Encrypt Your Email and Hard Drive:
A Practical and Mathematical Introduction to
Protecting Your Data from Criminals and Surveillance

When: 2 December 2015, 2:30-3:30pm
Where: GCB 110
Who:
[is presenting:]
Jonathan Poritz [a CSU-P math faculty who also has a sordid past career doing crypto and IT security]
Who:
[should come:]
Students, faculty, staff, and community members interested in protecting their digital lives
What: The Math and Physics Club of CSU-Pueblo brings you this very practical (and, ok, somewhat mathematical, because that's who we are) introduction to using encryption to protect your data both when it is standing still on your computer and when it is in flight over the Internet, such as in an email.
BONUS: First seventeen attendees get a free DVD of security software!

 


ATTENTION: If you are one of the ones who took an installation DVD from the end of this presentation when it happened at CSU-P, here is a word of advice: Please contact me before trying to install the software on that DVD! The software is great, powerful, and fun, and you can easily try it out without installing it. But before you install, if you think you will want to, there are couple of things I should tell you so that you don't loose any data you already have on whatever machine you are using.


Purpose

  1. This is an event of the Math and Physics Club. Please join! Contact club president Chris San Miguel, Cl.sanmiguel@pack.csupueblo.edu for information. Future M&P Club events may include:
  2. My Math 207 students asked for this.
  3. Dialogue overheard at the beginning of my Math 307 class a few weeks ago:
    Student A [a math major with secondary ed emphasis]:
    What's your major? I don't see you at any meetings....
    Student B [a plain math major]:
    Math.
    Student A:
    Just "math", not "math ed"?
    Student B:
    Yup.
    Student A:
    What are you going to do with that?
    One response would be that many of the top jobs (by desirability, salary, low stress, etc.,) involve math — see this list at the Wall Street Journal (from 2014, the last year for which we have complete data).
    Another response would be my whole life, some examples of the activities of which I will talk about today: I've worked as a cryptologist on and off for many years. And there are many future jobs in this area for those with a solid mathematical background.

 


Starting Crypto: Some Terminology, and Symmetric Cryptosystems

Many works of cryptology speak of two star-crossed lovers, Alice and Bob, who attempt to keep the guttering candle of their love alight, though distance separates them and their communications are being monitored by the evil Eve.

Sophie Germain                Carl Friedrich Gauss
Alice               Bob
  Pirate Riley. Aaarrhh Me Hearties!  
  Eve  

[Extra credit if you can name the two famous mathematicians who acted as models for these pictures of Alice and Bob.] [If you give up, hover your mouse over the image.]

 

It's important to realize that in many — maybe most — situations, it is entirely appropriate to assume that Eve can see all the communication between Alice and Bob while it is in transit. All of the channels you are used to suffer from this:

 

Somewhat more mathematically, this diagram (from my free textbook Yet Another Introductory Number Theory Textbook, as are several similarly formatted diagrams in this presentation) gives some basic terminology:

In the design of the encryption and decryption algorithms, we follow something cryptologists call Kerckhoffs's Principle [named after Auguste Kerckhoffs a professor of languages at the École des Hautes Études Commerciales in Paris in the late 19th century who wrote influential papers on cryptology]. According to this Principle, one always publishes the details of one's cryptographic algorithms.

It may seem ridiculous to publish the algorithm used to protect your data, but we do this because humans have a nearly infinite capacity for self-deception. As a consequence, we are always thinking we have invented the best cryptographic algorithm, a perpetual motion machine, the way to square the circle and trisect the angle ... when another set of eyes, looking over our work independently, would immediately see flaws. This is nothing other than the famous idea of peer review the scientific method, which is the foundation of the modern world.

[The alternative to putting your proposed cryptographic algorithms out in the world for peer review is called by cryptologists — with enormous disdain — security by obscurity. Experience has shown that it is no security at all.]

 

If we are to publish our encryption and decryption algorithms, the security must lie in some other secret. This is an additional piece of information called the key, which is input into those algorithms, as follows:

The above is called symmetric (or private- or secret-key) cryptography. We shall see an alternative in a few minutes.

Notes:


Symmetric Encryption of Data Standing Still

Actually, the communication channel could be from past you to future you; i.e., we're just encrypting stored data. This is a good idea. Claude Shannon ClaudeShannon MFO3807 had this idea, and many other important ones.

