|
|
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="4.0.0">Jekyll</generator><link href="http://localhost:4000/feed.xml" rel="self" type="application/atom+xml" /><link href="http://localhost:4000/" rel="alternate" type="text/html" /><updated>2020-02-23T21:50:34+00:00</updated><id>http://localhost:4000/feed.xml</id><entry><title type="html">How Does Encryption Work, in Theory?</title><link href="http://localhost:4000/2020/02/19/rsa2.html" rel="alternate" type="text/html" title="How Does Encryption Work, in Theory?" /><published>2020-02-19T00:00:00+00:00</published><updated>2020-02-19T00:00:00+00:00</updated><id>http://localhost:4000/2020/02/19/rsa2</id><content type="html" xml:base="http://localhost:4000/2020/02/19/rsa2.html"><p>There are many kinds of encryption used in our everyday communication. Online and offline, over the internet and in person. In this article, I will explain the basics of how encryption should work in theory. I explain in <a href="/2020/01/26/rsa1.html">this article</a> why encryption is important, and why <em>you</em> should care about it.</p>
|
|
|
|
|
|
<p>We will start by looking at in-person, offline encryption.</p>
|
|
|
|
|
|
<h2 id="cryptography-we-do-everyday">Cryptography We Do Everyday</h2>
|
|
|
<p>We encrypt things all the time without even thinking about it.
|
|
|
If you spend a significant amount of time with the same group of friends, your will tend of develop common codes that may not make sense to others outside the group.
|
|
|
For example: for years, my family called sombody falling from a sitting position “doing a Don”. There is a story of course—We knew a guy named Don who fell from his plastic beach chair in a rather hilarious way; “doing a Don” was born.</p>
|
|
|
|
|
|
<p>These kind of minor dialects in speech are cryptographic in their own way. The truth is though, that we use cryptography much more than that!</p>
|
|
|
|
|
|
<blockquote>
|
|
|
<p>“Is cryptography any different than talking?
|
|
|
We say something other than what we mean, and then expect everyone is able to decipher the true meaning behind the words.
|
|
|
Only, I never do…” — Adapted from a scene in <a href="https://www.benedictcumberbatch.co.uk/wordpress/wp-content/uploads/ScreenplayTIG.pdf">The Imitation Game (p. 39-40)</a></p>
|
|
|
</blockquote>
|
|
|
|
|
|
<p>How many times have you hinted, flirted, and innuendoed to try to say “I find you very physically attractive”?
|
|
|
Have you told your friend that always stinks to wear more deoderent?
|
|
|
Have you ever had someone say the words “I’m fine” when you know <em>for certain</em> that they are indeed not okay?</p>
|
|
|
|
|
|
<table>
|
|
|
<thead>
|
|
|
<tr>
|
|
|
<th>Words Said</th>
|
|
|
<th>Meaning</th>
|
|
|
</tr>
|
|
|
</thead>
|
|
|
<tbody>
|
|
|
<tr>
|
|
|
<td>What can you do?</td>
|
|
|
<td>I don’t want to talk about this anymore.</td>
|
|
|
</tr>
|
|
|
<tr>
|
|
|
<td>I don’t want to overstay my welcome.</td>
|
|
|
<td>I want to go home now.</td>
|
|
|
</tr>
|
|
|
<tr>
|
|
|
<td>I don’t like them and don’t know why.</td>
|
|
|
<td>They threaten my ego.</td>
|
|
|
</tr>
|
|
|
<tr>
|
|
|
<td>Creepy</td>
|
|
|
<td>Unattractive and friendly</td>
|
|
|
</tr>
|
|
|
</tbody>
|
|
|
</table>
|
|
|
|
|
|
<p>All of these scenarios are perfect examples of <del>lies</del> encryption! If we have the key to these codes, we can start to understand what people really mean.
