Communications Encryption Exhibition - Content

What is Encryption?

Encryption disguises messages so that they can only be read by the intended recipient.What is encryption

“For thousands of years, kings, queens and generals have relied on efficient communication in order to govern their countries and command their armies. At the same time, they have all been aware of the consequences of their messages falling into the wrong hands, revealing precious secrets to rival nations and betraying vital information to opposing forces. It was the threat of enemy interception that motivated the development of codes and ciphers: techniques for disguising a message so that only the intended recipient can read it.”

“The desire for secrecy has meant that nations have operated code making departments, responsible for ensuring the security of communications by inventing and implementing the best possible codes. At the same time, enemy codebreakers have attempted to break these codes, and steal secrets. Codebreakers are linguistic alchemists, a mystical tribe attempting to conjure sensible words out of meaningless symbols. The history of codes and ciphers is the story of the centuries-old battle between codemakers and codebreakers, an intellectual arms race that has had a dramatic impact on the course of history” Singh, ix

“The ongoing battle between codemakers and codebreakers has inspired a whole series of remarkable scientific breakthroughs. The codemakers have continually striven to construct ever-stronger codes for defending powerful methods for defending communications, while codebreakers have continually invented more powerful methods for attacking them. In their efforts to destroy and preserve secrecy, both sides have drawn upon a diverse range of disciplines and technologies, from mathematics to linguistics, from information theory to quantum theory.” Singh x

Caesar Cipher

“Caesar used secret writing so frequently that Valerius Probus wrote an entire treatise on his ciphers. [. . .] The emperor simply replaced each letter in the message with the letter that is three places further down in the alphabet. Cryptographers often think in terms of the plain alphabet, the alphabet used to write the original message, and the cipher alphabet, the letters that are substituted in place of the plain letters. When the plain alphabet is placed above the cipher alphabet [. . .]it is clear that the cipher alphabet has been shifted by three places, and hence this form of substitution is often called the Caesar shift cipher, or simply the Caeser cipher. A cipher is the name given to any form of cryptographic substitution in which each letter is replacd by another letter or symbol. [. . .] it is clear that by using any shift between 1 and 25 places it is possible to generate 25 distinct ciphers. In fact, if we do not restrict ourselves to shifting the alphabet and permit the cipher alphabet to be any rearrangement of the plain alphabet, then we can generate an even greater number of distinct ciphers. There are over [huge number] such rearrangements, and therefore the same number of distinct ciphers”

Caesar Cipher – Julius Caesar

6 May 2023 1

Communications Encryption Exhibition - Content

“The first documented use of a substitution cipher for military purposes appears in Julius Caesar’s Gallic Wars. Caesar describes how he sent a message to Cicero, who was besieged and on the verge of surrendering. The substitution replaced Roma letters with Greek letters, rendering the message unintelligible to the enemy.” Singh 9-10

“Caesar used secret writing so frequently that Valerius Probus wrote an entire treatise on his ciphers. [. . .] The emperor simply replaced each letter in the message with the letter that is three places further down in the alphabet. Cryptographers often think in terms of the plain alphabet, the alphabet used to write the original message, and the cipher alphabet, the letters that are substituted in place of the plain letters. When the plain alphabet is placed above the cipher alphabet [. . .]it is clear that the cipher alphabet has been shifted by three places, and hence this form of substitution is often called the Caesar shift cipher, or simply the Caeser cipher. A cipher is the name given to any form of cryptographic substitution in which each letter is replacd by another letter or symbol. [. . .] it is clear that by using any shift between 1 and 25 places it is possible to generate 25 distinct ciphers. In fact, if we do not restrict ourselves to shifting the alphabet and permit the cipher alphabet to be any rearrangement of the plain alphabet, then we can generate an even greter number of distinct ciphers. There are over [huge number] such rearrangements, and therefore the same number of distinct ciphers”

“TeIn cryptography, a Caesar cipher, also known as Caesar's cipher, the shift cipher, Caesar's code or Caesar shift, is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. The method is named after Julius Caesar, who used it in his private correspondence.

Note: Love story mentioned above used it (one-letter shift)

Artifact: n/a Image/AV: Graphic showing how it works (encryption and decryption) Interactive: Send a message/decode a message?

Recommended section: What is encryption?Why – Keep private correspondence private. Simple to use: Even as late as 1915, the Caesar cipher was in use: the Russian army employed it as a replacement for more complicated ciphers which had proved to be too difficult for their troops to master; German and Austrian cryptanalysts had little difficulty in decrypting their messages

Jobs – no

How - "If he had anything confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the alphabet, that not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and

Daily life – no

6 May 2023 2

Communications Encryption Exhibition - Content

so with the others."It is unknown how effective the Caesar cipher was at the time, but it is likely to have been reasonably secure, not least because most of Caesar's enemies would have been illiterate and others would have assumed that the messages were written in an unknown foreign languageCanada/CSE - no Cyber security - no

Baseball signals - Coaches give players in-game instructions from the sidelines using individualized hand/body signals. Opposing teams try to decipher the signals to anticipate their opponent’s moves.

Artifact: no Image or AV: Video showing montage of signals Interactive: Could play with elaborateness of some signals by inviting people to make up their

own (silly, kid-focused); Could have a digital baseball game (memory game) where you interpret your coach’s signals and act accordingly and/or try to decipher the other team’s signals?

