Information Security and Secret Messages

Agenda

• Information Assurance Program• Value of Information• Secret Messages

– Steganography– Caesar Cypher– Keyword Cypher

• Use in IA• Crypto Activity• Wrap-up

Why are we here?

• Graduate students at UNM’s Anderson School of Management

• Here to discuss Information Security and why it’s important to you as part of a course project

Information Assurance at UNM

• Information assurance (IA)– Interdisciplinary field combining computer science,

computer engineering, information systems and accounting

– Taking measures to protect electronic information

• Why study IA– There is a high demand for IA professionals and few

people to fill it– IA jobs have high pay and excellent benefits

• (Typical IA graduate starting salary of roughly $70,000)

Why Do We Need IA?

• Is information valuable?– your identity (social security number)– your credit card information

• Do you protect things that are valuable to you?– Money– Ipod– Home

• What information exists electronically?– Personal information– Banking information– Company information

Scenario 1:

• You want to give Sarah a note telling her that you like Jake, but you are worried about someone else reading the note. You decide to send the note in a way that only Sarah can read it.

• What are some ways you can think of to do this?

Secret Messages

• Often times in industry, you will have to send sensitive information through emails

• If these emails were to be intercepted by the wrong person, companies may lose thousands of dollars through:– Fines for illegally sharing personal information

like social security numbers of customers– Losing business because the plans for their

new product was leaked to the public

What is Special About this Picture?

Steganography

• Steganography (Stego) the hiding of messages

• Steganography hides messages within a picture, digital file, .mp3, au. Files, and even unused storage spaces on CDs and DVDs

• Steganography can utilize the use of a key in order to make the hidden message more secure

Can You Read This?

Cryptography

• Cryptography literally means “secret writing”

• Encryption transforms plain text language into a secret code and sends the secret code instead of the plain text language

• A key is used to decrypt the code back into plain text (make it readable)

How It Works

• The are several types of encryption, two common ciphers are explained in your handout:– The Caesar Cipher– Keyword Substitution

Caesar Cipher

• The first step is to assign a number to each letter of the alphabet– A = 0, B = 1, … , Y = 24, Z = 25

• The next step is to pick a “key.” The key for a Caesar Cipher is a single number between 0 and 25.

• If the key equals 5, then the alphabet would be transformed to:(before)

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

(after)

F G H I J K L M N O P Q R S T U V W X Y Z A B C D E

– Essentially the entire alphabet is shifted to the left by 5

• Now we can write our secret message

Keyword Substitution

• A keyword substitution uses, yes, a key word, such as “count” instead of a number for the key.

• To write a keyword cipher, first write out the alphabet, then write the keyword directly below the first few letters of the alphabet.

• Complete the second row by writing, in order, the unused letters

• Example:a b c d e f g h I j k l m n o p q r s t u v w x y z

c o u n t a b d e f g h I j k l m p q r s v w x y z

Encryption Programs

• Computer programs use algorithms to encrypt electronic data so it cannot be read without the key

• Several programs have encryption capabilities such as:– Microsoft Outlook– Apple Mail– Thunderbird– TrueCrypt

Activity

• Break into groups of 3-5• You will be given a message and a cipher to

encrypt it with• Use the cipher to encrypt the message in your

envelope• Pick someone from your team to come write

your encrypted message on the board• Raise your hand if you have questions, this

should only take 5-10 minutes

Activity Continued

• In your same teams, try to decipher the encrypted messages on the board

• Remember – Stand alone letters are typically I or A– Most common letters are RSTLNE– Most common double letters in words are:

• SS, EE, TT, FF, LL, MM, OO

• Hints– All of these quotes have the word “education”– The quote authors are either:

• Mark Twain

• Albert Einstein

• Will Durant

Wrap Up

• How does encryption protect your information?

• Why do we need information assurance?

• Why are the lobos better than the aggies?

• What questions do you have for us?

THANK YOU