Podcasts about cryptanalysis

Cryptography is often regarded as a cornerstone of computer security. Yet, many public-key cryptographic algorithms show vulnerability to implementation errors or misinterpretations. This talk surveys 'weapons of math destruction' that have proven remarkably effective in identifying flawed cryptographic implementations in real-world scenarios. It also covers adventures in both active and passive network measurement of cryptographic protocols, highlighting the challenges and advancements in this critical field. Speaker Nadia Heninger, Associate Professor of Computer Science and Engineering, University of California, San Diego

In this episode, we dive into the world of German cryptography with an episode on the Enigma machine with Emily End and Codemaster Cole. The Enigma is a device that randomly selected polyalphabetic alphabets according to a system. In this story, we meet again a strange (and slightly hilarious) character.  Links:Cryptanalytic methods: https://en.wikipedia.org/wiki/Cryptanalysis_of_the_EnigmaMachine Basics: https://en.wikipedia.org/wiki/Enigma_machineEncode/Decode: https://www.dcode.fr/enigma-machine-cipherThe background music used in this episode was by Bio Unit, Amethyst Music, Alex Make Music, and Ketsa. Our theme is "Mosquito" by Caspar Babypants. AI voices by dcode. ⊥ɥǝ Ǝʌᴉן ∀uʇ ɥɐs ɐ ɔoɯdɐuᴉou˙ Hǝ ɥɐs qǝǝu sǝupᴉuƃ ʎon ɯǝssɐƃǝs˙ ∀ןso´ ᴉu ʇɥǝ dosʇ sɥoʍ´ uo ɟɐᴉɹ¡Thank you for listening. Here's the link to Crypto Corner: https://crypto.interactive-maths.comSupport the show

Jason gives you a quick overview of Alan Turing.Read the essay here: https://historywiththeszilagyis.org/hwts182 Find us on Twitter:The Network: @BQNPodcasts The Show: @HistorySzilagyi. Chrissie: @TheGoddessLivia. Jason: @JasonDarkElf.Send topic suggestions via Twitter or on our Facebook page History with the Szilagyis.History with the Szilagyis is supported by our patrons: Susan Capuzzi-De ClerckEd ChinevereLaura DullKris HillJoin these wonderful supporters by visiting patreon.com/historywiththeszilagyis. The BQN Podcast Collective is brought to you by our listeners. Special thanks to these patrons on Patreon whose generous contributions help to produce this podcast and the many others on our network!You can join this illustrious list by becoming a patron here: https://www.patreon.com/BQN

Pat Muoio is a partner at Sinewave Ventures where she assess the technical value and viability of emerging technologies and make investment recommendations in the federal marketplace. Prior to joining Sinewave, she worked in cybersecurity and cryptography both in the private sector and at the Department of Defense. She has a PhD in Philosophy from Yale University. What do we talk about in this episode?Pat shares her journey from getting a PhD in Philosophy and a planned academic career, into cryptography at DOD, to cybersecurity and into her current career in Venture Capital (VC).The world of start up investments (VC 101). Seed, Series A and Series B funding, Angel investments and more.Advice for being successful at getting funding. The importance of the pitch and framing it to what's important to the group you are pitching it to.Women founders are more successful than male founders, but it's still much more difficult for women to get funded than men.Pat's experiences in VC and in the tech space.How VC firms are funded.Music used in the podcast: Higher Up, Silverman Sound StudioResourcesSeed funding is the first official equity funding stage. It typically represents the first official money that a business venture or enterprise raises. Some companies never extend beyond seed funding into Series A rounds or beyond. You can think of the "seed" funding as part of an analogy for planting a tree. This early financial support is ideally the "seed" which will help to grow the business. (https://www.investopedia.com/articles/personal-finance/102015/series-b-c-funding-what-it-all-means-and-how-it-works.asp)The first round after the seed stage is Series A funding. In this round, it's important to have a plan for developing a business model that will generate long-term profit. Typically, Series A rounds raise approximately $2 million to $15 million. In 2021, the median Series A funding was $10 million. (https://www.investopedia.com/articles/personal-finance/102015/series-b-c-funding-what-it-all-means-and-how-it-works.asp)Series B rounds are all about taking businesses to the next level, past the development stage. Investors help startups get there by expanding market reach. Companies that have gone through seed and Series A funding rounds have already developed substantial user bases and have proven to investors that they are prepared for success on a larger scale. Series B funding is used to grow the company so that it can meet these levels of demand. (https://www.investopedia.com/articles/personal-finance/102015/series-b-c-funding-what-it-all-means-and-how-it-works.asp)A business incubator is a workspace created to offer startups and new ventures access to the resources they need, all under one roof.In addition to a desk or office, incubators often provide resident companies with access to expert advisors, mentors, administrative support, office equipment, training, and/or potential investors. (https://www.shopify.com/blog/what-is-business-incubator)About 60% of companies that reach pre-series A funding fail to make it to Series A, so the success rate is only 30%-40%. About 65% of the Series A startups get series B, while 35% of the companies that get series A fail. (https://spdload.com/blog/startup-success-rate/#:~:text=About%2065%25%20of%20the%20Series,Noissue.)Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown. (Wikipedia)