Demonstration of using GnuPG, for encryption

gpg --output <file.gpg> --cipher-algo AES256 [--armour] --symmetric <file>
and decryption
gpg <file.gpg>
Look at the file with
hexdump -C <file.gpg>


Very Practical Interlude

You may have noticed that in that demonstration I didn't do a lot of pointing and clicking. Instead, I typed commands, using what is called the command-line interface [CLI]. This is the major way that everyone I have ever met who does serious things with a computer interacts with the computer. If you want to use a computer to play games, by all means use a mouse or game controller. If you want to type a paper in an English class, you wouldn't point and click at an alphabet on the screen. If you wanted to process data for a chemistry lab report, you would enter the numbers into a spreadsheet (by typing them), create clever macros (by typing them), etc.

Pointing and clicking rather than typing commands is a lot like trying to communicate specific information and instructions to someone else by playing charades rather than simply speaking. Charades is a fun game, but I wouldn't act out a non-verbal version of the Fundamental Theorem of Calculus in a class of mine, I would say the words, and write them on the board. ...So why are we doing so much charades to communicate with our computers?

OK, there was one other thing that must have been obvious in my GnuPG demonstration: I wasn't using Windoze. A bit like the CLI, I don't know any serious computer scientist who uses Windoze. Trying to do security with Windoze would be like having a meeting of Alcoholic's Anonymous in a bar: the game is already over simply because of the environment.

Also, because the programs which constitute Windoze are Microsoft's greatest asset, its great crown jewels of intellectual property. That may be a good business move for them [although that is much less clear than it seems], but it means that they have never done science: their programs have never been put up for peer review, so as a scientist it would be absurd for me to have blind trust in them.

So my secret plot in this talk is now revealed: even more than telling you about some nice techniques and tools to protect your data — a valuable goal which I am also pursuing — I want you to ask the following very good question:

Why are you using Windoze?

You've probably never thought about it, but there are alternatives. Some people are using those alternatives: see Usage share of operating systems. And some of these alternatives fit within the scientific method, as we've been discussing, while others do not. Which do you think it makes sense to use? [Hint: if you like computers, antibiotics, the polio vaccine, cell phones, etc., you like science.]

Some more reasons to think hard about the above question:

Tux


Back to Encrypting Stationary Data

Use full-disk encryption.

In GNU/Linux, this is an installation option. Under the hood, it uses AES with a key built out of the user's passphrase.

For Windoze, there used to be a tool called TrueCrypt, but it took itself out of the business in 2014 (in a very suspicious way). Alternatives exist, such as VeraCrypt and CipherShed.


More Crypto: Asymmetric Cryptosystems

If Alice and Bob want to be able to communicate securely without ever having met to exchange the symmetric key, they can instead use asymmetric (or public-key) cryptography:

 

Here's a particular [very mathy!] way to do this, called the RSA cryptosystem (named after Ron Rivest, Adi Shamir, and Leonard Adelman, who published this idea in 1977):

RSA is often not the best (most efficient or most secure for a given key size) asymmetric cryptosystem, but it is definitely the most widely-used. This is probably due to the fact that it was the first one discovered, and also to the (comparative) ease of understanding the math. Other systems involve arithmetic on elliptic curves, which is a fairly chewy area of mathematics.

All asymmetric crypto relies upon a mathematical function which is easy to compute in one direction but difficult to invert. For RSA, this is essentially multiplication forward [easy], but factoring backwards [hard]. For other asymmetric algorithms, there are other of these one-way functions.


Practical Issues with Asymmetric Cryptosystems: PKI

The main issue is Public-Key Infrastructure, PKI, because of the following

which is called a man-in-the-middle attack.

Therefore, we need to be sure that the public keys we use really do belong to the people who we think they do. We do this either by getting the key from someone in person — but that kind of ruins the whole idea of asymmetric crypto! — or we get a key in some way that we are sure of its provenance.

One kind of proof of ownership would be a digital signature on a public key, signed by someone whom we trust. Digital signatures work like this:

Signatures on public keys are called certificates, and you have to trust their public key to use them ... or else go on recursively. In the end, there are certain Certificate Authorities whose keys are baked into many common devices, so that establishes a root of trust. This can be very good, in building reliable trust in software, or bad if it bakes into a particular OS or service a requirement to participate in some close software ecosystem. [This is Apple's business model with the iPhone, for example.]

Another, less formal, approach is for individuals to sign each other's keys, when they know each other personally, until gradually there is a large web of trust. The fun way to do this is to throw a key-signing party where people who know each other bring laptops and sign each other's keys. We could have one here, on campus, and then we would all start to be able to use asymmetric crypto with each other....


Practical Successes with Asymmetric Cryptosystems: Mailvelope

Let's install and use a FLOSS Firefox and Chrome extension which does public-key crypto for common webmail clients: Mailvelope.

