is out-of-date. Despite the book only being published 5 years ago, social media use changes so rapidly that many apps and websites once widely-used fall out of popularity extremely quickly. I can think of several apps that were popular 5 years ago in middle school (Kik, Vine, Omegle, Tumblr, etc.) that no one uses anymore because they have been shut down or aren't trendy or fun any longer. It's not only the types of social media platforms that are constantly changing, but the way social media is used. Perhaps 5 or 10 years ago, it was common to post song lyrics to your hundreds of Facebooks friends, but that is simply not the case anymore. Teens today generally find people to share too much on social media as weird or annoying.

Lastly, I think it will be close to impossible for an adult to understand teen social media use and culture unless he or she is fully immersed in the experience (which the majority are not). There are so many facets to how we use social media that you can't get the whole picture just through research or interviewing someone. It could honestly be equated to a foreign country's culture or language: no matter how much studying you do, you can't completely understand it unless you're a part of it.

Was Zimmerman Guilty?

In an attempt to bring RSA encryption-level security to the masses, Zimmerman released Pretty Good Privacy(PGP). But in his attempt to do so, Zimmerman had one large issue: The FBI had taken notice of his activities and were frightened. They were frightened because they believed that they would not longer be able to wiretap criminals and bring them to justice in Zimmermans's attempt to bring NSA-proof security to the masses. Zimmer eventually published the PGP onto the internet through a friend, which the FBI deemed as "exporting munitions" because a foreign government or hostile power could have easily accessed it. This remains problematic for a number of reasons, but ultimately Zimmerman was wrong in publishing software on the internet because he did so with the intent to deceive the US government and provide top grade security for all, law-abiding citizens and criminals alike.

When anyone publishes anything on the internet, they should be able to face the consequences of their action. We've seen in the present how past videos or texts can come back to derail an established politician's career. Anything posted on the web never truly disappears, and people need to be aware of this fact. Critics state that because Zimmer hadn't actually sent the software to a foreign government, he shouldn't have been pursued by the FBI; but the fact remains, Zimmerman published his work in an attempt to deceive the US government. And in fact, another more compelling argument remains: if country A sells weapons to country B, and country B is currently engaged in a genocide and A is aware of this fact, then Country A is at least partially to blame for providing the tools with which that genocide occurs. A key component of this argument is that those who provide the tools must know that their tools can and will be used to enact harm, and Zimmerman certainly fell true to this.

In all, this question is one that is difficult to answer, but if cryptanalysts publish software that has circumvented the government's wished and that they know will be used for harm, such as Zimmerman, then such cryptanalysts are at least partially responsible for the consequences that ensue.

Encryption for the People

I enjoyed seeing Singh present arguments for both sides of the issue on if strong encryption should be available to the general public or not. One of the claims that I thought was particularly strong was the comparison of strong encryption to gloves. Singh included a quote by Ron Rivest, one of the inventors of RSA, which states, "It is poor policy to clamp down indiscriminately on a technology just because some criminals might be able to use it to their advantage. For example, any US citizen can freely buy a pair of gloves, even thought a burglar might use them to ransack a house without leaving fingerprints." I thought this assertion brought up an excellent point: criminals can use basically any non-harmful thing to their advantage, so why outlaw said thing for every day people? In addition, guns are legal, despite them being extremely dangerous for non-criminals and criminals alike. Why would someone advocate for firearm accessibility, yet consider encryption dangerous because it could keep criminal communication secret?

Another argument I thought was compelling in support of encryption availability was the notion that businesses require strong encryption for online commerce.  The Code Book was written in 1999. Today, e-commerce has reached a size far greater than Singh's world 20 years ago. With this fact, it is more important than ever to have secure online encryption as so many purchases are done through the Internet. Consumers don't want their credit card information stolen, and businesses don't want their customer databases hacked. If strong encryption wasn't available to the public, no one would want to conduct business online, which would be disastrous for today's economy.

DES Was Necesary

In the 1970’s, and to this day, the National Security Agency, or NSA, has been the strongest force in encryption and decryption in America. They put the most resources into cryptography intercept the most messages, and have the most codebreaking power of any organization in America. However, the NSA spends a lot of time and resources trying to maintain its status as the most powerful in the world of encryption. This means it can often run into problems when civilians create cryptographic methods that the NSA can’t handle. This is exactly what happened with Horst Feistel and the Lucifer system. Feistel, a German who had recently immigration to the United States had developed an encryption system, which he called Lucifer, which was extremely strong because it converted messages into binary and then methodically scrambled them 16 times. The NSA could see that businesses would be using this technology, but the problem was that the system required a key. There were too many potential keys that not even the NSA could crack lucifer. So, they officially adopted the Lucifer system as the DES (Data Encryption Standard). However, the DHS explicitly limited the amount of possible keys, so that businesses would still use the technology, but the NSA could crack it. In this action, the NSA was justified. Though it is a slight violation of privacy, they had no other choice. 

