Home‎ > ‎

Crypto Cramming

Objective

Introduce some general concepts in cryptography and how encryption on the Internet works.

Materials

Mandatory
  • Many printouts of the Caesar substitution cipher.
  • Lots of white paper and markers (to write messages in plaintext and ciphertext)
  • 1 box
  • 2 locks and keys; these work well.
  • Ethernet cable(s)
Optional
  • Character costumes and props:
    • 1.) Julius Caesar, Roman generals, Roman slave, enemy spy
    • 2.) black hats for curious "man-in-the-middle" computers
  • Crypto "cookie" snacks to pass out

Exercise

0.) Introduction

Facilitator: "Why is being able to send secret messages important?"


Talk through examples, and have some ready:
  • You might want to sharing a secret message (e.g. email) with a friend or family member
  • When you buy something online, you have to provide your credit card number. You don't want bad hackers to steal the number!
  • Some people might want to talk to others without worrying that an evil president or government will put you in jail or kill you for something you say (this really happens).


Facilitator: "For thousands of years secret messages were being sent for many reasons: for exchanging secret love notes, to direct generals in times of war, or to conduct secret negotiations between countries."

1.) History of Cryptography and Classical Ciphers

Facilitator: "Who was Julius Caesar?

Julius Caesar (100 BC - 44 BC) was a famous Roman military general, consul (similar to a president) and eventual dictator of the Roman Empire. He was a very effective miltary general, quickly gained the respect and honor from his army, and considered alongside Pompey as the greatest general in the Roman army.

The first well known example of cryptography was used by Julius Caesar in ~58 B.C. to keep messages he wanted to send to his generals secret. Caesar would use encryption, which is a technique that uses math to transform information in a way that makes it unreadable to anyone except those with special knowledge, usually referred to as a "key":

Plaintext message + Encryption algorithm + Key = Ciphertext (i.e. scrambled message)
Decryption algorithm + Key + ciphertext  = Plaintext Message

The way Caesar would encrypt messages was by replacing each letter with the letter that was shifted by a certain place. This is called a substitution cipher, or is also known as Caesar's cipher.

Let's say that Caesar wanted to send a message to his generals. First, he would need to make sure that all of his generals had the key to decrypt the message."


Pass out Caesar cipher handouts to the audience, telling them they are generals in Caesar's army.


Facilitator: "Once Caesar knew that his generals had the knowledge to decrypt the message, he'd ask his slave to encrypt the message and then send the message out."


Have the slave whisper into the ear of Caesar the encrypted message and show the ciphertext to the audience. Then have the slave walk over to the general and deliver the message.


Facilitator: "Since the general has the substitution cipher map, she can decrypt the message."


Have the general decrypt the message and show the plaintext to the audience.


Facilitator: "Let's say that Caesar wants to send another message to his generals to change his plan of attack."


Have the slave return and encrypt another message for Caesar.


Facilitator: "What happens if a spy captures the slave and gets the message?"


Go through ways that the spy could decrypt the message:
  • The spy can learn what the substitution is.
  • Letter frequency analysis of the language.


Facilitator: "This cipher was used for hundreds of years by military leaders, but the weaknesses were published 800 years later by a mathematician named Al-Kindi. He realized that most languages have a certain constant frequency of their letter distribution. For example, if you scan all the text of a book in English, you'll notice that there are a lot of As and Ex, but very few Xs. You can think of this as a fingerprint for English, which you leave behind when you communicate without even realizing it! This is a valuable clue for a code breaker. You can figure out the distribution of letters in the ciphertext and try to determine the shift from the real alphabet.

Thankfully, encryption algorithms got much stronger than the Caesar cipher over time."


Optional: Give kids a message to decrypt as an exercise. Sample here.

2.) Encryption on the Internet

Facilitator: "Do you know how the Internet works? The internet is a bunch of computers connected together in a network. Let’s build something that works like the Internet."


Ask for volunteers to create the Internet.  You need at least 2 volunteers to be endpoint users, and everyone else can be a router between the users.

Ask everyone to hold onto the ethernet cable(s) that makes the Internet connected.

A.) Passing information on the Internet

Facilitator: "When you want to pass information on the Internet, it gets sent along the network by all of the computer routers in between. Let’s say that Alice wants to send Bob a message."


Ask Alice to write a message on a piece of paper.


Facilitator: "Alice wants Bob to know that the message is from her, so she should include her signature too."


Ask Alice to write her signature on the paper and send the message through the routers to Bob.
Have Bob read the message out loud and demonstrate that it’s from Alice because she signed.

B.) Man in the Middle Attacks

Facilitator: "There’s a problem with the Internet. There are some very curious people on the Internet that might try to read or mess up messages."


Put a black hat on one of the routers. Ask Bob to write a message to Alice and send it back. Ask one black hat to look at the message.


Facilitator: "So, what can this curious blackhat do?"


Go over the potential Man-in-the-middle attacks:
  • Read the message
  • Tamper with the message
  • Forge the signature.


C.) Encryption with Asymmetric Keys 

Facilitator: "What if Alice or Bob want to write each other a secret message that only they can read? What can we do to keep the message secret?"


Hopefully someone suggests putting it in a box.


Facilitator: "What are some problems with just putting it in a box? ... Putting it in a box is not enough, we need to lock it with a key."


Bring the message back to Bob and have him lock the box and send it back to Alice.


Facilitator: "Now the curious blackhat can’t open the box… but neither can Alice! What can they do?"


Facilitate possible solutions, considering the following:
  • Order of sending box and key
  • ACK that message was received. 


Facilitator: "This solved the problem for one message - Bob can send a message to Alice and keep it secret, make sure no one change it, and Alice knows it’s from Bob… but once Bob sends his key, he can’t send any more messages or lock any more boxes. How can we solve this without sending the key?"


Bring out another lock and key and offer that to use.


Facilitator: "If we have two locks and two keys, we can keep sending messages between two people. As we see, it’s a little bit tiring and slow for both Alice and Bob to have to keep locking and unlocking the boxes, so it would be nice if there was a way for them to secretly create an identical key that only they have to use. If you want to learn how to do this, stick around for the next exercise!

Additional References

  • https://www.khanacademy.org/computing/computer-science/cryptography