Author Topic: 2 - Cryptography  (Read 20311 times)

Offline APX808

  • Administrator
  • *****
  • Posts: 1815
  • Karma: +10/-0
    • APX R4nt5
2 - Cryptography
« on: February 14, 2014, 08:48:29 AM »
2 - Cryptography

"It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics."
                                                                                                                                                                Bruce Schneier


Cryptography, Crypto for short, is the science or study of techniques used to secure communications from third parties,
that is done encrypting the messages in such a way that only those who have the right key will be able to decrypt them.

To encrypt a message some kind of mathematical operation, known as ‘cipher’, is applied that will turn it into something
unintelligible until it’s decrypted using the right key.

In the past those ciphers were replacing certain characters by others using a pre established displacement, for instance
‘ROT13’ added 13 to each letter, or the ‘Caesarian Shift’ that allowed to add any value. You can see more of these simple
methods HERE

The problem with those simple methods is that third parties could very easily discover the key and thus the message
analysing the structure, length and character distribution of it.
The science and study of the techniques to understand and decipher encrypted messages without the corresponding key is
called  ‘Cryptanalysis’.

The strength of a cipher is due the underlying math and the use of extremely big numbers, the best mathematicians in the
world work creating new algorithms and analysing existing ones looking for weaknesses, so forget about creating new
ciphers, just use the ones that have demonstrated to be secure during years of use.

Symmetric and Public-key ciphers

Symmetric ciphers
A symmetric cipher is one that uses the same key both for encrypting and decrypting a message. Some examples are DES,
AES or Blowfish.
Sometime you’ll see the algorithm accompanied by a number, for instance AES-192 or AES-256 the number specifies the
length of the key in bits, so AES-256 would use keys of 256 bits in length.

A bit is the minimal unit of information you can store in a digital device, it represents a 1 or a 0. A computer can represent a
character using 8 bits, so using 256 bits would be like having a 32 characters key. This is an oversimplification, but just to give
you an idea of the key sizes.
Increasing the key sizes makes the possible combinations grow exponentially, each extra bit duplicates the amount of
possible combinations.

Public-Key ciphers
The problem with symmetric ciphers is that you need a secure way to exchange the key used to encrypt the messages, and
that key should be changed often to avoid it being compromised.

Public key cryptography works using two different keys, in reality two parts of the same one. One is the “private key”, that
key is never shared with anyone, and will be used by its owner to decrypt the messages received and sign messages.
The other is the “public key” that should be widely distributed and it will be used to encrypt messages that just the owner of
the private key will be able to decipher, it also can be used to validate a digital signature.

Public key ciphers are also known as asymmetric ciphers.

In 1978 Ron Rivest, Adi Shamir and Leonard Adleman from the MIT published the first publicly available asymmetric cipher,
called RSA.

RSA is based on factoring extremely big prime numbers, problem that is extremely time consuming and impossible to solve in a
reasonable time lapse with current technology, quick calculations suggest that brute forcing it would take more time than the
age of the universe.

Since 2004 asymmetric ciphers started using Elliptic curve mathematical problems instead of prime factorization, the
advantage is that they provide the same level of security but using way smaller key sizes, reducing the computational cost
required when the right key is available but still being impossible to solve without it.

Hybrid ciphers
Public key ciphers computational cost is very high so working with big messages would take a lot of time or be prohibitive,
that’s why hybrid cyphers were created.

In an hybrid cipher the message is encrypted using a symmetric cipher and the key used is then encrypted with a public key
cipher.

Hash functions

A Hash is function that given an input of any size will generate a fixed length output, called digest. They are not ciphers
because they are only one way, there is no reverse operation that given a hash will give the original input.

A hash also has as characteristic that a minimal change in the input will produce substantial changes in the output, they have
an even distribution and is almost impossible to have collisions, that is that two different inputs will generate the same
output, so if two inputs have the same digest you can be sure they are equals.

Examples of hash functions can be MD5, SHA-1 or SHA-256.

Cryptographic signatures rely on hashes to be sure that the message isn’t modified, we will talk about this with more detail
later.

There are many other uses of hash functions, one key use is to store passwords, so even if some attacker can read it, he
won’t be able to know it without having to brute-force all the possible combinations, task that could be extremely time
consuming and if the password is strong impossible with current technology.

Cryptography practice

Crypto relies heavily on math, you don’t really need to understand it very well, I don’t, but is nice to have an idea of the
principles behind it.

The practice for this week is to take a “Journey into cryptography” by the Khan Academy, they have many short videos where
they will explain in more depth and better than I would what is cryptography and the principles behind it.

It would be nice if you finish at least until the “Modern Cryptography” section. If you complete the journey until that point
you’ll learn about ancient cryptosystems, how the enigma machine worked, what is a prime number, how RSA works and a lot
more.

If you’re feeling really motivated and decide to continue past that point you’ll start delving into more details of the
mathematical principles that make crypto possible.

Some lessons include programming problems, if you want to try them better, if you don’t don’t worry, just watch the lessons
and that will be more than enough for our goals.

Next Friday we will learn about PGP/GPG and start using it to encrypt our messages.