The DES is a violation of the purest form of privacy. With the DES implemented, businesses and civilians don’t have complete control over their data. They cannot decide what they wouldn’t like to share with the government because they DES is engineered so that the NSA can see all. 

Still, the DES doesn’t mean the government is spying on everything. Just because the DES gives the government the capability to read everyone's data doesn’t mean that the government actually is. The DES is justified because there inevitably will be a case where the government must read a businesses data. Without the DES that is impossible, and it needs to be possible. 

Math and Codes

There were many mathematical concepts related to modern cryptography introduced in this chapter. One topic I was familiar with already was the use of binary digits and modular arithmetic because we had learned about them in class. However, I was not aware of modular arithmetic prior to taking this course and I had only the most basic understanding of binary numbers. I still do not have much knowledge on either topic beyond an elementary level. For example, I was confused by the idea of the Y^x (mod P) function. I do not really understand how it works and how it relates to encryption and communication. I am not sure if this speaks to Singh's ability (or lack of ability) to explain technical mathematical topics, or my ability (or lack of ability) to understand technical mathematical topics through words rather than examples and someone showing me how they work.

I was also confused about the concept of the mangler function as what the mangler function is exactly was never elaborated upon in the chapter. However, this might be because the function is too complicated or complex for the average individual to understand, so Singh didn't even bother trying to break it down. I think Singh does a so-so job explaining the more technical sides to cryptography throughout his book, not just this chapter. Some explanations make sense, such as in the first chapter when he introduces the different types of historical ciphers. Others have me completely lost, such as his explanation for how the enigma machine functions. (I still don't understand how it works!) I understand it is very difficult to explain such advanced and complex concepts to people with no knowledge on the topic, and this will be important to keep in mind when explaining how our cipher works for our podcasts.

With an advance in technology, the use of computers for encryption technology wasn't just limited to the military and government. Increasingly, civilian businesses began using encryption and cryptography to encode their messages. In an attempt to standardize encryption across the United States, the National Bureau of Standards looked to Lucifer. This encryption system developed at IBM was so strong that it offered the possibility of cryptography that couldn't be broken even by the NSA. The NSA didn't want civilians to use encryptions that it couldn't break, so the NSA successfully lobbied to weaken Lucifer by reducing the number of possible keys. The adoption of this weakened Lucifer meant that the civilian world had access to strong but not optimal security, meaning that the NSA could still break their encryptions if it needed to do.

The NSA was justified in pushing for the adoption of a mechanism that they could break even if it meant less security for the civilian world. Allowing civilians and businesses to gain strong encryption mechanisms that no one but them could decipher would have meant an increase in criminal activity that governments couldn't even begin to monitor. This would have reduced the safety of the populace as a whole. When living in a society we often give up some rights for the greater good, and it should be noted that no right is absolute - my right to free speech doesn't allow me to yell fire in a crowded theater for example. Thus by merely knowing that the NSA can still decrypt messages that businesses send can often be a deterrence to secretive or illegal activity.

Critics like to point out that giving the NSA the ability to decrypt any message they would like would be giving the government far too much power. But it should be noted that even while the NSA has the means to decipher an encryption, that doesn't necessarily mean it will. There are billions of texts, emails, and calls exchanged each day in our world - the NSA has neither the means nor the resources to monitor every single message. Thus the NSA must prioritize by possible criminal activity: criminal activity they cannot detect and stop without the use of decryption. Thus, it is not only important but essential that the NSA be able to decrypt the messages of the business world in order to deter criminal activity and better protect our society.

 

Gender in the War

The history of World War Two is incomplete if one does not analyze two elements: cryptography and gender. While these items have been recounted and studied heavily on their own, rarely have they been discussed together. The women who played a huge role in cryptography in the second world war have rarely been credited, that is until the book Code Girls, a book by Liza Mundy about their history, came out. This book, specifically chapter three, discusses in depth the role gender played in the cryptography of world war two. In the general. cryptography opened up new opportunities for women in world war two, but gender dynamics were still very imbalanced in the working world.

In general, World War Two presented opportunities for women to enter the workplace, as vacant positions left by men in war needed to be filled. However, the willingness of bosses to hire women varied greatly. One pivotal element of the story of cryptography is that William Friedman, head of the U.S office of code breaking, was exceptionally willing to hire women. This gave many women who never were ever permitted to get graduate degrees or teach mathmatics to now be propelled to the forefront of some of the most important mathmatics in the world. These women, like Genieveve Grotjan, would make some of the most important accomplishments in World War Two cryptography, including the initial breaks into the Purple cipher. In this way, cryptography gave women new opportunities, and women seized this opportunities fully and propelled cryptography to new heights.

However, it must be acknowledged that not all was equal in the world of cryptography. The was the author visualizes Grotjan's cracking of the purple machine explains this. She describes Grotjan standing in the corner of the room, hesitant to share. This helps the reader understand that it was still not easy for women in the workplace. They weren't taken as seriously as they should have been, and we still had, and have, a long way to go.

Page 1 of 9

Powered by WordPress & Theme by Anders Norén