Recommended section: What is encryption? Why – Yes. Clear example of transmitting information while keeping it secret

Jobs – No

How – example of the “man” side of “man or machine”

Daily life – Yes

Canada/CSE – No Cyber security – NoReferences: Paul Dickson The Hidden Language of Baseball

Commercial codeDevelopment of code book to keep telegraphs secret (any example of use?)

Artifact: Slater’s telegraph code book; telegraph machine Image or AV: n/a? Graphic of different codes in action. Telegraph office? Interactive: Encode or decode a message

Recommended section: What is encryption? Why – Conceal the meaning of a telegraph message from all but the intended recipients (including telegraph operators).

Jobs – No

How – Pre-arranged key (i.e., addition/subtraction of pre-arranged number; transposition of numbers; or both)

Daily life - No

6 May 2023 3

Communications Encryption Exhibition - Content

Canada/CSE – No Cyber security - No

6 May 2023 4

Communications Encryption Exhibition - Content

Code making, code breaking, and examples.

Basic principles“Each distinct cipher can be considered in terms of a general encrypting methods, known as the algorithm, and a key, which specifies the details of a particular encryption. In this case, the algorithm involves substituting each letter in the plain alphabet with a letter from a cipher alphabet, and the cipher alphabet is allowed to consider of any rearrangement f the plain alphabet. The key defines the exact cipher alphabet to be used for a particular encryption.” Singh 10-11

“An enemy studying an intercepted scrambled message may have a strong suspicion of the algorithm, but would not know the exact key. For example, they may well suspect that each letter in the plaintext has been replaced by a different letter according to a particular cipher alphabet, but they are unlikely to know which cipher alphabet has been used. If the cipher alphabet, the key, is kept a closely guarded secret betweenthe sender and the receiver, then the enemy cannot decipher the intercepted message. The significance of the key, as opposed to the algorithm, is an enduring principle of cryptgraphy. It was definitively stated in 1883 by the Dutch linguist Auguste Kerckhoffs vo Nieuwenhof in his book La Cryptographie militaire: ‘Kerckhoffs’ Pricinple: The security of a cryptosystem must not depend on keeping secret the crypto-algorithm. The security depends only on keeping secret the key.” Singh 11-12

“In addition to keeping the key secret, a secure cipher system muse also have a wide range of potential keys. For example, if the sender uses the Caesar shirt cipher to encrypt a message, then encryption is relatively weak because there are only 25 potential keys. “

“The simplicity of the key is important, because the sender and receiver have to share knowledge of the key, and the simpler the key, the less the chance of misunderstanding.”Singh 10-12

Radio and encryption “Marconi’s invention tantalised the military, who viewed it with a mixture of design and trepidation. The tactical advantages of radio are obvious: it allows direct communication between any two points without the need for a wire between the locations. Laying such a wire if often impractical, sometimes impossible. Previously, a naval commander based in port had no way of communicating with his ships, which might disappear for months on end, but radio would enable him to coordinate a fleer wherever the ships might be. Similarly, radio would allow generals to direct their campaigns, keeping them in continual contact with battalions, regardless of their movements. All this is made possible by the nature of raiod waves, which emanate in all directions, and reach receivers wherever they may be. However, this all pervasive property of raiod is also its greatest military wekness, because messages will inevitable reach the enemy as well as the intended recipient. Consequently, relatable encryption because a necessity. If the enemy were going to be able to intercept every radio message, then cryptographers had to find a way of preventing them from deciphering these messages.” Singh 102-103

“The mixed blessings of radio – ease of communication and ease of interception – were brought into sharp focus at

6 May 2023 5

Communications Encryption Exhibition - Content

the outbreak of the First World War. All sides were keen to exploit the power of radio, but were also unsure of how to guarantee security. Together, the advent of radio and the Great War intensified the need for effective encryption. The hope that there would be a breakthrough, some new cipher would re-establish secrecy for military commanders. However, between 1914 and 1918 there was to be no great discovery, merely a catalogue of cryptographic failures. Codemakers conjured up several new ciphers, but one by one they were broken.” Singh 103 “Scherbius’ Enigma machine consisted of a number of ingenious components, which he combined into a formidable and intricate cipher machine. However, if we break the machine down into its constituent parts and rebuilt it in stages, the its underlying princeiples will become apparent. The basis form of Scherbius’s invention consistges of three elements connected by wires: a keyboard for inputting each plaintext letter, a scrambling unit that encrypts each plaintext letter into a corresponding cipher text letter, and a display board consisting of various lamps for indicating the ciphertext letter. [. . .] In order to encrypt a plaintext letter, the operator presses the appropriate plaintext letter on the keyboard, which sends an electric pulse through the centrals crambling unit and out the other side, where it illuminates the corresponding cipher text letter on the lampboard.” Singh 127-128

“The scrambler, a thick rubber disc riddled with wires, is the most important part of the machine. From the keyboard, the wires enter the scrambler before emerging at six points on the other side. The internal wirings of the scrambler determine how the plaintext letters will be encrypted.” Singh 128

“However, Scherbius’s idea was for the scrambler disc to automatically rotate by [one-twentysixth] of a revolution each time a letter is encrypted. [. . .] In other words, the cipher alphabet changes after each encryption.” Singh 128

“The rotation of the scrambler is the most important feature of Scherbius’s design. However, as it stands the machine suffers from one obvious weakness. Type b six times will return the scrambler to its original position, and typing b again and again will repeat the pattern of encryption. In general, cryptographers are keen to avoid repetition because it leads to regularity and structure in the ciphertext, symptoms of a weak cipher. This problem can be alleviated by introduction a second scrambler disc.” Singh 129-130

“Each time a letter in encrypted, the first scrambler rotates by one space [. . .]. In contrast, the second scrambler disc remains stationary for most of the time. It moves only after the first scrambler has made a complete revolution. The first scrambler is fitted with a tooth, and it is only when this tooth reachers a certain point that it knocks the second scrambler on one place.”

