Encryption and Code Breaking
by Robin Hegg
A huge amount of personal information is stored on our computers and on the Internet: names, phone numbers, addresses, credit card numbers, social security numbers, and more. All of this information is vulnerable to cyber attacks. But good cybersecurity skills and strategies can make accessing this information extremely difficult.
Just like spies use codes to send secret messages, computers encrypt data so it’s more difficult to access and understand. In this activity, you will pair up with a friend to learn some basic code making techniques to explore how computers encode and decode information and how hackers can exploit weak encryption and bad passwords to access sensitive information.
Pen or pencil
1. Create a simple letter shifting code by creating a cypher wheel. In a letter shifting code, each letter of the alphabet is shifted a certain number of spaces. If you do a one-letter shift, A becomes B, B becomes C, and so on. In a two letter shift A becomes C, B becomes D, etc. You can create a key to your code by writing out the alphabet on one line, then your shifted code alphabet on the second line.
In this example A=W, X=T, etc.
Or, you can create a cypher wheel using the same method. In a cypher wheel, you will write out the alphabet on two strips of paper then turn the strips into circles, taping the ends together so you have two separate rings or wheels. When you place the wheels side by side, all you have to do is turn one wheel until the letters line up how you’d like them to be for your code. Then the wheel serves as an easy key for this and future codes.
2. Write a message to your friend and use your letter-shifting code to encode the message. Have your friend do the same. Exchange your encoded messages and try to decode them.
3. Next, you and your friend will each create a new code. It can be a variation on the letter-shift code or something completely different. You can study different code systems if you’d like to help you develop your new code system. Think about what strategies you were able to use to break the simple letter shifting code. What were that code’s weaknesses? Try to make it harder for your friend to decode your next message. Create a key for this code.
4. Write another message to your friend and encode it using your new code. Have your friend do the same. Exchange messages and try to decode them.
1. How did trying to decode the first message compare to trying to decode the second? Were you able to create a more difficult-to-crack code the second time? What elements of your code do you think made a difference?
2. What do you think were the weaknesses of the letter-shifting code? What elements of the code or the coded message itself were you able to exploit to begin to decode it?
3. How do you think what you experienced here relates cyber security? How do you think your experience decoding encrypted messages relates to password strength and how hackers might be able to guess passwords? Drawing from your experience, what do you think you could do to make a stronger password to better protect your accounts and information?
1. Take a look at a list of the most commonly used passwords. Review the passwords and make a list of the patterns you notice. What categories do the passwords fall into? What do they have in common? What are they missing that a stronger password might include? Looking at the list, what should you avoid when creating your own passwords?
2. Try your hand at the games on OverTheWire. The games are designed to help you to learn and practice security concepts.