Encoding and encryption Overview of encodings and ciphers in real life Juraj Vančo 93. prístav vodných skautov a skautiek Tortuga Trenčín Sep 2013
Agenda Encoding and encryption Encodings in real life Morse code – Where to find – Q codes – QSL SSL encryption Digital signature
Encoding and encryption Encoding – procedure with goal to change information to be easier in practise – every information needed to proceed is available for everyone – example: Morse code Encryption – procedure with goal to hide information that cannot be read from those who do not have the knowledge how to extract (decrypt) the useful information – example: private translation table
Encodings in real life Pictograms, abbreviations with the only meaning Morse code – Where? Telegraph + air communication: aviation, navy, HAM radio – Information: table + procedure Lossless compression / decompression (LZHA = zip, gzip, bzip, rar) (information accumulation) – Information: procedure = algorithm encodings with base64 algorithm – Information: procedure = algorithm
Morse code What for? Frequency band and filtering Timing encrypted – Consequences: messaging (transmitting) procedure can take much time compared to speech => issues with oscillators characteristics bias in time Solution: timing as fast as human can (200 letters / min) Solution: using Q-codes (encodings) Dots and lines? No use case in real life… Replacement: phone (codes and spelling alphabet)
Q codes 3 letters codes replacing more complex information Examples: – QSL – QTH – QSO – QRA – QRL
Example of QSO »QRL? »CQ CQ CQ de OM4ATN «OM4ATN de HB9ASD K »HB9ASD de OM4ATN TNX FER QSO QTH QTH TRENCIN RST 577 NAME JURAJ PSE QSL K «OM4ATN de HB9ASD TNX UR RST 599 QTH QTH GENEVA NAME JEAN WX CLOUDY PSE UR WX UR WX K »HB9ASD DE OM4ATN TNX FER QSL WX WX SUNNY 23C K «OM4ATN DE HB9ASD R R OK DR JURAJ TNX CU K »HB9ASD DE OM4ATN TNX CU SK
Encryption in real life Private translation table (can have additional key= shift etc.) Code Navaho (table= key) Security = Privacy, Integrity, Authentication Symmetric and asymmetric encryption algorithms (AES, DES, 3DES, DSA, RSA…)- (known algorithm, unknown key) Challenge: decrypt! – Scouting: messages that are “easy” to decrypt but take time (“4 ohne, Boj o poklad kapitána pirátov”) – IT- compute power: bunch of methods => easy to find the translation – Algorithm based encryption= no key= vulnerable algorithm – Key based= algorithm is known= find the key (brutal force attack)
Encryption: symmetric and asymmetric Keys: both must know the key, how to?
Authentication: certificates & PKI
Example of certificate #1
Example of certificate #2
Example of certificate #3
Digital signature Hash = Digitally encoded „abstract“ – integrity number, no real information inside Digital signature = hash + certificate
Other risks Unsecured WiFi network Running untrusted software without certification (Windows) – Use sigverif.exe in Windows command prompt Unknown hardware – Keyboards, computers, fingerprint scanners…
Q & A Thanks for watching