The third-party doctrine suggests we should keep only the encrypted versions on the webmail provider's servers. Mailvelope does this. It also keeps track of your keys ... protected by a password and the security of your machine. [So there is not much point in using this under Windoze, because its security is so spectacularly weak. But you are all going to run a FLOSS OS in the future, aren't you?]

Here is a public key for a key I set up for this demonstration [and only for this demonstration — please do not use it for real, secure communication with me, I have not followed good security practices in creating or storing this key!]. It's contents are:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: Mailvelope v1.2.3
Comment: https://www.mailvelope.com

xsFNBFZfUWoBEAC2pTwqgrKhWs3lzfXCYf0IvmW6lW90FigNwsY28iPR0/Sd
Zhe163aEwqORbPlEOfYDEln1B5gAIJGzoHJyD8jLc0fPynXDiqrN+pZ6N24I
D+yix0t5dir/HY0sABOTsYa78RI+1ijBpSISLATCIVm464TQJJo9+Njmu3VW
gJ/HJ7KxC9WAyTVh6iVFp7OBBPh6RAv/yKphhUwqNR8J+gFfcsa2Sk1oU0Es
cmQ3fgK1yBtzuC2mB09Zme4Gpl7N+MTLflkrB8WPfknAdjZqjTX0VSC+EsPE
7ktx1704OH4Ynd3vA11nlV7LaaTjr7PJc0003qqojRrS5dVFVx3Xjlr9ALWn
UAsI6lRxfr+r4DWItCxj2fMVmM5NElKqhIc7w47M38xbX3jiIyC4GNkzMESj
lnYKVcvKZ5mWEZlj6+o+XkynkvLl+Yr2AsFAZ9lT1GwiRuIh/Xovcu8NQXW5
T5Y+DmUsoUnKwULL1ET3rmy5DYxrwyEo1m444xEtBLpH+EUdF+p9YdWLWUVd
SRt0dn+RW3OvipgQb4QKfnfXkzW96ujpe8UvAN5tbS+Nw6379nkC8eqQ7tw1
cojJifNI43wv5cy+nYkNpP3fkrAv7aQfz8O3ZNJkF6nEFSejJc6Z4aurbg66
CZA6aN3aCA4kGp5HgVb1o0bkmP8ANEqczu2OHwARAQABzSdKb25hdGhhbiBC
IFBvcml0eiA8am9uYXRoYW5AcG9yaXR6Lm5ldD7CwXUEEAEIACkFAlZfUXMG
CwkIBwMCCRDhvhzrqap5tgQVCAIKAxYCAQIZAQIbAwIeAQAAAakP/jMn3ZyK
ONkQIV8iErQ9evBNliA8Drg+b4lye0+fj5VmGekeZE1W61qkuuuoqLXuUWtH
XD2yd//5CnU07eYbI8MSTsj1B3LneDUrmzNuZzzHYNE5s4aYkECeW+qI2jjc
qjc5M5PSk/D0hMXKRWFivaAR+9fggTwMN2a0QCL1pHpBP1lsfH31WE7XJnr/
ZplUc7y88Gsh3yF6zr/aK54PlVSlTv1JcZV4XYlAh0F1i8DauV63PUBHTQf1
iB1DlqUoSaWp7GSmU8f/VO99e2WQFtYK5lxb5BluUZCaoxPzHAe9Y1REpq/c
9dhNZUBs8GCFphf93UFz59kB+8F6bd1HHkU3q7EMfZ4z+Wzpnyh0UqFPvfNi
wWmxOchhoVY9JYhJVOpXghkqQEm7jTX+XUD6nx9GkK67TFEcS5C1TViBzmPW
aiebRc7JJOGiXFdHE4hxGpCXhXTWi7Dlm3cz8mGDIewYzExvN/KUdX+V52te
ZGY/hnkDIJDAu0ghEs0Eq0juTgw3M9aKhFBygeFKFYpBEoqVNTZg7My8GUJX
5R8A0rfrtlnu/hTT8szrFDR1ApDd5YOpwic0znSxF+AQquP1mC9ljq9FHMax
ay3eTLBtCFJbJY10OcNatX+pKzv+KVFwhNqXjkk955EXGOroBhYt1NqHTSFH
rfa8XrjC22zyqLI6zsFNBFZfUWoBEACkPiecJP1BrxSp2by1WiQUGqRrhDnt
P+L+aCCA556kmwHGbIazDW4KqtfBho3J6kIL//qQGo6SMuhE2iKKiRWtq+NE
2yVg2Nvx90M4vLQmI2WmOjVKaTUqyXqaeDKWGaNs5cXnKMdLCmCj+r6nm7AM
OoqjIBEyukByzsYESscRdDTMi7dBnXP/6Mrpkt0+DH3zABpl119L+VS2Cp/K
8oRAXZJbnRrngfnV+Rot3dCf6RU62wtB1gVshj01Sij+GRxbIW7tB9/XrdCB
N/ZasdBsN3CffImfxhuODbMkSkdZ0qK4468We2J1+A6wYFB9R2d5ERF8cTBb
boevXexeeQpDRqF1JX9L+gxDNKheyyX08vWkLol57PyZIJYnXQGxWunj39gZ
HTluZTmRutqPU1UBQb8tz2cePwG2k2DYOh5SUhITU9ztdS6fo2fT8yAtWPBk
AqR7OgOK8hL1rwQTdtqHH2s15z+DW9oucr2Wt3RaBP7gpzTKpLOFTE+SjUgZ
xzF1V6aY0Jy9nxHmF/HjreCZZIabHLRwBQUPPaDyg2SnyK9gnXzaxIABGeCI
x1gZ5jCkwCIUFshIhbGhqYicVCN7QMtZ2i7kwCsQv1YancXOG+Qd7LvogObh
cRw9SouSRtB8GKiZE+7G+Bb9RFU7jEJbBT1qZsa6bosbGyL2qBVbKQARAQAB
wsFfBBgBCAATBQJWX1F0CRDhvhzrqap5tgIbDAAAYhYQAKz7f01YeXFLue4Y
7sEe145ILlcWOk/RD9pXCkPEG6jCC0kHFR0suQQl3N2LrnLotbKZCDYT8wML
Grl6sx/LXnFrKp49Yq31JYDmiP9ek40o17buJnd85MVQ5OCG+6ujT9rOyO2p
QzEa2zXrNPbQ8Ol1juioS7zDyDzxomapTsJEPkNJSkgKBYhUK3uH+a0R4im5
WCAR5adNst6NK2Oa1oV0Nefq074Vkx1Oij2wQRTbXzjAI93uExiBy9qWQ0t/
BqbMHwOyKedodx+nAlFHmQFC4zlYvrNUTgudZpv7+MKK960KzQlUCvaTBpZN
my4yhc+olUMENfU0RnenzNOTuuNZ0IiwD1vla2PY6dOYsOMQFezukQZxPYaa
7iF11rwtnd/d7hFOgHZBLcXYFPREExmSS2B6QevSrCn12XJt/s+Z3HymmXta
OKyh9qBOJsYwC8d5lyy4E1J6qa8vWiHRNQjurklV/RwidecyHeqcWu2DWywb
b12iuDQC+5HZrIjME2r9I1/hpxxd8y5z2CnNzQT1eSLrnBmBdlcnQwBKmiDb
R4I899vyxMXis24a6b9xTHk3JLEwOIynpB3AOfXhqRL4d/7ACcnxrP3PfzwT
BmVZuzQeXjYfHdWP0IrRG6yBIu68GF13TiH57sxURVRiV1iLYUZm8Rm12H4G
Oq3aHLKC
=1JXn
-----END PGP PUBLIC KEY BLOCK-----