|
|
|
Hopefully I have convinced you that you use <del>deceit</del> cryptography on a regular basis in your life, so let us consider what a basic encryption method might be:</p>
|
|
|
|
|
|
<h2 id="grade-school-encryption">Grade-School Encryption</h2>
|
|
|
<p>Back when I was in middle school I used to pass notes like these:</p>
|
|
|
|
|
|
<p>PIC</p>
|
|
|
|
|
|
<p>This is a messege encrypted using the Caesar cipher. This encryption technique was used by Julius Caesar during the reign of the Roman Empire to “encrypt messeges of military significance.”<a class="citation-link" href="https://en.wikipedia.org/wiki/Caesar_chipher/">[1]</a>
|
|
|
This is one of the oldest and simplest methods of encryption known to us today.</p>
|
|
|
|
|
|
<p><img src="/assets/img/ceasar13.png" alt="A diagram of a Ceasar Shift algorithm. A &lt;-&gt; N, B &lt;-&gt; O, et cetera." /></p>
|
|
|
|
|
|
<p>You can try this out yourself by moving some letters forward in the alphabet.
|
|
|
An ‘A’ turns into a ‘B’, ‘B’ into ‘C’, ‘C’ into ‘D’, et cetera.
|
|
|
In this case, “Hello!” would become “Ifmmp!”
|
|
|
That is just using a shift of one. You can use a shift of seven, for example, and then you would shift letters like so:</p>
|
|
|
|
|
|
<ul>
|
|
|
<li><code class="highlighter-rouge">A -&gt; +7 -&gt; H</code></li>
|
|
|
<li><code class="highlighter-rouge">Q -&gt; +7 -&gt; X</code></li>
|
|
|
<li><code class="highlighter-rouge">T -&gt; +7 -&gt; A</code></li>
|
|
|
</ul>
|
|
|
|
|
|
<p>We should wrap-around to the beginning of the alphabet if there are no letters left.</p>
|
|
|
|
|
|
<h2 id="example-of-a-caesar-cipher">Example of a Caesar Cipher</h2>
|
|
|
<p>Let’s setup a little story to illustrate the problems of encryption. We will have three characters:</p>
|
|
|
|
|
|
<ul>
|
|
|
<li>Alice, a little girl with feelings for Bob</li>
|
|
|
<li>Bob, a young boy with an addiction to pancakes</li>
|
|
|
<li>Eve, a wee jealous girl scout who sits between Bob and Alice</li>
|
|
|
</ul>
|
|
|
|
|
|
<p>Alice really likes Bob and wants to tell Bob her feelings, so she writes “I love you, Bob! Please eat healthier!” on a sticky note.
|
|
|
She passes it to Eve, so Eve can pass it to Alice’s love interest.
|
|
|
However, in an unfortunate turn of events Eve reads the note herself, and decides not to give it to Bob.</p>
|
|
|
|
|
|
<p>Oh the horror! Alice is without young love! How could she remedy this so that Bob can read her messege, but evil Eve can not?
|
|
|
Let’s use the Caesar cipher to fix this problem.</p>
|
|
|
|
|
|
<p>Let us assume that Alice and Bob already have a shared key, 7 for example. To encrypt this messege, we should shift our letters seven letters forward in the alphabet—just like the example above.</p>
|
|
|
|
|
|
<p>PIC2</p>
|
|
|
|
|
|
<p>Now Alice’s messege reads “P svcl fvb, Ivi! Wslhzl lha olhsaoply!”</p>
|
|
|
|
|
|
<p>Now, when Alice sends her Romeo a little note, all he has to do is decrypt the text by shifting the letters down by 7.
|
|
|
<a href="https://www.xarg.org/tools/caesar-cipher/">Here is a site</a> which can do longer pieces of text for you instead of doing it manually.</p>
|
|
|
|
|
|
<h2 id="problems">Problems</h2>
|
|
|
|
|
|
<p>Before the two love-birds start smooching on the branch of a big pine tree in the schoolyard, perhaps we should consider some problems with the Ceasar cipher.</p>
|
|
|
|
|
|
<h4 id="it-is-very-easy-to-break">It is Very Easy to Break</h4>
|
|
|
|
|
|
<p>Even Eve with her measly grade 4 math skills could easily start going through this messege with pen and paper and figure out any combination in a couple hours at maximum.
