For all you paranoid freaks (kinda like me), you can know crypt your GMail emails with GnuPG.
Since it uses GnuPG, which must be installed on your system, the saved keys are the same and, therefore, no need to recreate your keys.
Plus, no need to look around the menus to sign, encrypt, decrypt etc. it simply adds buttons to the right of the "Send" button on the GMail interface.
More info and screenshots here!
Now you don't have *any* reason not to crypt your emails. Remember to use a nice huge key so the NSA server have a really hard time finding what you wrote (oh, and add "Al queada" in the subject of the email)!
Sunday, February 10, 2008
Monday, January 21, 2008
Vigenère's Cypher and next steps of the project
The Vigenère cypher is also a very simple cypher and is based on Caesar's one. In fact, it is basically a Caesar cypher but on every letter of the message. Therefore, the key is no longer just a shift but a whole word.
For every character in the message is applied a different shift. For example, let's crypt the message "hello world" with the key "secret": ZINCS PGVNU
Even though this is very simple and symmetric cypher, the is no way to decypher a message directly because the key can be any combination of letter and of any length.
This algorithm remained uncracked for three centuries!
There are two methods of cracking it: the first is called the "Babbage and Kasiski" method, and the second, invented by commander Bazeries, consists of basically guessing some key words. Let's start with the latter.
Suppose you know a word of the message which could be at least as long as the key used to crypt the message. We also suppose the key used to crypt the message is a word and not a random letter combination. Now, what we have to do is decrypt the message with the word we think is in there. So, if that word is 8 characters long, we decrypt the first 8 characters of the message with that word. If the result is not satisfying, we repeat the process 1 characters further. And so on until the result sounds good.
An illustration of the process can be found on apprendre-en-ligne.net.
Let's now talk about the project. Due to our major exams this week, we haven't taken the time to work on the project. What is good though is that, as Emeric said in an earlier post, the structure of the program is defined and operational. Now, all there is left is to code the graphical buttons (using Swing) for each algorithm and program each algorithm to decipher a message. That second step is pretty easy since most of the ciphers used are symmetric.
See you later!
For every character in the message is applied a different shift. For example, let's crypt the message "hello world" with the key "secret": ZINCS PGVNU
Even though this is very simple and symmetric cypher, the is no way to decypher a message directly because the key can be any combination of letter and of any length.
This algorithm remained uncracked for three centuries!
There are two methods of cracking it: the first is called the "Babbage and Kasiski" method, and the second, invented by commander Bazeries, consists of basically guessing some key words. Let's start with the latter.
Suppose you know a word of the message which could be at least as long as the key used to crypt the message. We also suppose the key used to crypt the message is a word and not a random letter combination. Now, what we have to do is decrypt the message with the word we think is in there. So, if that word is 8 characters long, we decrypt the first 8 characters of the message with that word. If the result is not satisfying, we repeat the process 1 characters further. And so on until the result sounds good.
An illustration of the process can be found on apprendre-en-ligne.net.
Let's now talk about the project. Due to our major exams this week, we haven't taken the time to work on the project. What is good though is that, as Emeric said in an earlier post, the structure of the program is defined and operational. Now, all there is left is to code the graphical buttons (using Swing) for each algorithm and program each algorithm to decipher a message. That second step is pretty easy since most of the ciphers used are symmetric.
See you later!
Caesar Cypher
The Caeser Cypher is a substitution cypher and one of the oldest ways to crypt a message: it was used during Roman Empire to crypt, military information.
A substitution cypher is cryptology technique in which each letter of a message is replaced by another one: it is therefore a symmetric cypher (the same algorithm is used to cypher and to decypher a message).
In the Caeser Cypher, the key used to cypher a message is a number which is the shift.
Here's an example:
message: HELLO WORLD
shift: 10
cyphered message: ROVVY GYBVN
This is a very easy algorithm and therefore not secure at all! If you don't know the key, you can simply try every shift, i.e. 25 (and not 26 because then you fall on the original cyphered message), and see which message seems the most coherent.