To start the journey into cryptography follow this link:
https://en.khanacademy.org/math/applied-math/cryptography

Offline pkveazey

  • Hardcore Prepper
  • ******
  • Posts: 2385
  • Karma: +5/-1
Re: 2 - Cryptography
« Reply #1 on: April 10, 2018, 01:22:17 AM »
I have created several codes that, for obvious reasons, I won't disclose. They are all original and therefore will be extremely difficult to figure out. I plan to use them when communicating sensitive information to family and friends. I will use one code today and shift to a second code tomorrow. Then shift to a third code the next day. Only those people who can figure out the code will know on which day of the week a particular code will be used. One of my codes is in plain text but the words mean something entirely different. It will make perfect sense when read but will not mean what it says. Unimportant messages will be sent in the clear and that will confuse interceptors because they won't know what is in the clear and what is coded. The Nimrods will then spend time trying to break the code of a non coded message. I'm a sneaky SOB.

Offline Kbop

  • Hardcore Prepper
  • ******
  • Posts: 1824
  • Karma: +10/-0
Re: 2 - Cryptography
« Reply #2 on: April 10, 2018, 06:55:44 AM »
good subject APX808
good COMSEC Pkveazey!

Offline pkveazey

  • Hardcore Prepper
  • ******
  • Posts: 2385
  • Karma: +5/-1
Re: 2 - Cryptography
« Reply #3 on: April 17, 2018, 02:58:14 AM »
I thought I'd add another comment about codes. If you are going to create your own code and you are going to use some form of substitutions, just remember that code breakers depend heavily on short words to crack a code. If they see a one letter word, that's probably an I or and A or a number less than 10. If they see a two letter word, that is also limited and is probably an, it, on, of, to, be, at, or, no. Notice that most of the two letter words have an O in them. That helps the code breaker. By the time you get to 3 letter words, the number of possibilities starts to explode but the 1 and 2 letter words have given the code breaker an edge on figuring out the letters. They also heavily depend on the letters that are most often used, like E, I, and A. You can blow their minds by throwing in a ton of extra E's, I's, and A's randomly in the message. On one letter words, you can camo them by putting extra letters on each side. For instance "I" would be something like MIM, or TIT, GIG, or BIB. Spelling words phonetically also throws things off. You might spell TRUCK as TRUK or TONGUE as TUNG. Since TRUK is also coded and misspelled as a phonic, it just adds more confusion. My codes take all of the above into consideration but are far more complex than what I've shown above. Computers can break any NUMBERS BASED CODE in about 5 minutes so don't create a numbers based code. Another thing is that most other languages are worded backwards from English. We would say "I am going to the store", but when translating the same message in another language the words would be "Going to the store I am". Just word things the way YODA would. Finished, I am.

Offline JoJo

  • Hardcore Prepper
  • ******
  • Posts: 2485
  • Karma: +8/-0
Re: 2 - Cryptography
« Reply #4 on: April 17, 2018, 10:47:24 AM »
PK,  I am no wheres near a cryptographer but I love to do cryptograms and I use the system you mention exactly.  Also sometimes three letter words that are used multiple times in a paragraph are THE, AND and YOU
In principle, no less than in practice, socialism is the ideology of thieves and tyrants.

Offline pkveazey

  • Hardcore Prepper
  • ******
  • Posts: 2385
  • Karma: +5/-1
Re: 2 - Cryptography
« Reply #5 on: April 17, 2018, 03:20:21 PM »
PK,  I am no wheres near a cryptographer but I love to do cryptograms and I use the system you mention exactly.  Also sometimes three letter words that are used multiple times in a paragraph are THE, AND and YOU
.   

Yep... If you aren't creative and think about how to befuddle the enemy, you're screwed. The one thing that I constantly have to remind myself is that no matter how smart I am, somebody is probably stubborn enough to keep trying and will eventually break my codes.

Offline bennington.camper

  • Prepper
  • ***
  • Posts: 125
  • Karma: +0/-0
Re: 2 - Cryptography
« Reply #6 on: April 17, 2018, 08:05:34 PM »
And of course the intended application should dictate the complexity of the system.
For instance, if SHTF and all you are trying to do is limit comprehension of time sensitive information like, 'I'm going to the store now', the code used could be simple and easy to understand by the involved parties. It's purpose is limited in intent, as the time to decode may be longer than the information has value.

Offline pkveazey

  • Hardcore Prepper
  • ******
  • Posts: 2385
  • Karma: +5/-1
Re: 2 - Cryptography
« Reply #7 on: April 18, 2018, 12:22:48 AM »
Camper is absolutely right. Don't waste a good complex code on immediate actions. Use it on long term actions that might be next week or even next month.

Offline pkveazey

  • Hardcore Prepper
  • ******
  • Posts: 2385
  • Karma: +5/-1
Re: 2 - Cryptography
« Reply #8 on: February 28, 2023, 06:50:21 AM »
This post has quite a bit of age on it but I thought I might add a simple code that I call the "LIARS CODE". Let's say you radioed someone to meet you at the North end of Jones' bridge at 12 o'clock midnight and come alone. Then, your message would really mean for someone to meet you at the South end of Jones' bridge at 12 o'clock noon and not come alone. Then if the message is intercepted then they would end up at the wrong location, be 12 hours late, and expect just 2 people to show up. Then when nobody showed up at that time and place, they would start suspecting that they had a rat in their organization and they wouldn't trust their own people. Another good one would be something like this. We have plenty of Food, Water, Gasoline and Ammo. Do not bring any of those items. Obviously, it would mean that you need all those items.
« Last Edit: February 28, 2023, 06:57:34 AM by pkveazey »

Offline JohnyMac

  • Administrator
  • *****
  • Posts: 15155
  • Karma: +23/-0
Re: 2 - Cryptography
« Reply #9 on: February 28, 2023, 10:15:58 AM »
This is a form of a Brevity code.  ;)
Keep abreast of J6 arrestees at https://americangulag.org/ Donate if you can for their defense.