-Which topics and ideas do you think are the most important out of those we have studied?
It seems that the most important ideas are the more math related concepts. This is good, because I don't think that it would be very fair to have a closed book exam on some of the more complex processes (DES, AES, etc). I think it is important to understand ideas behind different ciphers, such as their strengths and weakness compared to other ciphers.
-What kinds of questions do you expect to see on the exam?
I expect we'll be asked a number of mathematical calculations (Euclidean algorithm, extended Euclidean algorithm, gcd, solving ax+by=d, congruences, etc.) as well as some basic definition questions, including some illustrations of different cipher systems.
-What do you need to work on understanding better before the exam?
I need to have a solid understanding of the different modes of operation (ECD, CBC, CTR), and be able to differentiate between different systems.
Thursday, September 30, 2010
Section 5.1-5.4 Due 29 Sept 2010
1. The most difficult thing about these sections is the whole process. I think mostly this is because I have the test on my mind. I'm concerned about having to keep all these processes straight. They are so complex! If a computer is required to use them, how can I expect to keep them straight in my head?! Also, the key schedule really threw me for a loop! If you expand a 4x4 matrix by 40 columns, you are going to have a very non-square matrix. I'm confused if this is even the case. I feel like what we are learning is much more Computer Science than Math.
2. My only reflection is in regards to the test. How in the world are we going to be tested on AES, DES, etc?! They are so hard to keep track of and separate in my brain! How can we be expected to commit all this information to memory? This is stuff that is hard to derive, as oppose to most other math classes in which the concepts can be derived from one another. This, however, is literally just a bunch of 1s and 0s in literally an arbitrary pattern (pattern is used very loosely). I feel like my brain is turning to mush just trying to think about keeping it all straight in my head.
2. My only reflection is in regards to the test. How in the world are we going to be tested on AES, DES, etc?! They are so hard to keep track of and separate in my brain! How can we be expected to commit all this information to memory? This is stuff that is hard to derive, as oppose to most other math classes in which the concepts can be derived from one another. This, however, is literally just a bunch of 1s and 0s in literally an arbitrary pattern (pattern is used very loosely). I feel like my brain is turning to mush just trying to think about keeping it all straight in my head.
Sunday, September 26, 2010
Due Monday 27 Sept 2010
How long have you spent on the homework assignments? Did lecture and the reading prepare you for them?
I've probably been spending at least 6 hours (give or take one hour) on the assignments each week. I typically start each assignment at the beginning of the week. This gives me time to converse with the TA, Prof. Jenkins, or other students about any concepts that I don't understand that appear on the homework. Also, in general, it keeps down the pressure to finish the assignment quickly. Lecture helps the most on the homework, especially the demonstrations of the applets that we've needed to use. The book really helps when it comes to the Maple examples in the back as well as being a reference to better understand difficult concepts.
What has contributed most to your learning in this class thus far?
By far, lectures have contributed the most to learning. However, that isn't to say the reading doesn't help. I think the lectures would be worse if I didn't do the reading. By reading the book, when I come to lecture it's the second run through of most of the material. Also, it's a much simpler view, hence it's easier to understand by being the second time covering the material. On that note, the lectures are excellent regardless of me doing the reading or not.
What do you think would help you learn more effectively or make the class better for you?
The class already is going well for me. However, I feel like there is so much information that I'm trying to process that it's hard to sort it all out. On the forefront of my mind are the exams. I process the information with the exam and assignments in mind. I think it would help to process if I knew a little more about what exactly to expect on the exams. Also, reviewing the material would really help. I also need to go back and re-examine each chapter and section.
I've probably been spending at least 6 hours (give or take one hour) on the assignments each week. I typically start each assignment at the beginning of the week. This gives me time to converse with the TA, Prof. Jenkins, or other students about any concepts that I don't understand that appear on the homework. Also, in general, it keeps down the pressure to finish the assignment quickly. Lecture helps the most on the homework, especially the demonstrations of the applets that we've needed to use. The book really helps when it comes to the Maple examples in the back as well as being a reference to better understand difficult concepts.
What has contributed most to your learning in this class thus far?
By far, lectures have contributed the most to learning. However, that isn't to say the reading doesn't help. I think the lectures would be worse if I didn't do the reading. By reading the book, when I come to lecture it's the second run through of most of the material. Also, it's a much simpler view, hence it's easier to understand by being the second time covering the material. On that note, the lectures are excellent regardless of me doing the reading or not.