Now, here's a little treat, a nice screenshot of GU-Cypher. As you see, since I'm under Linux, the graphical interface is in GTK. Under Windows however, it will use the normal Windows graphical environment. ;)
P.S.: part of the treat is the website you see in, the background of the screenshot, that's version 4 of the website, online soon if I get my act together!
A substitution cypher is cryptology technique in which each letter of a message is replaced by another one: it is therefore a symmetric cypher (the same algorithm is used to cypher and to decypher a message).
In the Caeser Cypher, the key used to cypher a message is a number which is the shift.
Here's an example:
message: HELLO WORLD
shift: 10
cyphered message: ROVVY GYBVN
This is a very easy algorithm and therefore not secure at all! If you don't know the key, you can simply try every shift, i.e. 25 (and not 26 because then you fall on the original cyphered message), and see which message seems the most coherent.
Now, here's a little treat, a nice screenshot of GU-Cypher. As you see, since I'm under Linux, the graphical interface is in GTK. Under Windows however, it will use the normal Windows graphical environment. ;)
P.S.: part of the treat is the website you see in, the background of the screenshot, that's version 4 of the website, online soon if I get my act together!
... And we're back!
Since we both have final exams this coming week (starting tomorrow) , we haven't had the time to post more article or modify the existing ones.
That does not mean the blog is dead. In fact, there will be at least one more article tomorrow by 5 P.M. at the latest! (That is because of school conditions ... )
After what, more article will be posted, but about a week later only since, as I already said, we have exams until Friday.
Thanks for your time and support!
That does not mean the blog is dead. In fact, there will be at least one more article tomorrow by 5 P.M. at the latest! (That is because of school conditions ... )
After what, more article will be posted, but about a week later only since, as I already said, we have exams until Friday.
Thanks for your time and support!
Monday, December 10, 2007
GU-Cypher's structure : adding algorithms
As you know, GU-Cypher is coded in Java and is still in development. This program will allow encrypting data using a lot of different algorithms. To achieve this, the program has to be modular in order to make the addition of a new algorithm easy. That is why the use of the interface structure from the Java language seems a good idea.
In Java, an interface is a way to define a type of object with a general structure, by only specifying what actions these objects must be able to do. The actual implementation of these actions, that is how they are performed, is specific to each object of that type.
In GU-Cypher, we created an interface called Algorithm which defines what a cryptography algorithm must be able to do: encrypt and decrypt data. This interface will be the starting point for every new algorithm we want to implement. To add a new one to the software, we just have to implement the Algorithm interface and provide the code for the encrypt and decrypt methods.
In Java, an interface is a way to define a type of object with a general structure, by only specifying what actions these objects must be able to do. The actual implementation of these actions, that is how they are performed, is specific to each object of that type.
In GU-Cypher, we created an interface called Algorithm which defines what a cryptography algorithm must be able to do: encrypt and decrypt data. This interface will be the starting point for every new algorithm we want to implement. To add a new one to the software, we just have to implement the Algorithm interface and provide the code for the encrypt and decrypt methods.
Tuesday, November 20, 2007
Reasons to crypt your communications
Internet communication protocols are almost all defined in the RFC. That way, software designers can make programs compatible for communication. Most people don't realize how vulnerable their data is on the Internet. I'm not talking about viruses but of communication interception. In fact, on a local network, programs such as packet sniffers allow sysadmins (system administrators) to check whether their network is working properly and no unknown "visitor" is wondering around. A wonderer may very well install a sniffer on a network once an access has been granted. Since most communication protocols defined in the RFC are not encrypted, most data collected by a sniffer is extremely easy to analyze (as long as one knows some basics of the TCP/IP protocol). This means that when you sign onto a website, or on a forum or even sometimes onto your email account, the data is sent in clear text: an attacker who owns your network can see your password (or passwords if you use more than one (which is sadly not the case of most people)) . This actually made headlines a couple days ago, here is a link: Swedish police arrest security expert who cracked embassy e-mail passwords.
