290 likes | 449 Views
Keeping Secrets with Digital Technology. Information Assurance Program Anderson School of Management. Why Are We Here?. 84% of you have learned safe practices for online activities in school or at home. We’re going to build upon your basic Internet “street smarts.”
E N D
Keeping Secrets with Digital Technology Information Assurance Program Anderson School of Management
Why Are We Here? 84% of you have learned safe practices for online activities in school or at home. We’re going to build upon your basic Internet “street smarts.” We’ll focus on some technologies that are used to protect private information: Encryption: Digital code that stores information securely Passwords: How to hacker-proof your accounts
Cryptography cipher: a method of encryption, including the algorithm, key(s), and other variables used to encode and decode a message keyword: word or phrase used in conjunction with an algorithm to encrypt and decrypt messages – like a password! plaintext: an original unencrypted message or a message that has been successfully decrypted ciphertextor cryptogram: an encoded message resulting from encryption encryption: conversion of plaintext to ciphertext decryption: conversion of ciphertext to plaintext cryptanalysis: the process of deciphering an encrypted message without knowing the algorithms and keys used to perform the encryption. code: the system or set of rules for converting words or phrases into a cryptogram Crypto- from Greek words kryptos for “hidden” and graphein for “write” Cryptography serves two purposes Transmit information quickly and efficiently Secretarial shorthand, abbreviations Transmit information securely Vocabulary cipher, keyword, code, encryption/decryption, plaintext/ciphertext, cryptogram, cryptanalysis
Background of Cryptography The ATBASH Cipher The Old Testament Book of Jeremiah employs a reversed-alphabet cipher to encode sensitive words.
Background of Cryptography ΔΕΦ Julius Caesar made code by shifting the alphabet over by three letters and then substituting Greek letters for Roman.
Background of Cryptography plaintext ciphertext Thomas Jefferson used a 26-letter cipher wheel to encrypt/decrypt official correspondence while serving as ambassador to France. Recipient would need own deviceto decode the message.
Background of Cryptanalysis The Enigma, a mechanical encryption machine with four rotary ciphers, was used by the Germans in WWII. Its code . was thought to be unbreakable. The Allies built the giant“Bombe” machine to crack the Enigma cipher.
Cryptograms and Passwords Lessons learned from cryptanalysis of the Enigma code drive home two practices we now observe in setting passwords: Change them regularlyThe Germans rotated their Enigma keys daily. Don’t write them downThe Allies might never have broken the code if not for documentation they got from captured U-boats.
The Dictionary Cipher 156,25,5; 124,30,8; 56,12,4; 89,38,14 Does this look like a code? What do these numbershaveto do with this book? Hint: Not all ciphers encodea message letter by letter…
The Dictionary Cipher 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 156, 25, 5 1 2 3 4 5 6 Each word in the message is represented by a triplet of numbers. Position one for page number Position two for line number Position three for order of word in line 156
The Vigenère Cipher Repeating letters may tip off a cryptanalyst as to the method behind the code! plaintext: D A M A N D A G D D P Q D What is a weakness of the cryptogram produced by this method? The simple way to use the cipher is by choosing one row to use for encryption – like Julius Caesar did! However, this method is not the most secure.
The Vigenère Cipher plaintext: A M A N D A E KEYWORD K R Y K Q J R O R Using multiple alphabets rotated in keyword order strengthens the code! W Y The better way to use the cipher is to switch rows before encoding each letter.This can be done in sequence orin the order determined by a keyword.
Digital Encryption Activity We’ve seen the advantage of using a polyalphabetic cipher for encryption. Let’s see what happens when we use multiple keywords with the cipher…
Everyday Uses of Encryption Securing email transmissions Securing web transactions Wherever you see a URL beginning “https:\\” Securing wireless networks Securing individual files What is the key to encryption and decryption of each of these? …a PASSWORD!
Passwords Secure and difficult to crack. Easy to remember Passwords need to have two qualities: 1. 2.
Passwords “12345” “qwerty” “password” Your Name: “amanda” Your Birthday: “1286” Your favorite TV Show: “spongebob Cracking a Password Brute Force Using Common Passwords Guessing Using Known Passwords
Passwords Creating a good password: Dlkj509$13409oi$dslSDF90tq39u45^0qujnkja98q^u09509340%nd8sq3450934oikljfna0q#095 How are you going to remember that?
Passwords Some Tricks for making a good Password: Make up an anagram: Mrs. Funnell’s class is my favorite part of the day. I can’t wait. M.F’cimfpotd.Icw. M.F’c1m4p0td.Icw.
Passwords Don’t Write down your password Share your password Create bad password hints Obvious hints: “My teacher’s name” Starts with “M.F”
Facebook and Social Networks The first popular social networking websites took off in the early 2000s Provide an online presence w/o need for a personal website Encourage connecting with other users, establishing a online network that resembles real-life social circle Allow users to share news, etc. with many friends at once vs. sharing one-on-one via email
Is Facebook For Me? At age 13, young people can register for Facebook accounts. 29% of your classmates are already active on Facebook. While Facebook is a fun way to stay connected with friends and family, it is also a source of leaks for private information. How will you protect your privacy if you join Facebook?
Facebook By default, your profile, photos, and posts can be viewed by everyone Contact information visible to “friends” Accept “friend” requests carefully “Friends of friends” are not under your control Use the “Preview My Profile” option “Checking in” places not a great idea Facebook and Social Networking
Sharing Personal Information Recommend one thing on this profile that Mark should hide from public view. Click here to jump to Amanda’s profile for tour of what NOT to show. Facebook and Social Networking
Click here to jump to Amanda’s profile for DOs and DON’Ts of photos to share. Visitors to Mark’s Facebook page see both photos he has uploaded… …and photos other people have taken of him. When and why might that be a problem? Facebook and Social Networking
4/5 have been taught internet security 1/4 do things on the internet that their parents don’t know about 1/5 opened an email attachment from someone they don’t know
1/2 of you have talked with someone online that you’ve never met face to face or you talk about yourself online 9/10 of you have a cell phone or smartphone Almost all of you have a device that can be used to access wireless networks at home.