“The second scrambler will not move again until the first scrambler completes on revolution, which will take another [twentyfive] encryptions.” Singh 130

“The advantage of adding a second scrambler is that the patter of encryption is no repeated until the second scrambler is back where it started, which requires [twentysix] revolutions of the first scrambler. [. . .] With a full alphabet of 26 letters, the cipher machine would switch between 26 x 26, or 676 cipher alphabets. So by combining scramblers (sometimes called rotors), it is possible possible to build an encryption machine which is continually switching between different cipher alphabets. The operator types in a particular letter and, depending on the scrambler

6 May 2023 6

Communications Encryption Exhibition - Content

arrangement, it can be encrypted according to any one of the hundreds of cipher alphabets. Then the scrambler arrangement changes, so that the the next letter is typed into the machine it is encrypted according to a differen cipher alphabet. Furthermore, all of this is done with great efficiency and accuracy, thanks to the automatic movement of scramblers and the speed of electricity.” Singh 130-132

“First, Scherbius’s standard encryption machine employed a third scrambler for extra complexity – for a full lalphabet these three scramblers would provide 26 x 26 x 26, or 17, 576 distinct scrambler arrangements. Second, Scherbius added a reflector. The reflector is a bit like a scrambler, inasmuch as it is a rubber disc with internal wirings, but it differs because it does not rotate, and the wires enter on one side and the re-emerge on the same side. With the reflector in place, the operator types in a letter, which sends an electrical signal through the three scramblers. When the reflector receives the incoming signal it sends it back through the same three scramblers, but along a different route. [. . .] At first sight the reflector seems to be a pointless addition to the machine, because its static nature means that it does not add to the number of cipher alphabets. However, its benefits become clear when we see how the machie was acutally used to encrypt and decrypt a message.” Singh 132-133

“An operator wishes to send a secret message. Before encryption begins, the operator must first rotate the scramblers to a particular starting position. There are 17,576 possible arrangements, and therefore 17,576 possible starting positions. The initial setting of the scramblers will determine how the message is encrypted. We can think of the Engimas machine in terms of a general cipher system, and the initial settings are what determine the exact details of the encryption. In other words, the initial settings provide the key. The initial settings are usually dictated by a codebook, which lists the key for each day, and which is available to everybody withing the communications network. Distributing the codebook requires time and efrfort, but because only one key per day is required, it could be arranged for a codebook containing 28 keys to be sent out just once every four weeks. By comparison, if any army were to use a one-time pad cipher, it would require a new key for every message, and key distribution would be a much greater task. Once the scramblers have been set according to the codebook’s daily requirement, the sender can begin encrypting. He types in the first letter of the message, sees which letter is illuminated on the lampboard, and notes it down as the firs tletter of the ciphertext. Then, the first scrambler inputs the second letter of the message, and so on. Once he has generated the complete ciphertext, he hands it to a radio operator who transmit it to the intended receiver.” Singh 133

“In order to decipher the message, the receiver needs to have another Enigma machine and a copy of the codebook that contains the initial scrambler settings for that day. He sets up the machine according to the book, types in the ciphertext letter by letter, and the lampboard indicates the plaintext. In other words, the sender type in the plaintext to generate the ciphertext, and now the receiver types in the cihpertext to generate the plaintext – encihperment and decipherment are minor processes. The ease of the decipherment is a consequence of the reflector.” Singh 133

“It is clear that the key, and the codebook that contains it, must never be allowed to fall into enemy hands. It is quite possible that the enemy might capture an Enigma machine, but withouth knowing the initial settings used for encryption, they cannot easily decrypt an intercepted message. Without the codebook, the enemy cryptanalyst must resort to checking all the possible keys, which means trying all the 17,576 possible initial scrambler settings. The

6 May 2023 7

Communications Encryption Exhibition - Content

desperate cryptanalyst would set up the captured Enigma machine with a particular scrambler arrangement, input a short piece of the ciphertext, and see if the output makes any sense. If not, he would change to a different scrambler arrangement and try again. If he can check one scramble arrangement each minute and workds night and day, it would take almost two weeks to check all the settings. This is a moderate level of security, but if the enemy set a dozen people on the task, then all the settings could be checed withing a day. Scherbius therefore decided to improve the number of initial settigns and thus the number of possible keys.” Singht 134

“He could have increased security by adding more scramblers (each new scrambler increases the number of keys by a factor of 26), but this would have increased the size of the Enigma machine. Instead, he added two other features. First, he simply made the scrambles removable and interchangeable. So, for example, the first scramble disc could be moved to the third position, and the third scrambler disc to the first position. The arrangement of the scramblers affects the encryption, so the exact arrangement is crucial to encipherment and decipherment. There are six different ways to arrange the three scramblers, so this feature increases the number of keys, or the number of possible initial settings, by a factor of six.” Singh 134