If Seth and I were to define the two main thrusts of our podcast “The Unauthorized History of the Pacific War,” it would be (1) to correct some of the mythology that has emerged over decades, and (2) to see what lessons might be gleaned that could be important were war to break out in the Pacific again.In my view, our subject for today falls into the second category, because it's about the impact of strategic alignment and chains of command on operational success.Station Hypo was one of three main stations the Navy used to listen to and break Japanese naval codes.  Hypo was the phonetic word for the letter “H,” which stood for Hawaii since Station Hypo was the code breaking office located in the basement of the Hawaii Naval District commander's building in Pearl Harbor.  As an aside, I visited those rooms when I was commodore in Pearl, and they were being used to store furniture for the Pearl Harbor shipyard headquarters building, but we will leave that for another potential future discussion on what's happened to all these historic sites over the decades.But germane to this conversation, in the early months of the war the Naval District Hawaii commander reported, not to Admiral Nimitz, but to Admiral King directly.  That would be corrected in the coming months, but since Station Hypo supported combat operations in the Pacific, Admiral Nimitz certainly thought of it as one of his assets, while Admiral King's staff in Washington saw it as solely and completely theirs, to include Station Hypo's brilliant leader, Commander Joe Rochefort.This led to a chain of command problem that would ultimately lead to Rochefort's dismissal as head of Station Hypo, even after his incredible success leading to our victory at Midway.To help us unpack all of this, to include how Station Hypo fed both King's and Nimitz's strategic picture, we are proud to host the chief historian of the Navy and Director of Naval History and Heritage Command, retired Rear Admiral Sam Cox.Admiral Cox, welcome. Station HYPO:What was HYPO?Initially known as Fleet Radio Unit Pacific, or FRUPACHawaii location for the Navy's cryptanalysts who monitored radio intel of the Japanese.HYPO was one of two major stations for Allied radio intel, the other being in Melbourne, Australia.Under the command of DC, not Nimitz, or Kimmel for that matter.Conspiracy theory that HYPO never had a PURPLE machine, and therefore was unable to read Japanese traffic pre-Pearl Harbor.NOT TRUE.  Purple was the diplomatic code, not the Naval code so HYPO had no reason to have the PURPLE machine in the first place.  It would not have helped them in any way. HYPO's mission after Pearl Harbor, was to decipher the Japanese JN-25 code. Prior to Pearl, HYPO was to decipher flag officer's code and weather codesWashington worked on JN25 initiallyHow much of the code was readable? Prior to Pearl, they had successfully broken a part of the code, only 10% before the attack.  Who was HYPO's CO and what kind of a man was he?Joseph Rochefort was a Naval enlistee, who never graduated high school.  He enlisted in 1918, lied about his age and was later commissioned an Ensign in 1919.  Spent several years at sea as well as a year in Tokyo as a language officer.He began work in Cryptanalysis in 1926Rochefort was assigned as head of HYPO in March 1941 by Intel officer Laurance Safford.Brilliant man who had a knack for solving crossword puzzles and figuring out different types of word puzzles.WAS NOT an eccentric as has been shown in movies.YES, he wore a smoking jacket while at work, only because it had pockets for his pipe and tobaccoYES, he wore slippers at work because the concrete floors of the “dungeon” hurt his feet while he paced around trying to figure out messages.HYPO was different than most Naval assignments of the era…how so?Many of the staff of codebreakers were handpicked men by RochefortNot much in the way of military disciplineThere was no real system of work, the men were allowed to play their hunches in order to decrypt the information and if that included throwing false messages around to confirm something so be it.There was quite a bit of guesswork involved.Men worked round the clock.  Rochefort himself rarely went home, often slept on a cot in his office.  Most men worked 12 hour shifts, 7 days a week. How was the JN25 code eventually “broken” what was the process?There were over 50,000 five-digit numeral groups to decipherCodebreakers didn't necessarily break the code as they actually started to see patterns in the messages and began to plug and play if you will, the different patterns together until something began to take shape.LCDR Thomas Dyer had an uncanny knack for seeing patterns in messages, he said, “if you observe something long enough, you'll see something peculiar. If you can't see something peculiar, if ou stare at it long enough, that in itself is peculiar.  And then you try to explain the peculiarity.” Traffic analysis           Traffic analysis played a large part in the “codebreaking”Reading and noticing a pick up Japanese traffic in certain areas of the Pacific would help determine where and how large of an enemy activity was planned or taking shape.This very trick allowed the Hit and Run Raids on the Marshalls on Feb 1 to take placeCryptanalysts got to where they could tell which Japanese radioman sent which message, and in turn could decipher which ship, or station had sent the message, thereby allowing the intel group to piece together the information that could lead to Rochefort's team saying whether or not a carrier group was deploying under which admiral and from where. Was the information provided trusted?Initially, no.  Admirals like King, specifically King, did not initially trust cryptanalysis.Most of the info they were providing seemed to be guessworkAdmiral Nimitz, however, DID trust the intel, and specifically trusted Rochefort and Edwin Layton.This of course, proved very fruitful…