What do you think would help you learn more effectively or make the class better for you?
The class already is going well for me. However, I feel like there is so much information that I'm trying to process that it's hard to sort it all out. On the forefront of my mind are the exams. I process the information with the exam and assignments in mind. I think it would help to process if I knew a little more about what exactly to expect on the exams. Also, reviewing the material would really help. I also need to go back and re-examine each chapter and section.
Thursday, September 23, 2010
Section 3.11 Due 24 Sept 2010
1. I must admit I was a little nervous when I read the disclaimer at the beginning of the chapter, mentioning the difficulty of the chapter material. However, I've taken abstract algebra so the stuff about fields was just review (although a timely review of fields was needed). The only hard part about the chapter were the later sections dealing with various fields that we will be looking at. For example GF(2^8) is a field with which I'm unfamiliar. I'm a little confused about how to work "mod the irreducible polynomial ... ". How does one work "mod" ANY polynomial? I think with a little thought, it might come to me, but I do need a little direction.
2. The most interesting part, was actually the same as the most difficult part. I think because I've taken so many math classes up to this point, I'm now somewhat curious as to how to mod things with respect to some polynomial. When I figure this out, it will be as if opening up a new area of exploration and operation. I'm naturally drawn to this part of the reading because it is so much like the other readings I've been doing for the last umpteen years. I guess I need to become accustomed to similarly looking at new cypher systems and terms so as to become equally curious as to how they work and fit together.
2. The most interesting part, was actually the same as the most difficult part. I think because I've taken so many math classes up to this point, I'm now somewhat curious as to how to mod things with respect to some polynomial. When I figure this out, it will be as if opening up a new area of exploration and operation. I'm naturally drawn to this part of the reading because it is so much like the other readings I've been doing for the last umpteen years. I guess I need to become accustomed to similarly looking at new cypher systems and terms so as to become equally curious as to how they work and fit together.
Section 4.5-4.8 Due 22 Sept 2010
1. I really had a hard time understanding the various "modes of operation" discussed in 4.5. It was interesting however to read them in the order they were presented. Each successive mode was described in manner showing how it improved on the previous one mentioned. However, I didn't feel like I understood a single one. Mostly I think this has to do with the fact that I still have trouble understanding a lot of the common vocabulary words that are thrown around a lot and a lot of the symbols that are used.
2. I thoroughly enjoyed the chapters on the history of DES and password protection and the like. They were a little more relatable to me. It was amazing to think about how decrypting technology improves right along with encrypting technology. It's almost as if the two are growing exponentially at the same rate. However, it seems as if decrypting technology is growing a little faster simply because it mentioned the drastic change in time it took to break DES on two different occasions about a year apart.
2. I thoroughly enjoyed the chapters on the history of DES and password protection and the like. They were a little more relatable to me. It was amazing to think about how decrypting technology improves right along with encrypting technology. It's almost as if the two are growing exponentially at the same rate. However, it seems as if decrypting technology is growing a little faster simply because it mentioned the drastic change in time it took to break DES on two different occasions about a year apart.
Sunday, September 19, 2010
Section 4.1, 4.2, 4.4 Due 20 Sept 2010
1. Whoa boy! There was so much technical stuff in these sections that most of it went over my head. Even on a second and third reading I was still having trouble following where they were going. I think I need to go back and really understand block ciphers. I understand bits just fine as far as binary arithmetic goes. However, I'm having trouble following all of the arithmetic they describe in the assigned sections. Also I get lost on some of the vocab they throw around. "Rounds" for example is a new word for me in this context. I also have a hard time with the idea behind encrypting the bits, using the key, and decrypting the bits.
2. Only one thing that I was really thinking about during the reading that I've thought about before: error detection. There are things instilled in the system to detect if things have been encrypted wrong. They use this in ISBNs for example. However, the thought occurred to me, What if there is an error in the error detecting? Shouldn't there be an error detector for the error detector? But then where do we stop with the error detecting?
2. Only one thing that I was really thinking about during the reading that I've thought about before: error detection. There are things instilled in the system to detect if things have been encrypted wrong. They use this in ISBNs for example. However, the thought occurred to me, What if there is an error in the error detecting? Shouldn't there be an error detector for the error detector? But then where do we stop with the error detecting?
