ProjectX

The Art of Cryptography

Crypto
PHOTO: Brandon Palacio

What do the Roman Caesar, American Indigenous People and a British Park have in common? They are all part of the history of cryptography.

The Caesar Cypher and Caesar Square are cryptographic methods which where applied by Julius Caesar because he was afraid/ knew that his opponents could read his messages by intercepting the messengers. So he explained his future-to-be-communicated-to-encrypted contacts how his encryption method works so that they could decrypt it one they get the apparently obfuscated looking message. The Navajo Indians had a native language which was not close to any widely spoken language. This advantage and the small area where this language was spoken (only their part in America where they live) made them a perfect target for the US cryptographic division during the Second World War. They could communicate via radio with each other (e.g. between ships of the same battle-group) and the opposing forces would not understand what they are saying. The low degree of resemblance with other languages would have only left the opponents with the option to capture one Navajo alive and threat him into translating for you. The British ‘park’ also known as Bletchley Park was the national intelligence and cypher/ cryptography division during the second World War. Enigma (even though most vital work was done in Poland) had been decrypted here.

However, cryptography should not get entirely confused with stenography. Stenography is the art of hiding a message ‘in plain sight’ – for example within an image. The image might consist of coloured squares which – if you know the ‘translation’ – can be converted into a message. The difference is not only the lack of letters but – derived from that – the secrecy of it being a code to be decrypted. When you catch a messenger with a letter which bears an obfuscated bunch of letters it is clearly a language you don’t know or an encrypted message. If you catch a guy, carrying a picture in a frame – you caught a guy carrying a picture in a frame. As long as you don’t know for sure that this guy is the messenger who normally delivers some kind of messages to someone, you will most probably let him go to whatever museum he was heading for. There is of course the option that if a stenographic picture can be translated into bunch of letters that they are still not plain text but encrypted with an encryption algorithm. Just for the sake of annoying the guys who try to decrypt it – or a healthy degree of paranoia.

I am not going to discuss encryption algorithms here. If you are already that advanced, get some good books or PDFs. Encryption is available for a variety of things. Especially with more people using more information technologies (mobile phones, the Internet), it becomes vital to give it at least some thought. Encryption can protect your information and data. You can not only encrypt data which is on your hard drive but also the text messages you are sending from your mobile phone, the emails you are sending through your email suite and the web traffic you are generating while browsing through the net. Many of you hopefully do / but most probably don’t use encryption methods already. I give you a quick example why encryption might come in handy some time – one way or the other. Take for example your laptop. Someone breaks in your house and steals your laptop while you are out working. If all your files and sufficiently strong encrypted, all he has is a laptop to wipe clean and sell on eBay. If your files are not encrypted (I am not talking about a Windows or BIOS password, that is faster cracked than you can say oh-my-god-he-got-all-my-nude-pictures), he might get a lot more information from you. Documents, pictures, digital signatures (still don’t know why people store them digitally) and much more. You want that? I hardly believe that. When you read the part about encrypting the text messages, you where most probably like: what a paranoid lamer. A couple of months ago, some fine hackers where able to rebuild a signal station for 1-3G or mobile phone networks. Their station then acted as a regular signal tower which could receive all traffic in the signal area. Calls, text messages everything went through it. You have a smartphone? With a $socialnetwork app? Yab, it transmits user name and password. And yab, the same fake signal tower also received this data stream. Any questions?

Encryption of course is not the end of it. Encryption can be cracked/ decrypted. If you are the US government and you tried to promote one encryption tool as world standard by also asking this company to create a backdoor for you so that you can conveniently decrypt everything encrypted with this program it is much easier (Escrow..). However, there are means to do that, especially if the encryption standard is weak. If it is state-of-the-art, there are always keyloggers. If someone logs every key stroke of yours, then a nice password and a strong encryption algorithm are worth nothing. If you have a touch screen, some keyloggers might get confused. However, the decryption string is saved in your RAM and as long as the RAM is still warm – therefore the data in it is not deleted – the decryption string can be read out and used to defy your encryption. And NOW, we are at paranoia stage. When people knock on your door, your shutdown your computer, they break in, open your laptop and grab the RAM – it is your turn to throw in the freezer.

I am not writing this to make you paranoid. Just aware. Get some reading materials (or do some browsing) and decide on your own if you want to use it or not. Backup and encryption and two of the most powerful protective tools you have in you arsenal to protect your information. Why not make use of it? Always keep in mind: a good company for encryption is noise.

Leave a Reply