In this episode we are going to look at Cryptanalysis.We will be discussing Cracking Code, Methods of Cracking Code, and a Cracking Code Example.Thank you so much for listening to this episode of my series on Network Security for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.com-------------------------------------------------------Cisco Certified Network Associate (CCNA)Network Security v1 (NetSec)Episode 15 - Cryptographic ServicesPart C - CryptanalysisPodcast Number: 63-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment  

This week on my podcast, I read a recent Medium column, The Best Defense Against Rubber-Hose Cryptanalysis, which explores the contradiction at the heart of Bitcoin advocacy. MP3

This episode is about the puzzling murder of Ricky McCormick. On the 30th of June 1999, police in St. Louis, Missouri discovered the body of 41-year-old Ricky McCormick dumped in a field. The only clues regarding his murder were two encrypted notes found in his pants pockets.  Neither the FBI's Cryptanalysis and Racketeering Records Unit (CRRU), or the American Cryptogram Association have been able to crack the code, and consequently, the meanings behind the notes remain unknown to this day.Could these notes be the key to solving this cold case or are they simply gibberish?Sources:https://www.riverfronttimes.com/stlouis/code-dead-do-the-encrypted-writings-of-ricky-mccormick-hold-the-key-to-his-mysterious-death/Content?oid=2498959https://www.fbi.gov/news/stories/help-solve-an-open-murder-case-part-2Check out my notebooks/journals: author.to/checkthemhereTwitter: @sosospeaksInstagram: @sosospeakspodcastGoodpods: @sosospeaksOutro song: New Age by KSI & Randolph Support the show (https://www.buymeacoffee.com/sosospeaks)

