AES in Cartoon Form!

October 21st 2009

I’ve always been a fan of graphic presentations. More people understand graphs and diagrams than understand equations. While this is a bad thing in some ways, it remains a fact. So it’s always great to see a graphical representation of a really difficult set of concepts.

Jeff Moser Fisher has posted A Stick Figure Guide to the Advanced Encryption Standard (AES). He has wisely structured it in layers. Interested readers can learn about AES to their level of interest or understanding: they can get the history and process, the high-level summary, or go diving into S-boxes.

Great!

Posted under Security & Tech Teaching | No Comments »

Vernam’s Cipher

September 7th 2009

Gilbert Vernam was a digital systems designer from the early 20th century. He invented the stream cipher, what browsers often use today to encrypt messages exchanged with protected web sites. In his days, however, the mechanism of choice was the relay: an electromagnetic switch. Vernam also described the one-time pad, and noted the danger in reusing the key stream.

What, then is a Vernam cipher? Is it a stream cipher or a one-time pad? I’ve seen the term used both ways.

Now we can check the source. Steve Bellovin recently blogged on Vernam’s work, and posted a PDF of Vernam’s original  paper. Vernam wrote the paper for an AIEE conference (that’s one of the precursors of today’s IEEE – Bellovin negotiated permission to post the historic paper).

If we look at the historical description, Vernam does not restrict his cipher to the one-time pad case. Thus, a Vernam cipher in practice might – or might not – be a one-time pad. [revised 9/7/09]

Continue Reading »

Posted under History of Technology & Security | No Comments »

Stream Cipher Reuse: A Graphic Example

May 31st 2008

Take a look at the following image. You should see two different ‘messages’ here.

Smiley overlaying the \

Two messages

This particular mis-mash of messages reflects the failure of otherwise strong cryptography: the improper implementation of a one-time pad or a stream cipher. Continue Reading »

Posted under Security | No Comments »

Encrypting with XOR: A Graphic Example

June 9th 2007

The exclusive or operation – a logical function applied to binary bits, like AND, OR, and NOT – is a fundamental encryption technique. It is often used in stream ciphers, which are widely used in web browsers when connecting to secure web servers. Continue Reading »

Posted under Security | Comments Off

Next »