Warning
This chapter is still in development
Warning
This chapter hasn’t been written yet, but in the meantime there is a lesson plan that covers the material available from the NZACDITT site. The content of this chapter will mainly support this lesson plan.
Note
For teachers
This chapter supports the encoding part of the NZ achievement standard AS91074 (2.44).
Note
For teachers
This section provides an introduction to the idea of encryption, using a very simple simple algorithm called Caesar Cipher. While Caesar Cipher is no longer used in practice, it is still very useful as a teaching tool for illustrating the basic ideas and terminology in encryption. It is recommended that all students working on 2.44 work through the material in this section in order to satisfy the achieved requirements for encryption (part of the encoding bullet point). To satisfy the full requirements for the encoding achieved bullet point, they should include simple examples of compression and error control as well (check the relevant chapters for ideas).
[Need to mention that it does go a little beyond the achieved requirements, but that we still recommend working through it all, except for the advanced bit at the end].
Teachers notes assume an understanding of the jargon used in encryption. Jargon buster boxes are used throughout this section for both teachers and students, as encryption is a topic that seems to have attracted a lot of jargon!!!
Please note that this section is not suitable for the merit/ excellence requirements for encoding. For these requirements students need to do a more advanced project on either compression, error control coding, or encryption that discusses and evaluates how a widely used technology i enabled by techniques from at least one of those 3 topics, whereas this section just focuses on a very simple algorithm that could be used for encryption (and is not used in practice). If they choose encryption to focus on for merit/ excellence, then later sections give ideas on how they could go about this.
For these activities, you will need to have pen and paper in front of you as you will need to do a lot of working to figure out the answers in this section.
Working in a group with 1 or 2 of your classmates (or by yourself if nobody else is around), can you figure out what the following message, encrypted with a simple cipher, says?
DRO BOCMEO WSCCSYX GSVV ECO K ROVSMYZDOB, KBBSFSXQ KD XYYX DYWYBBYG. LO BOKNI DY LBOKU YED KC CYYX KC IYE ROKB DRBOO LVKCDC YX K GRSCDVO. S’VV LO GOKBSXQ K BON KBWLKXN.
- What techniques did your group use to decipher the message?
- If you haven’t already, write out each letter in the alphabet, and then the letter that it corresponds to in the cipher (for the ones that are known, i.e. actually were in the cipher). Can you see a pattern?
- Why wouldn’t you be happy to use this cipher method for a secret you’d never want anybody else finding out?
The code deciphered is:
THE RESCUE MISSION WILL USE A HELICOPTER,
ARRIVING AT NOON TOMORROW.
BE READY TO BREAK OUT AS SOON
AS YOU HEAR THREE
BLASTS ON A WHISTLE.
I'LL BE WEARING A RED ARMBAND.
Some of the techniques that students might have used include;
- Looking for interesting letter patterns. For example, the word “S’VV” in the cipher text. There aren’t that many contractions (words shortened with an apostrophe) in the english language, much less ones that have the last 2 letters the same.
- Looking at one letter words. Generally they’ll be “A” or “I”.
- As they figure out which letters in the cipher text correspond to which letters in the plain text, they should have been making a list of what they’d figured out, and looking at other words in the cipher text using those same letters.
- Looking for letters in the cipher text that seem to appear a lot; these are likely to correspond to common letters in the english alphabet.
- Looking at letters that DIDN’T appear (perhaps they correspond to letters like Q and Z),
This list is incomplete, and was just intended to give an idea of the kind of things students should be thinking about. Essentially, it is a problem solving task that requires a bit of thinking on their part.
Because this message should have (hopefully!) only taken them a few minutes to decode, they should recognise that it is not a very good way of encrypting a message, meaning that they probably wouldn’t want to use it themselves for messages that they really don’t want other people reading! By identifying the techniques they used to break the cipher just before, they should have some understanding of why this cipher is not a good one to use in practice!!!
When they wrote out the alphabet, they should have gotten the following (Note that some letters aren’t filled in, as they never appeared in the cipher text or plain text)
.. code-block:: none
A -
B - R
C - S
D - T
E - U
F - V
G - W
H -
I - Y
J -
K - A
L - B
M - C
N - D
O - E
P -
Q - G
R - H
S - I
T -
U - K
V - L
W - M
X - N
Y - O
Z - P
After writing out this list, students may realise that there is a pattern in how letters in the cipher text correspond to letters in the plain text, when they wrote out the alphabet with the plain text versions alongside it.Specifically, each letter in the cipher text corresponds to the letter 10 places earlier in the alphabet than the one in the plain text.