“The second new feature was the insertion of a plugboard between the keyboard and the first scrambler. The plugboard allows the sender to insert cables which have the effect of swapping some of the letters before they enter the scrambler. For example, a cable could be used to connect the a and b sockets of the plugboard, so that when the cryptographer wants to encrypt the letter b, the electrical signal actually follows the path through the scramblers that previously would have been the path for the letter a, and vice versa. The Enigma operator has six cables, which meant that six pairs of letters could be swapped, leaving fourteen letters unplugged and unswapped. The letters swapped by the plugboard are part of the machine’s setting, and so much be specificed in the codebook.” Singh 134-135

“There is one more feature of Scherbius’ design, known as the ring, which has not yet been mentioned. Although th ring does have some effect on encryption, it is the least significant part of the whole Engima machine, and I have decided to ignore it for the purposes of this discussion.” Singh 135

“As long as sender and receiver have agreed on the plugboard cablings, the order of the scramblers and their respective orientations, all of which specify they key, they can encrypt and decrypt messages easily. However, an enemy interceptor who does not know the key would have to check every 10,000,000,000,000,000 possible keys in order to crack the ciphertext. To put this into context, a persistent cryptanalyst who is capable of checking one setting every minute would need longer than the age of the universe to check every setting.” Singh 136

“Scherbius took out his first patent in 1918.” “He tried to market the cipher machine to both the military and the business community, offering different versions to each. For ecample, he offered a basic version of Enigma to businesses, and a luxury diplomatic version with a printer rather than a lampbaord to the Foreign office.” Singh 137-138

“Three other inventors in three other countries has independently and almost simultaneously hit upon the idea of a

6 May 2023 8

Communications Encryption Exhibition - Content

cipher machine based on rotating scramblers.” Singh 138

“By 1925 Scherbius began mass-producing Scherbius began mass-producing Enigmads, which went into military service the following year, and were subsequently used by the govermnet and by state-run organisations such as the railways. These Enigmas were distinct from the few machines that Scherbius has previously sold to the business community, because the scramblers had diffrerent interanal wirings. Owners of a commercial Enigma machine did not therefore have a complete knowledge of the government and military versions.” Singh 143

“The ethos of blitzkrief was ‘speed of attack through speed of communications’”. Singh 158

Alert “Canada’s collaboration with allied SIGINT efforts, which was subsequently expanded into the wider ranging UKUSA

alliance, was valued not so much for this country’s inherent capabilities in SIGINT or its contributions to intelligence production generally, as for its geographic advantage in providing communications intelligence coverage of the Soviet Union, especially its Arctic and Far Eastern regions. “ Rudner 2000, 10

“Up to the present, most of the foreign intelligence provided to the Canadian government by virtue of Canada’s own intelligence collection capabilities derives from signals intelligence provided by CSE. Canadian SIGINT operations collect intelligence by means of sophisticated, covert interception technologies designed to intercept terrestrial, microwave, radio, and satellite communications along with other electromagnetic emissions. These intercepts are then processed through technologically advanced computer systems programmed to search for specific telephone numbrs, voice recognition patterns, or key words, and to decrypt text.” Rudner 2000, 10

“Canadian signals intelligence operations during and after the Cold War may be considered in terms of four types of interception, in accordance with the location and technologies deployed. Local in-country interception operations were mounted within Canada, targeting communications to or from this country. External interception operations targeted communications in foreign countries from Canadian diplomatic posts. Long-range operations targeted communications and electromagnetic emissions abroad from interception facilities in Canada. Later, specialised facilities were installed to also monitor satellite communications links. The primary targets for each of these types of interception during the Cold War were diplomatic, military and espionage communications of Soviet Bloc countries. Other countries communications were also sometimes targeted. “ Rudner 2000, 12

“In parallel with these local and external operations Canadian signals intelligence also undertook long-distance SIGINT intercepts from interception stations in Canada. Long-distance HF radio intercepts enabled Canada and its allies to eaves drop on internal Soviet (and other Warsaw Pact) military, naval, rocket for and air force communications networks across the Arctic. These Soviet Bloc armed forces HF radio networks were generally less well protected than poitical-level and diplomatic communications, and could be intercepted and processed with contemporary technologies. SIGINT interceptions of HG communications played a key role in the strategically vital polar theatre by way of providing distant early warning of the Soviet order of battle and potential first strike capability, intelligence of primary significance during the Cold War for the defence of Canada and North American.” Rudner 2000,

6 May 2023 9

Communications Encryption Exhibition - Content

13

“By the mid-1970s, however, the USSR seemed better able to effectively protect its high-level communications against interception. By then Canadian SIGINT operations were also targeting other perceived threats to Canada’s national security and territorial integrity. Among the countries now targeted were those whose foreign policy behaviour was considered inimical to Canada and its allies, and those who embassies or representatives were suspected of engaging in illegitimate political activities, inappropriate dealings with Canadian residents, support for subversive or terrorist groups, or illicit arms procurements.” Rudner 2000, 13

“Canadian and allied SIGINT interceptions of in-country Soviet communications helped to fill the information void in these otherwise closed, secretive, unfriendly regimes. Information needed simply to manage bilateral relations, or to assess international behaviour and risks, which in other societies would have been open source, could only be acquired in the context of Soviet secretiveness by intelligence means. SIGINT interceptions of local communications was one of the most effective, least risky, means of penetrating the iron curtain of secrecy. Soviet countermeasures were deployed in the 1970s to frustrate SIGINT operations run from the US Embassy.” Rudner 2000, 14

“In the early 1980s Canadian SIGINT was even targeting non-security related economic targets of opportunity as part of operation Aquarian aimed at foreign embassies and consulates, even those of friend or indeed allied countries. CSE intercepts were said to have been instrumental in enabling Canada to out-compete the United States ina US$5 billion what sale to China in 1981.” Rudner 2000, 15