Don't become paranoid: if you have a good email provider, the connexion to your email account is established in HTTPS, which stands for secure HTTP and was designed by Netscape Communications Corporation to provide encrypted communication. If you use a good web browser like Mozilla Firefox, Opera or Safari (and not like Internet Explorer), you should notice a different color in the address bar when navigating through an encrypted connexion (usually green is good, and red is bad i.e. incorrect certificate).
The best way to use normal communication protocols while making sure an email, for example, has not been modified or stays confidential is either to sign the email, with a digital signature, or encrypt your email with a private/public key pair (we will explain the mechanism and why it is the best confidentiality method in a future article about RSA). Both techniques are widely used over the internet.
"Since RSA is the best why should I use another system to encrypt data?"
I was hoping you were going to ask this question! If you want to share data with just a couple people but without implementing or using a complicated public/private key pair, you'll opt for an easily decipherable algorithm. As you will see later on in the RSA article, key pairs a good for one to one communications exclusively.
Because there are none or very few graphical programs which enable a user to cypher and decipher data, we wish to create one. Hopefully, by following our progress on the program you'll understand how it works and will be the firsts to use the program!
See you around!
Don't become paranoid: if you have a good email provider, the connexion to your email account is established in HTTPS, which stands for secure HTTP and was designed by Netscape Communications Corporation to provide encrypted communication. If you use a good web browser like Mozilla Firefox, Opera or Safari (and not like Internet Explorer), you should notice a different color in the address bar when navigating through an encrypted connexion (usually green is good, and red is bad i.e. incorrect certificate).
The best way to use normal communication protocols while making sure an email, for example, has not been modified or stays confidential is either to sign the email, with a digital signature, or encrypt your email with a private/public key pair (we will explain the mechanism and why it is the best confidentiality method in a future article about RSA). Both techniques are widely used over the internet.
"Since RSA is the best why should I use another system to encrypt data?"
I was hoping you were going to ask this question! If you want to share data with just a couple people but without implementing or using a complicated public/private key pair, you'll opt for an easily decipherable algorithm. As you will see later on in the RSA article, key pairs a good for one to one communications exclusively.
Because there are none or very few graphical programs which enable a user to cypher and decipher data, we wish to create one. Hopefully, by following our progress on the program you'll understand how it works and will be the firsts to use the program!
See you around!
Monday, November 19, 2007
Introduction
public class Hello{
// varz
private static String message="Welcome to the GU-Cypher blog.\n The goal of this blog is to explain why to use cryptography while developing a graphical interface for a program called U-Cypher which is, for the moment, only in command line which sucks monkey balls. This program is coded in Java and has not yet been released anywhere, so no since looking for it.";
private static String shortSummary="The first article will explain why one should use cryptography in every day communications. The rest has not been planned yet, but we will explain in detail every cryptographic algorithms available in (G)U-Cypher. Meanwhile, we will write about the progress of GU-Cypher's development.";
//end varz
public static void main(String[] args){
System.out.println("Hello world");
System.out.println(message+"\n\n"+shortSummary);
}
}
// varz
private static String message="Welcome to the GU-Cypher blog.\n The goal of this blog is to explain why to use cryptography while developing a graphical interface for a program called U-Cypher which is, for the moment, only in command line which sucks monkey balls. This program is coded in Java and has not yet been released anywhere, so no since looking for it.";
private static String shortSummary="The first article will explain why one should use cryptography in every day communications. The rest has not been planned yet, but we will explain in detail every cryptographic algorithms available in (G)U-Cypher. Meanwhile, we will write about the progress of GU-Cypher's development.";
//end varz
public static void main(String[] args){
System.out.println("Hello world");
System.out.println(message+"\n\n"+shortSummary);
}
}
Subscribe to:
Posts (Atom)