You may have realised that there was a pattern in how letters from the original message corresponded to letters in the decoded one. A letter in the original message is decoded to the letter that is 10 places before it in the alphabet. The conversion table you drew should have clearly illustrated this (alphabet with letters of the cipher text, with the letters of the plain text alongside them).
To figure out a message that is using this Caesar Cipher, you actually only need to work out what one of the corresponding letters is, and then use that to calculate what the rotation is, and then generate the conversion table for what the rest of the corresponding letters must be. Once you have your conversion table, you can easily convert the encrypted message back to a plain english one that you can read.
If for example you identify that the letter “Y” in the encrypted message is in place of the letter “R”, you can calculate the rotation by working out how many places R is before Y in the alphabet (it might help to write the alphabet out on a piece of paper so that you can count the places, as saying the alphabet backwards is quite challenging for most people!). As R is 7 places before Y, this means that the rotation for this cipher must be 7. You should be able to convert all letters in the encrypted message to an understandable message by subtracting 7 from them. The quickest way of going about this though would be to write out a conversion table like described above.
Now that you have seen some basic ideas in encryption, it is time to get some of the terminology out of the way. The message that you were originally given, that you had to try and decode, is called ciphertext. The message that is in plain text, that you got by decoding the ciphertext is called plaintext. The rotation that the cipher was using is know as the key. It is what you need to convert the ciphertext back to the plaintext.
Taking advantage of the idea that you only need to figure out 1 letter to decide, can you figure out what this message says? Which letter is the best one to try and guess? Why? What was the rotation? You may make a few incorrect guesses before figuring it out, so be prepared for that! Once you think you know what one of the letters in the cipher text might correspond to in the plain text, work out what the rotation is, and then write out the conversions for that rotation and decode the first bit of the message using that conversion table to see whether or not it makes sense. If the first few words seem to be meaningless, then that rotation is probably not the correct one. P OVWL AOPZ TLZZHNL DHZ UVA AVV KPMMPJBSA MVY FVB!
Note
For teachers The message is “I HOPE THIS MESSAGE WAS NOT TOO DIFFICULT FOR YOU!” The sensible way for students to approach it would have been to look at the first word as it only contains one letter, so is very likely to be either “I” or “A”. They should have written out the corresponding letters for each of these possibilities, and checked which lead to a meaningful message. The rotation being used is 7.
Now that you know how to decipher a message that is using Caesar Cipher without actually knowing the key, you should be able to see that it would be very easy to decipher a message if you know the key. The following message was encrypted using a rotation of 6. Generate the conversion table for a rotation of 6. This should allow you to easily decipher the following message. What does the message say? (Only use the conversion table to figure it out!) ZNK WAOIQ HXUCT LUD PASVY UBKX ZNK RGFE JUM.
Note
For teachers The message is “THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG”
It shouldn’t be too difficult to see how a message can be encrypted using Caesar Cipher. Previously, you were generating conversion tables that converted from the cipher text to the plain text. In a very similar way, you can generate conversion tables that convert from the plain text to the cipher text. The only difference is that instead of subtracting the rotation, you are adding it. i.e. if the rotation was 5, then the letter “H” in the plain text would go to the letter that is 5 places forward in the alphabet, which is “M”.
Using a rotation of 3, generate a conversion table, and then the cipher text, for the following message. “HOW ARE YOU”.
Note
For teachers The correct answer is “KRZ DUH BRX”. If students subtracted instead of added in their conversion table they will end up with “ELT XOB VLR”, which is incorrect.
Now that all that is out of the way, you can encrypt your own messages (assuming it doesn’t matter too much if somebody deciphers them, as you saw above, this is not a very secure cipher!). Decide on a message to encrypt, and a rotation. Generate a conversion table, and then encrypt your message.
If a friend is also doing this activity, once you have your encrypted message you could give them the ciphertext and the rotation key (and get them to give you theirs), and see if you can decrypt one anothers messages (remember to generate a conversion table).
This idea of giving somebody else your message raises another interesting idea in encryption. The ciphertext itself could be passed indirectly to the friend through other classmates. If for example you are both sitting at opposite ends of the classroom, you could get your other classmates to pass it along until it gets to your friend it is intended for. As long as the key isn’t also written on the piece of paper, the message should be safe from being read by the others (not entirely true given how weak Caesar Cipher is, although at the very least somebody who wanted to read it would have to figure out the key first!). This is very similar to when passing messages through a network (e.g. the internet when you send an email), anybody could potentially read the message while it is in the network, so you want to ensure they can’t understand it!