“Although the NSA partially funded the modernisation of Canadian communications interception facilities in the 1960s, the number of stations was reduced to just six by the early 1970s. Frobisher Bay, Whitehorse, Churchill, Coverdale and Ladner were all closed down. A new station was activated in Inuvik (to replace Aklavik, closed in 1961, and a naval HF-DF station was opened in Bermuda in 1963. Following the transfer of SIGINT responsibilities to CSE in 1975, a complex of specialized SIGINT antennae and processing stations was constructed at Leitrim, Alert, Ganer, Whitehorse (now closed) and Masset, staffed with military personnel from what is today the Canadian Forces Information Operations Group. By the late 1990s the interception stations at Alert, Gander and Masset were fully automated and would henceforward be remotely controlled from the central CSE collection facility at Leitrim.” Rudner 2000, 15-16

“Since the 1970s a rapidly increasing share of international telecommunications traffic has been relayed by Intelsat (International telecommunications Satellite Organization) satellites and other regional communications satellites. At first just two specialised ground interception stations, one British and the other American, were sufficient to achieve UKUSA monitoring of all Intelsat traffic across the world. However, subsequent refinements to Intelsat satellite deisgn impelled the UKUSA alliance to build a chain of six intercept stations over the years in order to maintain global coverage, and to link these in a functional network. The launching of Soviet and other regional communications sategllites spurred the building of other suitably situation SIGINT interception facilities to augment this UKUSA network. One of these operated under CSE aegis at Leitrim, Ontario, ostensibly targeted on Latin American satellite communications.” Rudner 2000, 18

6 May 2023 10

Communications Encryption Exhibition - Content

“American SIGINT satellites yielded a prodigious flow of intercepted telecommunications traffic requiring powerful computers to process, search, filter, and identify material of intelligence interest. CSE involvement in the UKUSA network of ground-based installations for satellite SIGINT collection demanded a substantial upgrading of its technological base. The first satellite interception dish was installed at Leitrim in late 1984; another medium-size dish was erected in 1986. Staffing likewise had to be augmented and trained to analyse and disseminate the ensuing intelligence product.” Rudner 2000, 19

“To deal with this surge in SIGINT collection after 1984 CSE undertook a reviatlisation and enlargement of its intelligence processing capacity and cryptanalytic capabilities. Early in 1985 CSE acquired its first supercomputer for cryptanalysis, a Cray X-MP/11. CSE staffing grew from around 600 personnel in the late 1970s to some 720 in the mid-1980s, and to about 900 by the end of the decade. By the late 1990s there were four satellite dishes operating at Leitrim.” Rudner 2000, 19

“By the 1990s, extensive refinements to UKUSA satellite interception technolgoies had made possible a vairtually seamless global intelligence collection capability for the various modalities of signals intelligence collection: local in-country, external, HF long distance and space based. This quantum leap forward towards a convergence and meshing of SIGINT technologies reached its zenith in the tightly integrated and networked interception and processing system known as Echelon. Highlight secret still, Echelon, had its originas in the pomputerised processing and networking technologies which evolved sicne the 1970s and were greatly enhanced in the 1990s. Compared to earlier SIGINT systems deployed during the Cold War, which were designed primarily to intercept diplomatic, espionage and military communications, Echelon had a broad banded capacity to monitor virtually all types of electronic communicaitons amount public and private sector organizations and individuals in almost every country.” Rudner 2000, 19

Zimmerman telegraph

“German Foreign Minister Arthur Zimmermann sent this encoded message to the President of Mexico on January 16, 1917, offering United States territory to Mexico in return for joining the German cause in World War I. In return for Mexican support, Germany would help Mexico regain New Mexico, Texas, and Arizona from the United States.

British intelligence intercepted the telegram and deciphered it. In an effort to protect their intelligence from detection and to capitalize on growing anti-German sentiment in the United States, the British waited until February 24 to present the telegram and its translation to U.S. President Woodrow Wilson. The American press published news of the telegram on March 1. On April 6, 1917, the United States Congress formally declared war on Germany and its allies.” https://www.docsteach.org/documents/document/zimmermann-telegram-as-received

6 May 2023 11

Communications Encryption Exhibition - Content

Breaking Code

“The word ‘code’ refers to a very particular type of secret communication, one that has declined in use over the centuries. In a code, a word or phrase is replaced with a word, number or symbol. [. . .]The alternative to a code is a cipher, a technique that acts at a more fundamental level, by replacing letters rather than whole words.” Singh x

6 May 2023 12

Communications Encryption Exhibition - Content

Consequences

6 May 2023 13

Communications Encryption Exhibition - Content

General Information

6 May 2023 14

Communications Encryption Exhibition - Content

Why do we encrypt communication? We encrypt communication to keep messages secret.

Enigma Artifact: Enigma Machine (CSE) Image or AV: Graphic breaking down how the Enigma machine works Interactive: Could be broken down as an interactive? Kids could write a message and see it

encrypted?

This is a must obviously. It was a great success in the last partnership amongst NMST, CSE and myself in 1999-2000. It was the exhibit that had the most attention and questions. [Artifacts: CSE’s 4-rotor Kriegsmarine Enigma, rotors, perhaps the printing mechanism for the Enigma, etc.]