|
|
|
Imagine how easy this is for a computer?
|
|
|
This could be broken in a few microseconds even on an older processor like the Intel Core 2 Duo.</p>
|
|
|
|
|
|
<h4 id="no-secure-way-of-sharing-keys">No Secure Way of Sharing Keys</h4>
|
|
|
|
|
|
<p>We assumed in our previous example that Bob and Alice already have a shared key (seven) to encrypt and decrypt all of their messeges.
|
|
|
If Bob and Alice did not have a previous friendship and time to share secrets of this sort, there is no way to share their key with eachother without Eve also knowing.
|
|
|
This would defeat the entire purpose of obscuring the messege in the first place.</p>
|
|
|
|
|
|
<h4 id="universal-vulnerability-of-messeges">Universal Vulnerability of Messeges</h4>
|
|
|
|
|
|
<p>Every messege sent between the two parties uses the same code to encrypt and decrypt. If someone finds out the code once, all previous communications are comprimised.</p>
|
|
|
|
|
|
<h2 id="better-encryption-methods">Better Encryption Methods</h2>
|
|
|
|
|
|
<p>To combat the issues with easily breakable, shared-key cryptography, we can turn to the beautiful beast that is <a href="https://en.wikipedia.org/wiki/Public-key_cryptography">Asymetric Cryptography</a>.
|
|
|
I will discuss this more in another article, but for the technically inclined:</p>
|
|
|
|
|
|
<ol>
|
|
|
<li><a href="https://en.wikipedia.org/wiki/RSA_(cryptosystem)">RSA</a>/<a href="https://en.wikipedia.org/wiki/Elliptic-curve_cryptography">EC</a> provides <em>very</em> large cryptographic keys. It would be impossible for a human to encrypt or decrypt a messege manually.</li>
|
|
|
<li><a href="https://www.youtube.com/watch?v=GSIDS_lvRv4">Asymetric cryptography</a> provides four keys, instead of just one; stopping evesdroppers from listening in on your secret conversations—even if you do not have the change to exchange keys in advance.</li>
|
|
|
</ol></content><author><name>tait</name></author><summary type="html">There are many kinds of encryption used in our everyday communication. Online and offline, over the internet and in person. In this article, I will explain the basics of how encryption should work in theory. I explain in this article why encryption is important, and why you should care about it.</summary></entry><entry><title type="html">Is Encryption Worth It?</title><link href="http://localhost:4000/2020/01/26/rsa1.html" rel="alternate" type="text/html" title="Is Encryption Worth It?" /><published>2020-01-26T00:00:00+00:00</published><updated>2020-01-26T00:00:00+00:00</updated><id>http://localhost:4000/2020/01/26/rsa1</id><content type="html" xml:base="http://localhost:4000/2020/01/26/rsa1.html"><p>What is the most embarassing thing you have typed into Google search? What is the most personal secret you told a friend in confidence? What is your bank password? What is your business’s secret to stay ahead of the competition?</p>
|
|
|
|
|
|
<p>Now at first these questions may seem not completely related. There is a point though: You likely sent all of this information over the internet.</p>
|
|
|
|
|
|
<p>When you send that messege to your friend or business partner, why is it that any person can’t just listen to the signals coming from your phone or laptop and know what you sent to your friend or colleague? The answer: encryption.</p>
|
|
|
|
|
|
<p>First, some background about internet privacy. You can’t have a conversation about internet encryption and privacy without discussing the man himself:</p>
|
|
|
|
|
|
<h3 id="snowden">Snowden</h3>
|
|
|
|
|
|
<p><a href="https://en.wikipedia.org/wiki/Edward_Snowden" target="_blank">Edward Joseph Snowden</a> is an ex-NSA, ex-CIA employee who felt the <a href="https://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution" target="_blank">United State’s 4th Ammendment</a> was being violated by their programs of msas survailence.
