se·cret /ˈsēkrit/
adjective
- not known or seen or not meant to be known or seen by others. ("how did you guess I had a secret plan?")
noun
- something that is kept or meant to be kept unknown or unseen by others. ("a state secret")
- Do not write it down. (Even in your diary.)
- Do not talk about it. (Even in your sleep.)
- Do not record it. (Even on your smartphone.)
- How do we write (or encode) the secret into the message?
- How do we read (or decode) the message into the secret?
- How do we keep our message safe?
Exercise #1: Let’s encode a message!
There are many ways to encode text. Computers often use numbers to represent characters. We can think of a message as a long list of numbers (or one really big number).
- How do you know you are alone?
- Is the other person who they say they are?
- What if your friend lives far away?
- This is the safest way to share a secret. Requires that we be very careful.
- If you need to share a secret message, it’s best to assume everyone can read it.
- How do we prevent those who read our message from understanding the contents?
- How do we share the location of this place?
- Can we be sure that no one is watching us?
- What if someone finds out our hiding spot?
- This technique is called steganography.
- What happens if someone is observant?
- What if someone learns our technique?
- How can we be sure no one else listening can understand our language?
- What if someone else can read our language? They will know our secrets!
- What if someone else can write our language? They can change our messages!
- How do we scramble or (encrypt) the message?
- How do we unscramble or (decrypt) the message?
- How do we keep the secret safe?
Exercise #2: Let’s write a cipher!
-
What is a substitution cipher?
- Substitution ciphers are (weak) encryption schemes.
- They work by replacing symbols and words (ie. Strings) with other symbols.
- Ciphers must be reversible (when reversed they produce the original message)
-
What are some substitution ciphers?
-
What is the difference between encoding and encryption?
- Substitution ciphers are just a fancy encoding mechanism.
- Encryption is an encoding that is difficult to decode.
- We need to agree on a common method (protocol).
- We need to agree on a common secret (key).
- How do we agree on a common secret? Back to square one.
- A key is a way to keep others from knowing your secret.
- A key is something you know, have or are.
- Something you know: a password
- Something you have: a physical key
- Something you are: a fingerprint
- A key, like a message, can be encoded as a number.
- What happens if someone guesses our protocol? They still need to guess the key.
- What happens if someone deciphers a single message? They learn they key.
- What happens if someone learns our key? They can break every message.
Exercise #3: Let's break a cipher!
If someone learns a plaintext-ciphertext pair they can break every message.
- What is the only way to guarantee an unbreakable cipher?
- One-time pad
- Use keys with longer text
- Use keys that are difficult to guess
- Prime numbers have only two factors.
- Some set of steps for a computer to take.
Let's calculate some prime numbers. How many can you calculate in 5 seconds?
- Numbers are easy to multiply
- Numbers are hard to factor
- Can we get computers to generate random numbers?
Exercise #5: RSA
Turns out, we can share a secret without sharing a key.
Hash functions are cool.
First ensure JDK 1.8 and Git are installed and run the following command in your terminal.
git clone https://github.com/breandan/crypto-exercises && cd crypto-exercises && ./gradlew runIde
After several minutes, a program called "IntelliJ IDEA" should start. If you receive an error, make sure JAVA_HOME is correctly set. Once the program loads, right click on the file called HelloCrypto.kt and select "Run". You should see the following output.
Let's learn about cryptology!
Insert the provided USB drive and type or paste the following command from your terminal (⌘+Space, 🔍 Terminal, Enter)
/Volumes/USB-STICK/idea.sh
This will launch an instance of IntelliJ IDEA with the project already configured.
If you see a message "Project SDK is not defined" on the top of your screen, click Setup SDK | Configure... | + (Add new SDK)" | JDK. Add the JDK which can be found here (under your Home directory): ~/jdk/.
Once configured, you may need to select "Import Changes" and wait for indexing to complete.
Insert the provided USB drive and open the folder named "Windows", then open the folder named "CryptoExercises", then double click on the icon "Launch_CryptoExercises.lnk".
You should now be able to run the /src/main/kotlin/HelloCrypto.kt file by right-clicking and selecting "Run".
If configured correctly, it should print the following output:
Let's learn about cryptology!
- Intuitive Advanced Cryptography, Quan (2019)
- Handbook of Applied Cryptography, Menezes et al. (2001)