Join myself (@shellsharks) and Scott Contini (from https://littlemaninmyhead.wordpress.com) as we discuss cryptography, AppSec, Log4J and more! Show Notes Main Show Little Man In My Head: https://littlemaninmyhead.wordpress.com Java Cryptography Architecture (JCA) Reference Guide - https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html NaCl: Networking and Cryptography library: https://nacl.cr.yp.to Don't Roll Your Own Crypto: https://www.vice.com/en/article/wnx8nq/why-you-dont-roll-your-own-crypto Sony Playstation Hardcoded Key: https://www.engadget.com/2010-12-29-hackers-obtain-ps3-private-cryptography-key-due-to-epic-programm.html Cryptology vs Cryptography vs Cryptanalysis: https://militaryembedded.com/comms/encryption/cryptology-cryptography-and-cryptanalysis Deprecating MD5: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf Ron Rivest: https://people.csail.mit.edu/rivest/ Quantum Cryptography: https://csrc.nist.gov/projects/post-quantum-cryptography AppSec Australia: https://www.meetup.com/en-AU/appsec-australia/ Grover's Algorithm: https://en.wikipedia.org/wiki/Grover%27s_algorithm Internet Communications - TLS: https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/ DevSecOps: Just one definition - https://www.devsecops.org OWASP: https://owasp.org CAPTCHA: https://support.google.com/a/answer/1217728?hl=en reCAPTCHA: https://www.google.com/recaptcha/about/ Analyzing the OWASP Top 10: https://shellsharks.podbean.com/e/analyzing-the-owasp-top-10-2021/ OWASP Top 10: https://owasp.org/www-project-top-ten/ OWASP ASVS: https://owasp.org/www-project-application-security-verification-standard/ SAST: https://www.synopsys.com/glossary/what-is-sast.html Microservices: https://microservices.io DAST: https://www.whitesourcesoftware.com/resources/blog/dast-dynamic-application-security-testing/ OWASP Zap: https://owasp.org/www-project-zap/ SCA: https://www.synopsys.com/glossary/what-is-software-composition-analysis.html Inception: https://www.imdb.com/title/tt1375666/ Checkmarx Codebashing: https://checkmarx.com/product/codebashing-secure-code-training/ Security Champions: https://www.synopsys.com/blogs/software-security/security-champions-program-appsec-culture/ NIST SP 800-63B, Digital Identity Guidelines: https://pages.nist.gov/800-63-3/sp800-63b.html TruffleHog: https://trufflesecurity.com/trufflehog Log4Shell: https://log4shell.com/ CISA on Log4J Issue: https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability Heartbleed: https://heartbleed.com Shellshock: https://nvd.nist.gov/vuln/detail/CVE-2014-6271 The Morris Worm: https://www.fbi.gov/news/stories/morris-worm-30-years-since-first-major-attack-on-internet-110218 ETERNALBLUE: https://nvd.nist.gov/vuln/detail/CVE-2017-0143 WANNACRY: https://www.cisa.gov/uscert/sites/default/files/FactSheets/NCCIC%20ICS_FactSheet_WannaCry_Ransomware_S508C.pdf Mandiant's Report on Solarwinds Incident: https://www.mandiant.com/resources/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor BurpSuite: https://portswigger.net/burp     Postshow Domain Squatting: https://www.godaddy.com/garage/what-is-domain-squatting-and-what-can-you-do-about-it/

