Posts Tagged ‘Cryptography’

Encrypt All The Things

I am a security guy, and my profession is to protect the good guys – all of you – from the bad guys. Although the world is not full of bad guys, there are a lot of them, and the funny thing about information security is that the most poorly-skilled bad guy out there only has to wait for one smart person to “hack” something, and then everybody can do it regardless of skill level. That’s why, as Bruce Schneier says, “Attacks always get better, they never get worse”. It is for this reason that I am firmly on the side of Apple, because no matter who comes up with the attack, be it the FBI for ostensibly good reasons, or a hacker for all the wrong reasons, those attacks quickly spread to everybody, and put everybody at risk.

Read the rest of this entry »

Crypto 1

I’ve been taking my first MOOC via Coursera, Crypto 1, taught by Dan Boneh. I’ve just finished up the final, and it’s been a fantastic experience, something I’d recommend to anybody with an interest in the subject.

This course is more about theory that how to implement crypto in the real world, but the theory is very important and shows exactly what drives a lot of the implementation decisions that implementations make. A lot of people think that MOOCs are easy classes, and this one is certainly not: it’s a fairly technical course, full of things like number theory, but it it doesn’t require a deep mathematics background. It also doesn’t require any programming knowledge, but if you do code, there are a number of extra credit assignments where you can put what you learn into practice, doing cool things like breaking RSA. It’s programming-language agnostic, but the examples are all written in Python so I used this course to try to pick it up, and managed to complete all of the programming assignments.

Crypto 1 focuses on symmetric-key crypto and hashes, with some asymmetric thrown in at the end. There is a sequel to this course, Crypto 2, which focuses more on asymmetric-key crypto. I’ll take that one eventually. I’m also going to go through the Coursera catalog and see what other interesting things I can take. Sure, I don’t get official credit, but I love learning.

Breaking Encryption

The big news today is that the NSA has “broken” much internet encryption. Details are scarce, and comments are plentiful, but it’s important to understand at a high level what it means to “break” encryption. There are essentially three ways to “break” encryption, and they all mean different things.

Read the rest of this entry »