“This particular Enigma Cipher Machine was retrieved from a U-Boat [by whom?] The fact that it has four rotors increases the permutations and complexity of the cypher, which was more critical for naval Enigma.”Recommended section: How to we encrypt communicationWith CSE highlight Typex Rotors? Why – Spying During Wartime During war, the ability to communicate securely saves lives on your side, and ensures that your plans succeed. At the same time, being able to decipher your opponent’s communications gives you more information to plan how best to foil their plans.

Jobs – no

How – Break down this complicated machine Daily life - no Canada/CSE - ? Cyber security - no References:

Typex Rotors/KL-7 Adonis Rotors In the history of cryptography, Typex (alternatively, Type X or TypeX) machines were British cipher machines used from 1937. It was an adaptation of the commercial German Enigma with a number of enhancements that greatly increased its security. The cipher machine (and its many revisions) was used until the mid-1950s when other more modern military encryption systems came into use.One German cryptanalyst stated that the Typex was more secure than the Enigma since it had seven rotors, therefore no major effort was made to crack Typex messages as they believed that even the

6 May 2023 15

Communications Encryption Exhibition - Content

Enigma's messages were unbreakable.

DID CSE PRODUCE TYPEX ROTORS or JUST KEY TAPE?

Artifact: Typex rotors Image/AV: Graphic showing how they work (although probably not bc overlap with Enigma) Interactive: ?

Recommended section: CSE highlight to accompany EngimaWhy - Jobs - How - Daily life - Canada/CSE - Typex was used by the British armed forces and was also used by Commonwealth countries including Canada and New Zealand.

Cyber security -

ReferencesKeytape? http://www.cryptomuseum.com/crypto/uk/rockex/index.htm#key

6 May 2023 16

Communications Encryption Exhibition - Content

“As information becomes an increasingly valuable commodity, and as the communications revolution change society, so the process of encoding messages, known as encryption, will plan an increasing role in everyday life. Nowadays our phone calls bounce off sategllites and our e-mails pass through various computers, and both forms of communication can be intercepted with ease, and both forms of communication can be intercepted with ease, so jeopardising our privacy. Similarily, as more and more business is conducted over the Internet, safeguards must be put in place to portect companies and their clients. Encryption is the only way to protect our privacy and guarantee the success of the digital marketplace.” Singh x

6 May 2023 17

Communications Encryption Exhibition - Content

How do we encrypt communication?

StuxnetAlleged hacking of Iranian nuclear facilities by USA and Israel using a computer worm.

Artifact: No Image or AV: Infographic? Or AV representation? Interactive: Is there something in the transmission aspect of a worm?

Recommended section: Why do we encrypt communication or How do we encrypt communicationWith possible CSE highlight. Would Assemblyline help protect against this kind of thing? Why – State-on-state cyber warfareExample of cybersecurity failure having physical work consquences

Jobs – No

How – Yes. Example of a worm as an offensive tool

Daily life – No

Canada/CSE – No but maybe there’s an equivalent protection provided by CSE? We should ask. Could be linked with Assemblyline?

Cyber security – Yes

AssemblylineAssemblyline is a malware detection and analysis tool developed by the CSE and released to the cybersecurity community in October 2017.

Artifact: n/a Image/AV: Graphic showing how it works Interactive: Is there something we can do with the “assembly line” concept – making it

literal/physical instead of digital – that could help make this easier to understand?Recommended section: CSE highlight to accompany Stuxnet?Why - Malicious files can allow threat actors to access sensitive systems, extract valuable data or

Jobs – Maybe?

6 May 2023 18

Communications Encryption Exhibition - Content

corrupt vital services. Assemblyline will benefit small and large businesses by allowing them to better protect their data from theft and compromise. Most software of a similar nature is proprietary to a company and not available to the software development community. CSE is releasing Assemblyline to businesses, security researchers, industry, and academia, with no economic benefit to CSE. The release of Assemblyline benefits the country and CSE’s work to protect Canadian systems, and allows the cybersecurity community to build and evolve this valuable open-source software. The public release of Assemblyline enables malware security researchers to focus their efforts on creating new methods to detect malicious files.How - Assemblyline is a platform for the analysis of malicious files. It is designed to assist cyber defence teams to automate the analysis of files and to better use the time of security analysts. The tool recognizes when a large volume of files is received within the system, and can automatically rebalance its workload. Users can add their own analytics, such as antivirus products or custom-built software, in to Assemblyline. The tool is designed to be customized by the user and provides a robust interface for security analysts.

Daily life – Maybe?

Canada/CSE - Yes Cyber security - Yes

Slidex/manual cipher/variable cipher and CrayNeed particular example – related to diplomacy?[signals intelligence – what were we looking for?]

Artifact: tbd (CSE?) Image/AV: photos or graphics of arctic signals collection? Interactive: ?

Recommended section: How do we encrypt communication – OR TODAY? WHAT DO WE DO? Why - ? Jobs – noHow – Machine? Daily life - no Canada/CSE - Yes Cyber security - no

6 May 2023 19

Communications Encryption Exhibition - Content

6 May 2023 20

Communications Encryption Exhibition - Content

Today

BlackberryAn excellent Canadian story in the smart phone industry in the 2000’s. Adopted by the GoC for a number of years and incorporated novel encryption schemes including Elliptic Curve Cryptography. [Artifacts: a smattering of Blackberry models along with a notional explanation of ECC with math equations and graphs in a faded background?]

Artifact: BlackBerry (it would be cool to get a specific person’s) Image/AV: Photo Interactive: ?