Join myself (@shellsharks) and Scott Contini (from https://littlemaninmyhead.wordpress.com) as we discuss cryptography, AppSec, Log4J and more! Show Notes Main Show Little Man In My Head: https://littlemaninmyhead.wordpress.com Java Cryptography Architecture (JCA) Reference Guide - https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html NaCl: Networking and Cryptography library: https://nacl.cr.yp.to Don't Roll Your Own Crypto: https://www.vice.com/en/article/wnx8nq/why-you-dont-roll-your-own-crypto Sony Playstation Hardcoded Key: https://www.engadget.com/2010-12-29-hackers-obtain-ps3-private-cryptography-key-due-to-epic-programm.html Cryptology vs Cryptography vs Cryptanalysis: https://militaryembedded.com/comms/encryption/cryptology-cryptography-and-cryptanalysis Deprecating MD5: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf Ron Rivest: https://people.csail.mit.edu/rivest/ Quantum Cryptography: https://csrc.nist.gov/projects/post-quantum-cryptography AppSec Australia: https://www.meetup.com/en-AU/appsec-australia/ Grover's Algorithm: https://en.wikipedia.org/wiki/Grover%27s_algorithm Internet Communications - TLS: https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/ DevSecOps: Just one definition - https://www.devsecops.org OWASP: https://owasp.org CAPTCHA: https://support.google.com/a/answer/1217728?hl=en reCAPTCHA: https://www.google.com/recaptcha/about/ Analyzing the OWASP Top 10: https://shellsharks.podbean.com/e/analyzing-the-owasp-top-10-2021/ OWASP Top 10: https://owasp.org/www-project-top-ten/ OWASP ASVS: https://owasp.org/www-project-application-security-verification-standard/ SAST: https://www.synopsys.com/glossary/what-is-sast.html Microservices: https://microservices.io DAST: https://www.whitesourcesoftware.com/resources/blog/dast-dynamic-application-security-testing/ OWASP Zap: https://owasp.org/www-project-zap/ SCA: https://www.synopsys.com/glossary/what-is-software-composition-analysis.html Inception: https://www.imdb.com/title/tt1375666/ Checkmarx Codebashing: https://checkmarx.com/product/codebashing-secure-code-training/ Security Champions: https://www.synopsys.com/blogs/software-security/security-champions-program-appsec-culture/ NIST SP 800-63B, Digital Identity Guidelines: https://pages.nist.gov/800-63-3/sp800-63b.html TruffleHog: https://trufflesecurity.com/trufflehog Log4Shell: https://log4shell.com/ CISA on Log4J Issue: https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability Heartbleed: https://heartbleed.com Shellshock: https://nvd.nist.gov/vuln/detail/CVE-2014-6271 The Morris Worm: https://www.fbi.gov/news/stories/morris-worm-30-years-since-first-major-attack-on-internet-110218 ETERNALBLUE: https://nvd.nist.gov/vuln/detail/CVE-2017-0143 WANNACRY: https://www.cisa.gov/uscert/sites/default/files/FactSheets/NCCIC%20ICS_FactSheet_WannaCry_Ransomware_S508C.pdf Mandiant's Report on Solarwinds Incident: https://www.mandiant.com/resources/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor BurpSuite: https://portswigger.net/burp     Postshow Domain Squatting: https://www.godaddy.com/garage/what-is-domain-squatting-and-what-can-you-do-about-it/

A team of cryptanalysits presents the first publicly available cryptanalytic attacks on the GEA-1 and GEA-2 algorithms. Instead of providing full 64-bit security, they show that the initial state of GEA-1 can be recovered from as little as 65 bits of known keystream (with at least 24 bits coming from one frame) in time 240 GEA-1 evaluations and using 44.5 GiB of memory. The attack on GEA-1 is based on an exceptional interaction of the deployed LFSRs and the key initialization, which is highly unlikely to occur by chance. This unusual pattern indicates that the weakness is intentionally hidden to limit the security level to 40 bit by design. Cryptanalysis of the GPRS Encryption Algorithms GEA-1 and GEA-2 (https://eprint.iacr.org/2021/819) Music composed by Toby Fox and performed by Sean Schafianski (https://seanschafianski.bandcamp.com/). Special Guests: Gaëtan Leurent and Håvard Raddum.