Thursday, September 16, 2010
Section 2.9-2.11 due Sept 16 2010
1. The reading seemed pretty straightforward, but I always struggle with how to attack the various cyphers we look at. For the One-Time-Pad it seems to me the way of attacking it as explained was to generate random lines of bits of various lengths. My thought was that this seems like a very arbitrary way of attacking ANY sort of code. In addition, if this is the way of attacking, isn't it going to take FOREVER to randomly produce the key? Even with a computer it seems like this method would take a long time.
2. Upon reflection of the cryptosystems introduced in this reading, I thought about the high applicability in the world of computers. Encrypting bits is perfect for sending lots of information across cyber networks. Not only because that is how computers communicate information, but because, as mentioned above, it seems like computers would be the only practical way of attempting to crack the codes.
2. Upon reflection of the cryptosystems introduced in this reading, I thought about the high applicability in the world of computers. Encrypting bits is perfect for sending lots of information across cyber networks. Not only because that is how computers communicate information, but because, as mentioned above, it seems like computers would be the only practical way of attempting to crack the codes.
Wednesday, September 15, 2010
Breaking the code on Homework 3
This post is not required. However, I wanted to catalog my experience breaking the code given in Homework 3 and I figured, "What better place to do this than on my blog?"
I was given the following CODE to break:
I was given the following CODE to break:
TIFSYCUG YIVSCYIT B XBYUCFSLBY KCPJTIU TIFSYCUG
XYEHITTCEPBLT BU LIBTU URI ZEEJ EPIT TII URI MEYLJ JCHHIYIPULG URIG
FBPU MBLO CPUE B TUEYI MCURESU PEUCFCPZ REM URIG KCZRU TREXLCHU URIG
FBPU STI B FEKXSUIY MCURESU MEPJIYCPZ BNESU URI TIFSYCUG
DSLPIYBNCLCUCIT URIG FBPU DEUI MCURESU UYGCPZ UE HCZSYI ESU REM UE
DEUI UMCFI URIG QSTU FBPU RILX CU URCT OCPJ EH URCPOCPZ CT PEU
PBUSYBL HEY KETU XIEXLI CUT PEU PBUSYBL HEY IPZCPIIYT ZEEJ
IPZCPIIYCPZ CPDELDIT URCPOCPZ BNESU REM URCPZT FBP NI KBJI UE MEYO
URI TIFSYCUG KCPJTIU CPDELDIT URCPOCPZ BNESU REM URCPZT FBP NI KBJI
UE HBCL CU CPDELDIT URCPOCPZ LCOI BP BUUBFOIY BP BJDIYTBYG EY B
FYCKCPBL GES JEPU RBDI UE IAXLECU URI DSLPIYBNCLCUCIT GES HCPJ NSU
CH GES JEPU TII URI MEYLJ URBU MBG GESLL PIDIY PEUCFI KETU TIFSYCUG
XYENLIKTAs you can see, it makes little sense. I started examining it on paper, looking for multiple appearances of the same word, for example.I first noticed that the most frequent letter was U. I tried substituting the letter E in for U, but discovered that U wouldn't work because then UE would have to translate to a word with E as the first letter. There aren't very many good candidates for a word that begins with E. So I ruled out E going to U. Then I tried E going to the second most frequent letter: I. Making that substitution led me to notice that URI and URIG appeared pretty frequently. I figured that whatever words they represented, they had the first three letters in common. I looked up words that are four letters long, had E in the fourth position (and only in the fourth position) and in which the first three letters were also a word. I came up with a list of about 12 words, among them were THEN, THEY, THEM. I tried putting in the appropriate substitutions with THEN but found words that ended with TN. So I switched and tried THEY. It fixed the TN problem. I then noticed that TIFSYCUG would then translate back to TeFSYCty. I looked up words that were eight letters long and had e and ty in the appropriate positions. I found a list of six words, among SECURITY. I tried the appropriate substitutions and started to see other words appear. ATTACKER became apparent, followed by a long list of other words. As new words became apparent I finished decyphering them. The results led to more words. Eventually I decyphered the whole message, resulting in:
SECURITY REQUIRES A PARTICULAR MINDSET SECURITY
PROFESSIONALS AT LEAST THE GOOD ONES SEE THE WORLD DIFFERENTLY THEY
CANT WALK INTO A STORE WITHOUT NOTICING HOW THEY MIGHT SHOPLIFT THEY
CANT USE A COMPUTER WITHOUT WONDERING ABOUT THE SECURITY
VULNERABILITIES THEY CANT VOTE WITHOUT TRYING TO FIGURE OUT HOW TO
VOTE TWICE THEY JUST CANT HELP IT THIS KIND OF THINKING IS NOT
NATURAL FOR MOST PEOPLE ITS NOT NATURAL FOR ENGINEERS GOOD
