Algorithms and Milkshakes

Created Tuesday 22 February 2022

FROM THIS

To THIS


(and back?)

Milkshake Model

(Incidentally)

Source Code -> Binary

Milkshake Model

DELIBERATELY

Encryption and Hashing.

Milkshake Model

Encryption - Hard to turn back

Milkshake Model

Hashing - *Impossible* to turn back, more later

Dan Brown

(wrote a dumb book)

Unbreakable Encryption Probably Still Exists

Yep, even given all the NSA stuff. You have to be super careful

(all breaking you see is usually "backdoors"

not fundamentals)

Encryption

The basic tools for encryption are mostly available to all…

...even if the social factors, companies, corporations, and governments aren’t down.

(remember, you gotta have it on BOTH SIDES)

Old School Encryption

Caesar Cipher. (yes, this really used to fool people)

DWWDFN WKH HDVW ZLQJ RI WKH IRUW DW WKUHH RQ WKXUVGDB..

you got it

attack the east wing of the fort at three on thursday

Quick aside: Another thing

What about hiding the message ITSELF?

Shave a guy's head ... and wait?

Steganography

Hiding the fact that the message (or payload) exists at all

Examples:
- fake personal ad to say something else
- having a safe but hiding valuables in a shoebox
- weird bits in a jpg

History of Hidden Messages

Languages, dialects, patois'...

CULTURAL ENCRYPTION.

CULTURAL AUTONOMY.

(ever heard of “code switching?”)

Recap

Steganography v. Encryption

Steganography

Examples:
- fake personal ad to say something else
- having a safe but hiding valuables in a shoebox
- weird bits in a jpg

Steganography

Useful, but imperfect, esp online
Bad, because: Robots and radio

Better..

Why YES, you can have a copy.

OF JUNK! TOO BAD YOU CANT READ IT!

(This is Encryption)

Encryption: Sending VERIFIABLE secrets

ALICE needs to send a verifiable message to BOB
but CAROL is trying to listen in.

“This is a conversation between A and B so you can C your way out!”

Some definitions:

CLEARTEXT - (should be obvious)
CIPHER - The system of encryption
CIPHERTEXT - the (hopefully not-understandable) gibberish generated
KEY - the arbitrary decoding or encoding "key/password-ish thing" - sometimes not both.

More strategy

Secret METHOD
vs
Public METHOD, secret KEY

Why not interrogate the creators?

Some standard ideas

Security through obscurity* is generally a bad idea:

*The STRICT definition, meaning
"Relying on secrecy in implementation or design,
NOT in the key"

Security through obscurity

"Any person can invent a security system so clever that she or he can't think of how to break it."
Schneier's Law

(you can generalize this to a lot of things; e.g. Open Source, Auditing, etc)

Never roll your own

(Or better yet, do, and throw it out. You'll learn something)

Better

New Strategy, if you can meet

The bookstore strategy

OR

The One-Time Pad

	  but what if you CAN'T meet each other...

But, we are usually "strangers"

  1. Public Key Encryption
  2. Diffie Hellman Key Exchange.

Whats Mathy and Milkshakey?

What, even for a computer, is VERY FAST in one direction..

..and IMPOSSIBLY SLOW in the other?

(remembering,
all computers do is math?

Hey, remember factoring?

24
4 * 6
2 * 2 * 2 *3?

What about 17?

What about 17?

PRIME

It's MATH all the way down

One Way Strategies.

So we use this for KEY encryption

Phil Zimmerman

Invents this. "Hey, this is pretty good privacy!"

Eben Moglen

"Cool idea, no cap. Also, when the FBI kicks down your door, holla"

One weird flipside of this:

Who's MORE powerful than the government?

Gotta sign checks and credit cards!

Encryption and Signatures

Encryption and digital signatures are two sides of the same coin.

You need digital signatures to send money, so we also have encryption. (mostly)

Let's slow down because this is amazing

Because wait: If it's just me and you, its like we just met.

But if it's
Amazon ,Buyer and Card thief..?
and we want to keep this on going.

No seriously. Remember my "mesh" from last week.

If ALL THE SIGNALS ARE IN THE AIR
and MY COMPUTER or PHONE HAS TO SEE ALL OF THEM

Why can't I just steal the password the first time you send it?