However, transferring the key is a different story. If you also got the key to your friend by passing it through your classmates, they could use the key to read your message! Remember the key is the thing that tells you how to convert the ciphertext back to plaintext. So obviously you can’t send the key across the classroom, you would have to find a better way, such as going up to them and telling them what it is without letting anybody else see or hear.
This however can cause problems if the two people wanting to secretly communicate are on the other side of the world! It is no longer practical to quietly go up to the other person, and just like passing the key across the classroom would be a bad idea, it would also be a bad idea to pass it through the internet unencrypted. You might say why not just encrypt the key, but then how will you encrypt the key? You will need to tell them the key that was used to encrypt it... and so on... this idea is definitely out!
Computer scientists have however come up with some very clever solutions to this problem, which we will look at in later sections.
While Caesar Cipher was once used in practice, it is no longer used and instead ciphers which are much more difficult to break are used instead. These are very complicated to understand, so the details of them are not covered here.
[an area that is worth knowing about, including activities/exercises to explore it, and guidance for teachers (possibly to be separated) on how to help students use this topic for A/M/E
[an area that is worth knowing about, including activities/exercises to explore it, and guidance for teachers (possibly to be separated) on how to help students use this topic for A/M/E
Key exchange? ===================================================== (I think unplugged covers this, and there are a few different techniques that can be used, and that would be understandable)
[an area that is worth knowing about, including activities/exercises to explore it, and guidance for teachers (possibly to be separated) on how to help students use this topic for A/M/E
[explain where the material above has oversimplified things, and if there are any well-known concepts or techniques that have been deliberately left out because they are too complex for this age group. This may include things that require advanced maths, advanced programming, or things where students have seen the problem but not a thorough solution]
- Develop javascript/html apps for topic, ideas?
- http://crypto.stanford.edu/sjcl/ can do encryption in browser (use for demo)
- extensive review of ideas in mae54_CS_Education_project_submission__Developing_a_Teacher_Resource_for_Achievement_Standard_2.44 - some ideas in cosc433 project by sal127
- ideas at https://docs.google.com/file/d/0B60yN79VbSzTMDY2ZWM0ZWYtOGQwNS00N2FhLTg5YmItYjljYjA4YzJiYjE1/edit?hl=en_US
- Some protocols, ideas in 1) Ross Anderson, Security Engineering, 2nd Eds, Wiley. 2) William Stallings and Lawrie Brown, Computer Security: Principles and Practice, 2nd Eds.
- store passwords using hash (e.g. MD5 in Python or available online, or JS applet?) Try to crack passwords from a set of MD5 keys (use common password names).
- man in the middle attack (mig in the middle, middle person, playing chess)
- Hromkovic Algorithmic adventures chapter 7
- articles in cs4fn http://www.cs4fn.org/security/crypto/, including statistical attack leading to beheading: http://www.cs4fn.org/security/beheading/secrets1.html
- part V of the Unplugged book introduces cryptography
- http://www.i-programmer.info/babbages-bag/271-public-key-encryption.html
- illustrate PKS with combination lock being distributed
- http://en.wikipedia.org/wiki/Public_key_cryptosystem#A_postal_analogy illustration
- a film about ciphers that contains hidden ciphers: http://www.thomasbealecipher.com/
- some good sections in chapter 14-20 of Algorithms Unplugged (Vocking et al) - further reading
- showing a worked version of the unplugged kid crypto exercise woud be a solid project
- http://nrich.maths.org/7081 code breaking challenges
- Caesar http://translate.googleusercontent.com/translate_c?depth=1&hl=en&rurl=translate.google.com.hk&sl=de&tl=en&u=http://www.matheprisma.uni-wuppertal.de/Module/Caesar/index.htm&usg=ALkJrhj5PoZFbj5SwKZ9t2l1oms0WXO5ig
- DES http://translate.googleusercontent.com/translate_c?depth=1&hl=en&rurl=translate.google.com.hk&sl=de&tl=en&u=http://www.matheprisma.uni-wuppertal.de/Module/DES/index.htm&usg=ALkJrhiWFCVb6kVo9Cei3ILi_T1MGBgXAw
- http://en.wikipedia.org/wiki/Key_size
- video showing key exchange problem done well http://securitycertificate.net/2010/10/ssl-explained/
- sal127 lesson plan for encryption
- http://dinoonline.net/SecurityTools/SecurityTools.html
- http://www.nsf.gov/cise/csbytes/newsletter/vol2/vol2i7.html