ENGINEERING INVOLVES THINKING ABOUT HOW THINGS CAN BE MADE TO WORK
THE SECURITY MINDSET INVOLVES THINKING ABOUT HOW THINGS CAN BE MADE
TO FAIL IT INVOLVES THINKING LIKE AN ATTACKER AN ADVERSARY OR A
CRIMINAL YOU DONT HAVE TO EXPLOIT THE VULNERABILITIES YOU FIND BUT
IF YOU DONT SEE THE WORLD THAT WAY YOULL NEVER NOTICE MOST SECURITY
PROBLEMS
Tuesday, September 14, 2010
Section 3.8, 2.5-2.8 due 15 Sept 2010
1. Again the most difficult part of today's reading was following the mathematical steps specifically those involving matrices and vector multiplication. I know I know this stuff, it just takes a little longer to process than it used to. The part that really gets me is when it says things like "try various values [of n] until we find the right one." The problem I have is that this would be an efficient use of code-cracking time. At first thought, it seems like there are an awful lot of integers that could be tried until we "find the right one." What I'd like to know is how exactly and efficiently does one try new values of n until the right one is found.
2. I'm starting to worry about some of the future codes that we will have to break using some of these methods. As mentioned above, it seems as if the only methods we'll have is to essentially shoot in the dark until we find solution.
2. I'm starting to worry about some of the future codes that we will have to break using some of these methods. As mentioned above, it seems as if the only methods we'll have is to essentially shoot in the dark until we find solution.
Sunday, September 12, 2010
Section 2.3 due 13 Sept 2010
1. The first part of the explanation concerning the cracking of Vigenere makes a lot of sense. The part that was confusing was the mathematical explanation as to why it works. I understand the mathematical concepts behind the explanation. I think it was just all being thrown at me in quick succession, causing me to have a perplexed expression. However, I think a second, maybe a third reading with some scratch paper would solve this.
2. It's interesting to see how much math there actually is behind cipher breaking even when it comes to simple substitution methods and variations thereto. I knew that there was a lot of math behind ciphers, but I had no idea there would be so much behind substitution methods and solving them.
2. It's interesting to see how much math there actually is behind cipher breaking even when it comes to simple substitution methods and variations thereto. I knew that there was a lot of math behind ciphers, but I had no idea there would be so much behind substitution methods and solving them.
Saturday, September 11, 2010
Section 2.1-2.2, 2.4, Due 10 Sept 2010
1. The only real difficult thing about today's reading was the description of the last two attacks in each section, Chosen Plaintext, Chosen Ciphertext. I didn't quite understand what it meant when it said "Choose the letter a as the plaintext," and "Choose the letter A as ciphertext." Does this mean the decoder is to simply choose a letter and by doing so is able to crack the cipher? Or does this mean that the attacker only needs to know one letter of the corresponding text? The wording is throwing me off I guess. This was similar for both sections on substitution and affine ciphers.
2. The most interesting thing about the two ciphers is there different difficulties. As the text points out, the simple shift-substitution method only has 26 possible keys, so a brute force attack wouldn't be too hard. In contrast, the affine cipher has 312 possible keys, making a brute force attack much more un-realistic. However, it occurred to me that an individual still only needs one letter from the plaintext and its corresponding letter in the ciphertext. When even one letter is obtained, the rest of the text in either cipher method is easy to obtain through simple mathematical operations.
2. The most interesting thing about the two ciphers is there different difficulties. As the text points out, the simple shift-substitution method only has 26 possible keys, so a brute force attack wouldn't be too hard. In contrast, the affine cipher has 312 possible keys, making a brute force attack much more un-realistic. However, it occurred to me that an individual still only needs one letter from the plaintext and its corresponding letter in the ciphertext. When even one letter is obtained, the rest of the text in either cipher method is easy to obtain through simple mathematical operations.