What if I do this dirtiness

I invite you to my house where I have COMPLETE CONTROL of my router.
I get you to buy something from Amazon for the first time ever
HOW DO I NOT STEAL YOUR CREDIT CARD?
I'm watching LITERALLY ALL OF THE TRAFFIC?

DIFFIE HELLMAN

Also — Passwords

When you lose your password, what does the website do?

Make you change it?

Or

Send you a copy of it.

If they're nice enough to send you your password?

If they're nice enough to send you your password?

THEY SUCK AT SECURITY.

Good websites will NOT send you your password.

Because they don't actually know it.

Encrypted passwords, right?

...kinda.
One way to do this:

1) Get their password
2) Save it on your computer
3) Then, encrypt it for safety.

What do we really need?

The actual password

or

simply:
Proof that they typed in the same thing both times?

What do we really need?

Remember: “encrypting” something always yields:

GIBBERISH

“MyPassword123” > ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab

What do we really need?

Remember: “encrypting” something always yields:

UNIQUE GIBBERISH

“MyPassword123” > ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab
means that
”DifferentPassword456” ≠ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab

So NEVER save the password,

just the gibberish!

NOT
“MyPassword123” = “MyPassword123”

BUT

“ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab”
=
“ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab”?

And “MyPassword123” IS NOT ON THE SERVER

Wait, do we need alladis?

ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab”
=
ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab”?

Try this

“ab18db351a3”= “ab18db351a3”*

As long as
we use ALL the data in the original to get this number
And it’s STILL mathematically unliklely that two different passwords will yield the same short gibberish, we’re good to go.
(not exactly this)

A dumber, similar thing

Presumption: The network (or person) is imperfect. The bytes we receive may not always be the exact ones that were sent.

Also: The network or verification is “slow”

We need a shorter, but verifiable, version of the data.

Hashing

Error checking/Checksumming.
One tiny change in the original still means BIG changes in the gibberish.

(MD5, which is fast, but not super-secure) is good for this)

Hashing

Error Checking/Checksums
Password “Storage”
Bitcoin/Cryptocurrencies

Passwords

They don't store your password (your secret ingredient)

They just store the entire milkshake....and calculate/mix it every time.

(don't use MD5, use something deliberately slow, like bcrypt)

To beat up some more analogies

Consider your mom’s _______ recipe?
(milkshake?)

Even if you don’t know the ingredients..
… you know when it’s WRONG :)

More details on Hashing

Horrible – storing the password

Better but still bad – storing the password hashed

Decent – storing “userid+password” hashed

Best – storing “userid+password+salt” hashed

Process

Login: jmarks
password: g00dpassword
(salt): b00gab00ga
jmarks+g00dpassword+b00gab00ga
==HASHED==>
02f39aae85ad73e162b446e918597e89

RANDOMNESS

Pseudo-randomness is easy:
"Multiply big'ol numbers a bunch and chop off the beginning of them"

TRUE Randomness is surprisingly hard

RANDOMNESS

In a sense, you can't do it "inside" the computer.

Cloudflare

Backdoors

Yep, they're going to KEEP TRYING THIS MESS.

PRACTICAL MATTERS

DON'T ROLL YOUR OWN...better yet

PRACTICAL MATTERS

DEMAND only free and open source here, confirmed by e.g. NIST

Anything else is almost CERTAINLY compromised in real life.

PRACTICAL MATTERS

All software is imperfect and may have bugs;
..watch out as they may try to use this against you.

PRACTICAL MATTERS

Don't fall for the "Security through Obscurity" trap
(as in, actually reinforce, don't just hide)

PRACTICAL MATTERS

- OR for the "Security through Obscurity trap" trap
(additional hiding to reinforcement isn't bad, aka someone might seriously say, DONT PAINT THIS CAMO.)

Rubber Hose Decryption

Watch the endpoints, this is where the vulnerabilities are

Finally - encrypted AGAINST WHOM?

You'll have to do a fair bit of "game theoretical" thinking here,
when you're dealing with "black-box" encryption.
E.g. Whatsapp claims to be end-to-end encrypted?
I legit don't know.

Other ideas, again:

(prof's opinion)

Biometrics are stupid*

Other ideas, again:

Biometrics are as stupid as Social security numbers
(i.e. decent USERNAMES or slight SECURITY THROUGH OBSCURITY)
I don't use 'em.

What else

Hey, so these hashes
They look like--
02f39aae85ad73e162b446e9

What are the odds that it would look like, say..
00000ae85ad73e162b446e9

Not IMPOSSIBLE, just VERY UNLIKELY.