คุยกันเรื่อง Cryptanalysis ศาสตร์แห่งการถอดรหัสลับ

Aside from working on a competition for standardizing post-quantum primitives, the United States National Institute of Standards and Technology, or NIST, has also organized a lightweight cryptography competition meant to attract designs for symmetric primitives, such as hash functions and authenticated encryption ciphers, that work in use cases where even AES is not an adequately speedy standard. Among the submissions to NIST’s lightweight cryptography competition has been Gimli, a family of cryptographic primitives comprised of a hash function and of an authenticated encryption with associated data (AEAD) cipher. Named after the Lord of the Rings Dwarf warrior and authored by a long list of accomplished cryptographers, Gimli looked like a promising submission -- until a team of cryptanalysts at INRIA produced a surprising set of results outlining some potentially serious weaknesses in Gimli’s current design. In their paper, which recently was declared as the winner of the IACR Asiacrypt 2020 Best Paper Award, Antonio Flórez Gutiérrez, Gaëtan Leurent, María Naya-Plasencia, Léo Perrin, André Schrottenloher and Ferdinand Sibleyras from the INRIA research institute here in France presented some very strong results against Gimli’s security. But why does Gimli even matter? Why aren’t AES, ChaCha20-Poly1305, and BLAKE2 enough, even for the most performance-constrained scenarios? And how did this team of researchers succeed in obtaining such serious results on a family of cryptographic primitives that was certainly designed with care and expertise? Links and papers discussed in the show: * New results on Gimli: full-permutation distinguishers and improved collisions (https://eprint.iacr.org/2020/744) * Lower Bounds on the Degree of Block Ciphers (https://eprint.iacr.org/2020/1051) * Saturnin lightweight cryptography (https://project.inria.fr/saturnin/) Music composed by Toby Fox and performed by Sean Schafianski (https://seanschafianski.bandcamp.com/). Special Guest: Léo Perrin.

Learn about Cryptanalysis Workstations and how thier configuration can speed up password recovery. Also, introducing Sam Deckoff from our TALINO team!

Ricky C McCormick was born in1958 in Missouri, USA. McCormick dropped out of school without being able to fully read or write. According to his family, the most that Ricky was able to spell was his own name and often needed help filling out job applications. So when his body was found in an isolated cornfield just off Route 367 in West Alton, Missouri the case seemed an open and close drug-related homicide. That was until Police discovered a mysterious cipher on Ricky, leading them down a rabbit hole that has never been decoded. Even the FBI has been unable to crack the code found on Ricky in 1999, so what was someone who was supposedly illiterate doing with a complex cipher? This is the mysterious death of Ricky McCormick. If you have an idea how to break the code, have seen similar codes, or have any information about the Ricky McCormick case, you are urged to contact the FBI via the following link. http://forms.fbi.gov/code Alternatively, you can write to the CRRU at the following address: FBI Laboratory, Cryptanalysis and Racketeering Records Unit, 2501 Investigation Parkway, Quantico, VA 22135, Attn: Ricky McCormick Case. Social Media -Twitter @truecrimewitchInstagram @truecrimewitchpodcastFacebook The True Crime Witch PodcastPatreon www.patreon.com/truecrimewitchpodMusic: https://www.purple-planet.com Sources - http://cipherfoundation.org/modern-ciphers/ricky-mccormick/https://www.riverfronttimes.com/stlouis/code-dead-do-the-encrypted-writings-of-ricky-mccormick-hold-the-key-to-his-mysterious-death/Content?oid=2498959 https://forms.gle/vgCnAr2urryxQqkb9https://www.riverfronttimes.com/stlouis/code-dead-do-the-encrypted-writings-of-ricky-mccormick-hold-the-key-to-his-mysterious-death/Content?oid=2498959 https://www.reddit.com/r/UnresolvedMysteries/comments/33ekr8/any_theories_about_ricky_mccormick/cql3m6j/?context=3Stay safe & stay spooky x

This week it's "War and Beef(s)" as the guys dig into all things meat with a side of war. Don't forget that you too can send us your "Situations" at heresthesituationpodcast@gmail.comHosts: TJ Jagodowski and Rush HowellProducer: Nate DuFortComposer: Julie NicholsArt: Emily KardamisTwitter: @TJandRushInstagram: @heresthesituation