Why – Protect data on mobile devices Jobs - noHow – Software are hardware are BlackBerry-built, providing an end-to-end layered defense. Verify authenticity of the OS and software every time a BlackBerry boots up. Fortified foundations of the QNX Neutrino microkernel provide integrity, resiliency and security.

Daily life - yes

Canada/CSE - no Cyber security - ?

Cyber Attack - HackingOffences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as Internet (networks including but not limited to Chat rooms, emails, notice boards and groups) and mobile phones (Bluetooth/SMS/MMS)

Artifact: Image/AV: CSE’s AV of a hacker’s perspective Interactive: Could we do something 2-person, where one person is trying to accomplish a task,

and the other person tries to disrupt – playful? Is this a good place for a metaphor-style interactive rather than something literal?

Why - Jobs - How - Daily life - YESCanada/CSE - Cyber security -

6 May 2023 21

Communications Encryption Exhibition - Content

End-to-end Encryption (E2EE)a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, and even the provider of the communication service – from being able to access the cryptographic keys needed to decrypt the conversation.[1] The systems are designed to defeat any attempts at surveillance or tampering because no third parties can decipher the data being communicated or stored. For example, companies that use end-to-end encryption are unable to hand over texts of their customers' messages to the authorities.

Example of an update of the Slater Code Book (i.e., similar principle, motivation, etc.)

Artifact: n/a (slash Slater Code Book) Image/AV: ? Interactive: ?

Why - Jobs - How - Daily life - Canada/CSE - Cyber security - Yes

Ashley Madison data breachThe Impact Team threatened to expose the identities of Ashley Madison users if the site was not shut down, to bring attention to the site’s practice of requiring people to pay to “fully delete” their profiles but failing to deliver. Personal information was released, and lawsuits were settled for $11.2 million

Artifact: ? Image or AV: Interactive: Could do something about passwords/breaking passwords?

Why - murky Jobs - NoHow – Passwords were hashed using the bcrypt algorithm

Daily life – Yes

Canada/CSE – Canadians were involved, but I don’t think government/CSE involved?

Cyber security – Yes

6 May 2023 22

Communications Encryption Exhibition - Content

Works Cited

Rudner, Martin, “Canada’s Communications Security Establishment: From Cold War to Globalisation” Occasional Paper No 22, 2000Sign, Simon, The Code Book: The Evolution of Secrecy from mary Queen of Scots to Quantum Cryptography. Toronto: Doubleday, 1999.

Examples of consequences of code breaking

https://archives.fbi.gov/archives/news/stories/2006/april/cryptanalysis_041206

Code BreakersA 400-Year History of Cryptanalysis

04/12/06Coded message from the “Zodiac” killerA coded message of the “Zodiac” serialkiller that was broken by a California couplein a few hours.

Ted Kaczynski—the infamous “Unabomber”—used them. So did Russian spies like Rudolf Abel. Not to mention John Wilkes Booth and Mary, Queen of Scots.

We’re talking about secret codes and ciphers...used in the commission of crime, espionage, and terrorism.

Find out how law enforcement broke these and other codes with “cryptanalysis” in Code Breaking in Law Enforcement: A 400-Year History in the new issue of Forensic Science Communications. The article was written by one of our own cryptanalysts, Dorn Vernessa Samuel, who works in the Cryptanalysis and Racketeering Records Unit in the FBI Laboratory.

Here are a few of the cases featured:

Murder He Wrote. While in jail awaiting trial for the 2004 murder of an 11-year-old Florida girl, Joseph Peter Smith sent his brother a coded message. Authorities asked us to analyze it, and our cryptanalysts quickly broke the code. It wasn’t easy: Smith had replaced letters of the alphabet with a series of number/symbol combinations written from right to left and from the bottom of the page going up. In the letter, Smith made incriminating references to moving the body and hiding evidence, and he was ultimately convicted of the crime. All in the Family. Code-breaking pioneers Elizebeth Friedman and her husband William were considered the “greatest marriage in the history of cryptology.” Elizebeth, a Treasury Department cryptanalyst, unraveled bootleggers’ ciphers during Prohibition, solved a Chinese code that broke up an opium smuggling ring (even though she didn’t know the language), and helped settle a maritime dispute between the U.S. and Canada (see

6 May 2023 23

Communications Encryption Exhibition - Content

the article for the interesting details!). A U.S. Army cryptologist who coined the term “cryptanalysis”, William decrypted Japanese diplomatic messages during World War II and secret telegrams in the 1924 Teapot Dome Scandal that led to the resignation of top U.S. officials. North versus South. Both Union and Confederate forces used ciphers during the Civil War. Confederates were less successful in figuring out Union codes, though, and started publishing them in Southern newspapers, imploring readers to break them. John Wilkes Booth and his conspirators supposedly used ciphers as well to coordinate plans to assassinate President Lincoln.

If you want to learn more on the subject of code breaking, including details on basic cipher systems and how to break them, see the article Analysis of Criminal Codes and Ciphers in a previous issue of Forensic Science Communications.

And direct your grade-school children to our Kids’ page, which has a secret message to decode for fun.

https://www.americanbar.org/publications/blt/2017/05/05_kahn.html1. The Internet of Things (IoT) Is Awesome and Scary

The IoT involves smart devices (i.e., devices embedded with software and sensors such as copiers, medical devices, refrigerators, sports monitors, TVs, cars, music devices, etc.) that are connected to the Internet and collect and transmit information, sometimes without your knowledge. They continue to make everything interconnected and accessible, but often have limited security, making your information even more vulnerable to cyber attacks, and making it harder to calculate risk.