Political Science and Economics tend to suck, esp when

they ignore each other.

Politics people ignore "It's the economy stupid."

Economists ignore 'Power'

Economists ignore power:

Aka, if the other guy has a sharp stick or a big gun,

the terms of the negotations change a lot.

A bit on banks and money

What is most money "made of?" How is it stored? Coins and little green pieces of paper?

A bit on banks and money

What is most money "made of?" How is it stored? Coins and little green pieces of paper?

NOPE.

Just (trusted) lists. Ledgers in banks and such.

A reasonable, but incorrect, idea

The cavemen had trouble 'trading' stuff, so they started using shiny rocks.

Nope. Remember, IT and Power are about writing things down.

Power, rules, and lists and IOUS came before "money"

In fact, lists are older than "money" itself.

Not dollars, but a list somewhere that says
"Ug owes Oof two cows"
"Oof owes Grok a stick"
or more accurately
"everybody owes the king taxes"

theorem: any system that involves writing down "ownership" and "what you've paid" for is (possibly) a bank = (gamestop, even)

wat

forgive the language

But, you also might want "pieces/tokens"

GOLD AND DIAMONDS HA HA HA

(wait, seriously. Why are diamonds more expensive than water?)

Bitcoin and most other "Cryptocurrencies"

(note, some others don't work exactly this way)
A huge encoded/distributed online ledger/list, also called a "blockchain"

Powered/driven by "mining" (which is more like a slot machine, pull the lever, power the thing, and see if you "win")

Mining Bitcoin?

Randomly trying to find "nice looking" hashes.

......4E9BB99 nope.

.......000000 yep! $$$$

Mining

When you download a bitcoin (full node) wallet program, you literally have to get a copy of every single transaction ever.

Transactions are computationally expensive.
The "Mining" also powers the "hashed transactions..eg."

02b23 gave bf239 .005 bitcoins. I can prove it because the hash of this transaction is =>
081ee23

Add this to the chain and spread it around.

Bitcoin transaction.

You "add your new or old hash movement" to the ledger. By making another special hash. Which is "expensive."

This work powers the blockchain and "proves" that you've put in work. By design, the system "rewards" you for it.
Bitcoin transaction.

Now, why is it valuable?

Because people believe it is.

See also: gold, beanie babies, crappy companies, virtual swords, pokemon cards, sneakers, whatevs.

Now, why is it valuable?

Specifically, because you can get people to trade you something for it.

Lets mess up your head more.

How do real banks work?

ANOTHER reasonable, but incorrect idea

"Fractional Reserve Banking."

You give your money to the bank to hold on to, and then they lend some of it out.
The amount of your money they lend out is the interest rate.

Not quite. FIAT Money.

You invest your money in the bank system, in the reasonable hope, backed by law and guns,
that you can have it back when you ask for it.

Not quite. FIAT Money.

The Federal Reserve, based on looking at stuff (including but not limited to this),
using your money as part of the leverage, DECLARES an interest rate
(i.e. decides how much money to make out of thin air)

Not quite. FIAT Money.

Different from the first thing because it's not limited to the money you all put in.

I.e. it's not "Scrooge McDuck gold in a vault"
it's "America has guns and we SAY so"

Don't know about y'all

But this kind of made crypto EASIER to understand,
because crypto (and all money type things)
does the same thing.
You can issue all the coins you want,
but they're only worth what other people will trade for them.

HALLOWEEN CANDY

and tunafish sandwiches
and books.

Bitcoin transaction.

PS: Crypto addresses? Just numbers in different bases (sometimes with a prefix):
Functionally similar to public keys
BTC: 18L1qxHaN1i8ihrLMX8sxrQLmfoaTWud9R
ETH: 0xD54b6C55A8aEc0bec04Cb6b3eB6F84F6BcF03619

(these are 100% real, please feel free to send me money :) )

"Blockchain"

It's a large public database, in which everyone can see every transaction. That's all.

Now give me a bunch of money because I just said "blockchain" :)

NFTs

"Non Fungible Tokens"

Okay, FUNGIBLE means, they're all equal, like the dollars in your wallet. None is different from the other

NFTs

Basically — a serial number or a url
That is movable, that THEORETICALLY SAYS
"You own this thing."

They seem very silly now

But perhaps they might be useful for anything that could use:
"A public record of ownership,"

Like House deeds, etc.