|
|
|
Snowden was raised a staunch establishmentarian conservative; his girlfriend Lisndey however, slowly started changing his mind. Snowden became very influenced by the ideology of <a href="https://en.wikipedia.org/wiki/Populism" target="_blank">populism</a>.
|
|
|
His populist thinking is shown very clearly when he explains his reasoning for his disclosure of humongous troves of NSA documents.</p>
|
|
|
|
|
|
<blockquote>
|
|
|
<p>“My sole motive is to inform the public as to that which is done in their name and that which is done against them.”
|
|
|
—<a href="https://www.theguardian.com/world/video/2013/jun/09/nsa-whistleblower-edward-snowden-interview-video" target="_blank">Edward Snowden</a></p>
|
|
|
</blockquote>
|
|
|
|
|
|
<p>Snowden’s first set of leaks went public in <a href="https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security" target="_blank">The Gaurdian</a>, <a href="https://www.nytimes.com/2013/06/10/us/former-cia-worker-says-he-leaked-surveillance-data.html" target="_blank">The New York Times</a>, and <a href="https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption" target="_blank">ProPublica</a> in late 2013;
|
|
|
people started to realize that their governments and internet service providers (ISPs) <strong>are</strong> listening. People understood there might be more sinister motives than “national security” at play.</p>
|
|
|
|
|
|
<p>Personally, I have seen a lot of non-tech-savy individuals using security-conscious software when I am helping them fix a problem.
|
|
|
In fact, there was one time I saw a collage student from rural Alberta who had a VPN running on her phone. This impressed me!</p>
|
|
|
|
|
|
<h3 id="encryption-on-the-web">Encryption on The Web</h3>
|
|
|
|
|
|
<p>The type of encryption used on the web is called: HyperText Transfer Protocol–Secure (HTTPS).
|
|
|
This kind of encryption stops two things from happening: A) it stops the information you are sending and recieving online from being seen by easvesdroppers and criminals, and B) stops those same third-parties from tampering with the data.</p>
|
|
|
|
|
|
<p>Without HTTPS it is possible for sombody to listen in and change the data being sent between you and a server.</p>
|
|
|
|
|
|
<p>Only in recent years has HTTPS become near-universal across the web. It is used even on the simplest sites these days: this one included. After 2013, people became weary of government, criminal, and ISP interference with their web traffic.
|
|
|
This can be backed up by statistics:
|
|
|
The level of encrypted web traffic around the time of the Snowden leaks was around 30 percent. It was mostly used by banks, email providers, government, and journalists.
|
|
|
At the turn of the 2020s however, this has risen to nearly 90 percent among U.S. users of Firefox.
|
|
|
Japan lags slightly behind with 80 percent encrypted traffic.</p>
|
|
|
|
|
|
<figure>
|
|
|
<img src="/assets/img/encrypted-web-traffic.png" alt="Use of encrypted web traffic incresing over time." />
|
|
|
<figcaption>
|
|
|
More at: <a href="https://letsencrypt.org/stats/" target="_blank">Let's Encrypt</a>
|
|
|
</figcaption>
|
|
|
</figure>
|
|
|
|
|
|
<p>This is just the data we know of. You can disable the <a href="https://en.wikipedia.org/wiki/Telemetry#Software" target="_blank">telemetry</a> settings in Firefox, and it is very likely that hardcore privacy advocates would disable this data collection, so perhaps the amount of encrypted web traffic is slightly higher.</p>
|
|
|
|
|
|
<h3 id="what-about-rsa">What about RSA?</h3>
|
|
|
|
|
|