The prediction is an explosion of IoT and smarter and more connected devices over the next decade, which does not bode well for stemming the tide of theft of trade secrets. In other words, the IoT may be a way your trade secrets are exposed, exploited, and exfiltrated.

Economic Hackhttps://www.justice.gov/iso/opa/resources/5122014519132358461949.pdf

p2 2 In some cases, the conspirators stole trade decrets that would have been pareticularly beneficial to Chinese companies at the time they were stone. For example […]an Oregon producer of solar panel technology was rapidly losing its market share to Chinese competitors that were systematically pricing exports well below production costs; at or around the same time, members of the conspiracy stole cost and pricing information from the Oregon producer. And while a Pennsylvaina nuclear power plant manufactuere was negotiating with a Chinese company over the construction and operation of four power plants in Chine, the conspirators stole, among other things. Proprietary and confidential technical and design specifications for pipes, pipe supports, and pipe routing for those nuclear power plants that would enable any competitor looking to built a similar plant to save or research and development costs in the development of such desings. 3. In the case of both of those MAerican victims and others, the conspirators also stole sensitive, internal communications that would [rovide a competitor, or adversary in in lititgation, with insight into the stratyegy and culverabiltiies o f

6 May 2023 24

Communications Encryption Exhibition - Content

Email encryption

https://www.youtube.com/watch?v=iQsKdtjwtYISSL2 facets encryption and identificationEncryption hides what is being sent by changing the content.

Without SSL any computer can grab communications as they are sent from one computer to another through the sending tube. Any computer on any of the networks between you and the webserver can grab your communicationSSL puts a barrier around your communication to the other computer sees garbage.

Before data is sent:1) Computers agree on how to encrypt2) Server sends certificate3) Your computer says “start encrypting”4) The server says “start encrypting”5) All messages are now encrypted.

Identification is how your user can trust what computer is on the other end of what is being sent. Encryption

https://www.npr.org/sections/alltechconsidered/2013/08/17/212613677/cracking-the-code-just-how-does-encrypted-email-work

http://www.telegraph.co.uk/technology/0/encryption-should-using/

http://www.wired.co.uk/article/encryption-software-app-private-data-safe

This is done by 'scrambling' the information sent from one person to another into a lengthy code making it unreadable for anybody else attempting to access it.

When the data is encrypted, the sender and the receiver are the only people that can decrypt the scrambled info back to a readable condition. This is achieved via ‘keys’, which grant only the users involved access to modify the data to make it unreadable and then readable again.

When implemented properly, encrypted data could take a hacker billions of years to crack based on sheer brute force attacks. This is because encryption codes use complex mathematical algorithms and long numerical sequences that are difficult to decrypt.

6 May 2023 25

Communications Encryption Exhibition - Content

A brute force attack is a method used by a hacker to try as many combinations of passwords or encryption keys until the correct one is found. It is usually carried out using software to scan through the combinations.

However, there are different types of encryption, each with varying levels of effectiveness. This is measured in “bits”. The higher the number of bits an encryption, the harder it is - in theory - for a hacker to crack it.

A low-bit key is one with fewer combinations, so would be fairly easy to crack for a hacker with dedicated computer resources. The larger the key, the harder this becomes, exponentially. For example, a 5-bit key has 32 possible combinations, a 6-bit key has 64 combinations, a 7-bit key has 128 combinations, and so forth. A 10-bit key has a thousand combinations, a 20-bit key has a million combinations, a 30-bit key has a billion combinations.

The more complex the encryption, the more difficult it becomes for a cybercriminal to reverse engineer the encryption key and access the data. This doesn’t mean the codes are uncrackable, but that the time taken to find the right combination would be far too long to ever be feasible in one lifetime, even with the help of powerful supercomputers.

Let's say a hacker has a computer that can test a billion keys per second, trying to brute force all combinations. That means they can break a 30-bit key in just one second. At that speed, though, it will take you a billion seconds (or 34 years) to break a 60-bit key because every 30 bits added makes it a billion times more difficult. A spy agency like the NSA can crack 60-bit keys using supercomputers, but a 90-bit key is a billion times more difficult to crack, and a 120-bit key would be a further billion times more difficult to crack than that.

Considering most Android, Apple and Windows apps have at least 128-bit Advanced Encryption Standard (AES) - the standard US Government encryption algorithm for data encryption - you can imagine that a 128-bit key, which has more than 300,000,000,000,000,000,000,000,000,000,000,000 key combinations, is exceptionally safe. Same goes for 192 or 256-bit AES encryption keys that the US Government requires for highly sensitive data.Bharat Mistry, cybersecurity consultant at Trend Micro puts this into perspective. “It would take fifty supercomputers an estimated 3.4 x 1,038 years to break the commonly used 256-bit encryption key,” he told WIRED. “As you can imagine, most hackers will be hard pressed to find time for that.

https://www.techworld.com/security/what-is-encryption-3659671/

In its most basic form, encryption is the process of encoding data, making it unintelligible and scrambled. In a lot of cases, encrypted data is also paired with an encryption key, and only those that possess the key will be able to open it.

An encryption key is a collection of algorithms designed to be totally unique. These are able to scramble and unscramble data, essentially unlocking the information and turning it back to readable data.

Usually, the person that is encrypting the data will possess the key that locks the data and will make 'copies' and pass them on to relevant people that require access. This process is called public-key cryptography.

6 May 2023 26