 

....Extended Mailvelope demo.

 

By the way, if you do not use one of the webmail clients that Mailvelope supports, there are other things you can do. One would be to use GnuPG on the command line and then send your messages always as attachments. Another thing to try would be if you use the FLOSS mail program Thunderbird (which is produced by Mozilla, the same people who make the Firefox browser), and the Enigmail Thunderbird extension.


Supplementary Topic: DHKE, or, What's that Little Lock in my Browser Bar?

Just the year before RSA was published, Whitfield Diffie and Martin Hellman started the whole idea of public-key crypto with their algorithm, now known as Diffie-Hellman Key Exchange


Further Reading

  1. There is a chapter on crypto in my [free] [as in beer and as in speech] number theory textbook, which can be found here.
  2. In the Beginning was the Command Line by Neal Stephenson, is a fun read.
  3. Applied Cryptography: Protocols, Algorithms and Source Code in C by Bruce Schneier [or any of Schneier's policy books]
  4. The GNU Manifesto by Richard Stallman, and all of the essays in his collection Free Software, Free Society: Selected Essays of Richard M. Stallman
  5. Any of the essays and [non-fiction] [although his fiction is fun, too] books by Cory Doctorow, most of which are available on his website craphound.com/.
  6. Here is an article from The Washington Post which has a very high-level introduction of some issues, such as recent political discussions about requiring "back doors" in commercial encryption systems.

Jonathan Poritz (jonathan@poritz.net)
Last modified:
Creative Commons License Everything on Jonathan Poritz's web pages is by Jonathan A. Poritz and is licensed under a
Creative Commons Attribution-ShareAlike 4.0 International License unless otherwise specified.