<p>RSA is an encryption method named after the initials of the inventors’ sir names: Ron <strong>R</strong>ivest, Adi <strong>S</strong>hamir, and Leonard <strong>A</strong>dleman. It uses the mathematical “factoring problem” to secure communication. The details of this specific type of encryption will be discussed in an article soon to come.</p></content><author><name>tait</name></author><summary type="html">What is the most embarassing thing you have typed into Google search? What is the most personal secret you told a friend in confidence? What is your bank password? What is your business’s secret to stay ahead of the competition?</summary></entry><entry><title type="html">Padding And Margin</title><link href="http://localhost:4000/2020/01/22/padding-and-margin.html" rel="alternate" type="text/html" title="Padding And Margin" /><published>2020-01-22T00:00:00+00:00</published><updated>2020-01-22T00:00:00+00:00</updated><id>http://localhost:4000/2020/01/22/padding-and-margin</id><content type="html" xml:base="http://localhost:4000/2020/01/22/padding-and-margin.html"><p>Many people have expressed confusion over how padding and margins work in HTML/CSS. I have been one of those people. In this short article I will explain what the differences are between the two, and how it may affect the functionality of your site.</p>
|
|
|
|
|
|
<p>Here is an image from the World Wide Web Consortium (W3C) who sets the standards for the web.</p>
|
|
|
|
|
|
<p><img src="/assets/img/w3c-padding-margin.png" alt="The W3C standard for padding, margin, borders and width. Width encompases the inner element + padding; the border then encompases it. The margin is the space beyond the border and in between other elements." title="W3C border, padding, margin standard." /></p>
|
|
|
|
|
|
<p>Now although this image shows all the different types of spacing as equal, the majority of the time these will mostly be padding (inner) and margin (outer). Padding is the inner space between the element and its border; margin is the outer space between two different elements.</p>
|
|
|
|
|
|
<p>Within the margin the user is unable to press any links or execute any javascript code. It is <em>empty</em> space. If each <code class="highlighter-rouge">&lt;link&gt;</code> on your navigation bar has 10 pixels of margin, then there would be 20 pixels in between each <code class="highlighter-rouge">&lt;link&gt;</code> that would <em>not</em> be clickable by the user.</p>
|
|
|
|
|
|
<p>If you have <code class="highlighter-rouge">&lt;link&gt;</code>s on your navigation bar with <em>padding</em> set to 20 pixels, however, then there will be 20 pixels on each side of the <code class="highlighter-rouge">&lt;link&gt;</code> text where the user <em>is</em> able to click.</p>
|
|
|
|
|
|
<p>If that part is confusing, try thinking about it in terms of whether <code class="highlighter-rouge">background-color</code> would apply.</p>
|
|
|
|
|
|
<table>
|
|
|
<thead>
|
|
|
<tr>
|
|
|
<th>Attribute</th>
|
|
|
<th><strong>Padding</strong></th>
|
|
|
<th><strong>Margin</strong></th>
|
|
|
</tr>
|
|
|
</thead>
|
|
|
<tbody>
|
|
|
<tr>
|
|
|
<td>Spacing</td>
|
|
|
<td>within element</td>
|
|
|
<td>between elements</td>
|
|
|
</tr>
|
|
|
<tr>
|
|
|
<td><code class="highlighter-rouge">background-color</code> applies</td>
|
|
|
<td>Yes</td>
|
|
|
<td>No</td>
|
|
|
</tr>
|
|
|
</tbody>
|
|
|
</table>
|
|
|
|
|
|
<p>In summary:</p>
|
|
|
<ul>
|
|
|
<li><strong>Padding</strong>: the space within a tag which is still part of the same tag. <code class="highlighter-rouge">background-color</code> applies.</li>
|
|
|
<li><strong>Margin</strong>: the space in between two seperate tags. <code class="highlighter-rouge">background-color</code> does not apply; it is empty space.</li>
|
|
|
<li><strong>Border</strong>: the space in between the two; it surrounds the padding, but is not the margin. It looks nice somtimes, but it has no non-visual function. <code class="highlighter-rouge">background-color</code> does not apply.</li>
|
|
|
</ul>
|
|
|
|
|
|
<p>I hope this covers the basics of margin and padding! Happy coding!</p></content><author><name>tait</name></author><summary type="html">Many people have expressed confusion over how padding and margins work in HTML/CSS. I have been one of those people. In this short article I will explain what the differences are between the two, and how it may affect the functionality of your site.</summary></entry></feed> |
