(theoretically) The security of some IoT devices is of major concern. We shall discuss this further in Chapter 27 on the IoT.
Privacy concerns
Privacy and security go together. Biometrics are important as they have both applications and privacy concerns. You might use a fingerprint or facial recognition software on your phone, tablet, or computer to unlock it. Some airports now use facial recognition software to identify travelers so as to improve efficiency for processing the vast number of people that pass through an airport each day. See [Oli19] or [New19b], for example.
Security and privacy
Together, these add up to the need for security and privacy to be part of the decision‐making in the development of software and hardware of devices at every stage and level. Security and privacy breaches are reported regularly on the news. Programmers must be ever vigilant to make sure that they write code in a “safe” way so as to ensure privacy and security. Will input provided to the code always be friendly, or could it be malicious? If input could arrive from an outside source (such as via the Internet), then you should assume that there will be malicious attacks. For example, for the C programming language, we recommend two wonderful books on this topic: Secure Coding in C and C++, second edition by Seacord, [Sea13], and C Programming: A Modern Approach, second edition, by King, [Kin08]. We discuss this more in Section 7.20.
Cryptography
Let us not forget cryptography. The twentieth century ended with DES, the United States Data Encryption Standard, being phased out and replaced. In 1999, Rijndael, a block cipher developed by Joan Daemen and Vincent Rijmen was selected as the AES.5 AES is the current standard for symmetric cryptography [NIS19b]. Chapter 5 looks at these topics.
Postquantum cryptography
Less than 20 years after the adoption of AES, the United States is preparing for a postquantum world. See [NIS19f]. We will discuss this more in Section 4.12
Blockchains
Blockchains are being used increasingly because of their immutability. In April 2020, during the COVID‐19 pandemic, IBM used blockchains to help the health‐care industry. In [Wei20], Weiss writes that IBM is using blockchains to connect “pop‐up medical mask and equipment makers with hospitals.” They quote Mark Treshock, the IBM blockchain solutions leader for IBM healthcare and life sciences as saying, “It's the immutability component. If I am a supplier and I create a profile and include my information for onboarding as a new supplier, there's a qualification process I have to go through… It is done to determine if they are legitimate, ethical, that they comply with required laws and, in this case, with needed FDA certifications.” [Wei20]. We will discuss this more in Chapter 26.
Notes
1 1 United States National Security Agency.
2 2 Britain's Communications Electronics Security Group.
3 3 di meaning two, graph meaning character or symbol.
4 4 A poly‐alphabetic cipher uses several substitution alphabets instead of one.
5 5 Published as Federal Information Processing Standard (FIPS) standard 197.
Chapter 2 Classical Ciphers and Their Cryptanalysis
Goals, Discussion In this chapter, we survey some historical ciphers which have been used since antiquity. (They are all symmetric ciphers. Public key ciphers were not invented until the 1970s and are discussed in Chapter 3.) Although the ciphers presented here are obsolete, they still provide good examples of cryptographic procedures. For example the Vigenère cipher, being a block cipher, is a forerunner of modern block ciphers such as Advanced Encryption Standard (AES). From these classical ciphers, we can also learn about various attacks in cryptography. This subject is pursued more fully in Chapter 7.
New, Noteworthy We discuss the Vigenère cipher and show how it can be broken by finding the length of the keyword and then the keyword itself. We explain clearly the simple principles involved without getting bogged down in lengthy formulae. We also give a detailed but accessible description of the famous Enigma system used in World War II both from the mechanical and the mathematical point of view.
2.1 Introduction
Since the early stages of human civilization, there has been a need to protect sensitive information from falling into the wrong hands. To achieve such secrecy, mankind has relied on a branch of mathematics known as cryptography, which is the study of designing methods to securely transmit information over nonsecure channels. In order to achieve this goal, one must first encipher, or scramble, the intended message to prevent an eavesdropper from obtaining any useful information, should the message be intercepted. The message (referred to as plain text) is scrambled into cipher text using a predetermined key, known to both the sender and receiver. The encrypted message is constructed in such a way so as to be resilient against attack, while allowing the intended recipient to decipher, or unscramble the message with ease. The methods we will be investigating in this section to accomplish this task may be outdated and in some cases obsolete, but they can still provide us with valuable insight into some techniques that are still in use today.
2.2 The Caesar Cipher
While Julius Caesar was building his empire, he needed a method to transmit vital messages without risk of the enemy obtaining any crucial information. To achieve this goal, he employed one of the first known ciphering methods. The idea was to substitute each letter of the plain text with the letter appearing three spaces to the right in the alphabet, i.e. a is enciphered to D, b is enciphered to E, and z is enciphered to C (the alphabet wraps around). Thus, “six” is enciphered to “VLA.”
In practice, this can be easily achieved using a simple device consisting of two disks, such as the one shown in Figure 2.1. Both disks have the alphabet engraved on their perimeter, and they can rotate with respect to each other. If we assign the inner disk to represent the plain text alphabet and the outer disk to represent the cipher text alphabet, enciphering is accomplished simply by rotating the outer disk by three letters counter clockwise and reading off the cipher text corresponding to the plain text. To decipher the message, one must only reverse the procedure. The “key” of the cipher is just the number of letters that the outer disk is shifted by, and is denoted by k. Both sender and recipient are