Wednesday, September 8, 2010
Guest Speaker: "Codes and Ciphers in Mormon History," 8 Sept 2010
1. I didn't find anything overall about the guest speaker's material to be difficult. The only difficult thing I can imagine was not being able to view more of her slides and not being able to hear her commentary.
2. The most interesting part of the presentation was learning about the various things that can be considered codes or ciphers. Many of the things presented I have had prior experience with. It wasn't until the presentation that I considered them to be codes or ciphers. For example, the "unusual names" used in the Doctrine and Covenants. I have known about those for a while (a lifetime). It does make sense, though, to consider those to be a cipher of sorts. They achieve the same purpose and they fit under the "Code Words" category of cryptosystems, similar to using code words for various operations of the U.S. Military. Also, the Deseret Alphabet is another system I'm familiar with but have never considered it to be an authentic cryptosystem. This is somewhat ironic when I consider that my friends and used to use it to communicate when I was younger.
Another thing I noted upon further reflection of the presentation was the fact that most, if not all of the codes she presented came AFTER the time of Joseph Smith. Specifically, they seemed to appear right around the time of Brigham Young. I would like to learn more about the historical context of the various ciphers mentioned. The number of enemies of the Church were the same at both times. My immediate reaction would be to guess that the Saints at the time of Brigham Young need to communicate over longer distances by trusting those maybe not friendly to the Church to a more extent than was needed in the earlier days of the Church.
2. The most interesting part of the presentation was learning about the various things that can be considered codes or ciphers. Many of the things presented I have had prior experience with. It wasn't until the presentation that I considered them to be codes or ciphers. For example, the "unusual names" used in the Doctrine and Covenants. I have known about those for a while (a lifetime). It does make sense, though, to consider those to be a cipher of sorts. They achieve the same purpose and they fit under the "Code Words" category of cryptosystems, similar to using code words for various operations of the U.S. Military. Also, the Deseret Alphabet is another system I'm familiar with but have never considered it to be an authentic cryptosystem. This is somewhat ironic when I consider that my friends and used to use it to communicate when I was younger.
Another thing I noted upon further reflection of the presentation was the fact that most, if not all of the codes she presented came AFTER the time of Joseph Smith. Specifically, they seemed to appear right around the time of Brigham Young. I would like to learn more about the historical context of the various ciphers mentioned. The number of enemies of the Church were the same at both times. My immediate reaction would be to guess that the Saints at the time of Brigham Young need to communicate over longer distances by trusting those maybe not friendly to the Church to a more extent than was needed in the earlier days of the Church.
Thursday, September 2, 2010
Section 3.2, 3.3 Due on 3 Sept 2010
1. The most difficult part of the reading was grasping the idea of division with congruences. The actual act of dividing makes sense, the only trouble is to remember that you can divide both sides of the congruence sign only if a (the divisor) and n (the modulo) are relatively prime. This I must remember. I also must remember that if the gcd of a and an is greater than 1, I have to step back and examine a few things? If gcd(a,n) does not divide b, then there is no solution. If d does divide b then you can divide a and b by d but you must remember to divide n by d as well. Addition, subtraction, and multiplication all work just fine in congruences, it's division that I must remember. Even more so, fractions seem to be a hairy deal to mess with when working with congruences.
2. I think about congruences and how they relate to equalities. You can do some similar operations (as mentioned above) on both. It seems as if congruences modulo n package larger numbers down. I've taken Abstract Algebra, but we haven't really dealt with a whole lot of applications. I'm not a huge fan of applications, but I would be interested in pursuing a career as some sort of information analyst. I recognize that by using congruences, you can simplify a lot of information in such a way so as to make it easier to spot patterns and the like. I don't know exactly how, though.
2. I think about congruences and how they relate to equalities. You can do some similar operations (as mentioned above) on both. It seems as if congruences modulo n package larger numbers down. I've taken Abstract Algebra, but we haven't really dealt with a whole lot of applications. I'm not a huge fan of applications, but I would be interested in pursuing a career as some sort of information analyst. I recognize that by using congruences, you can simplify a lot of information in such a way so as to make it easier to spot patterns and the like. I don't know exactly how, though.
Subscribe to:
Posts (Atom)