Riana Pfefferkorn: The Emerging Trend of 'Side-Channel Cryptanalysis' (Ep. 133) Bio Riana Pfefferkorn (@Riana_Crypto) is the Cryptography Fellow at the Stanford Center for Internet and Society. Her work, made possible through funding from the Stanford Cyber Initiative, focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests. Prior to joining Stanford, Riana was an associate in the Internet Strategy & Litigation group at the law firm of Wilson Sonsini Goodrich & Rosati, where she worked on litigation and counseling matters involving online privacy, Internet intermediary liability, consumer protection, copyright, trademark, and trade secrets and was actively involved in the firm's pro bono program. Before that, Riana clerked for the Honorable Bruce J. McGiverin of the U.S. District Court for the District of Puerto Rico. She also interned during law school for the Honorable Stephen Reinhardt of the U.S. Court of Appeals for the Ninth Circuit. Riana earned her law degree from the University of Washington School of Law and her undergraduate degree from Whitman College. Resources The Risks of Responsible Encryption by Riana Pfefferkorn Riana Pfefferkorn, Everything Radiates: Does the Fourth Amendment Regulate Side-Channel Cryptanalysis? 49 Connecticut Law Review 1393 (2017) Generation Wealth by Laura Greenfield News Roundup Facebook still in hot water Facebook is still managing the onslaught following revelations that Cambridge Analytica allegedly used Facebook data to sway the 2016 presidential election in favor of Donald Trump. Faceboook upped the number of users whose data Cambridge Analytica acquired by 37 million to 87 million. Originally, Facebook reported that just 50 million users were affected.   In addition, Facebook has had to suspend yet another data analytics firm, CubeYou, for collecting information via quizzes, as Michelle Castillo reports in CNBC. CubeYou misleadingly told users that it was collecting their data for “non-profit academic research”, but it turns out CubeYou was in fact sharing the information with marketers. Facebook said Friday that it will now require buyers of ads related to controversial political topics like gun control and immigration, to confirm their location and identity. Facebook is due to testify before the Senate Judiciary and Commerce committees on Tuesday, and the House Energry and Commerce Committee on Wednesday, David Shepardson reports in Reuters. Backpage.com founders indicted A federal grand jury in Arizona indicted seven Backpage founders on 93 counts of facilitating prostitution and money laundering on Monday.The indictment states that many of the ads on Backpage were of child sex trafficking victims. Federal agents seized Backpage on Friday, and raided the home of Backpage co-founder, Michael Lacey.  Last month, Congress passed changes to Section 230 of the Communications Decency Act to provide that websites may be held liable for knowingly facilitating users’ ability to post illegal content. Best Buy reports possible data breach Best Buy reported a possible data breach last week. The company that handles Best Buy’s messaging system, [24]7.ia was hacked late last year, which may have exposed Best Buy customers’ data. Charisse Jones reports in USA Today. U.S. expanding surveillance of migrants within Mexico Finally, Nick Miroff and Joshua Partlow report in the Washington Post that the U.S. government is expanding its data-gathering efforts within Mexico. According to the report, the Trump administration is “capturing the biometric data of tens of thousands of Central Americans” who were arrested in Mexico. The U.S. is also operating detention facilities in Mexico. But President Trump had accused Mexico of doing nothing to stop the flow of migrants fleeing Central American countries for the Mexico/U.S. border.

On June 30, 1999, sheriff’s officers in St. Louis, Missouri discovered the body of 41-year-old, 5'6 frame of Ricky McCormick. He had been murdered and dumped in a field 15 miles from his home, where his body was badly decomposed, despite it being only a short time of 72 hours, since he had been reported missing. The only clues regarding the homicide were two encrypted notes found in McCormick's filthy jean pockets. Despite extensive work by Cryptanalysis and Racketeering Records Unit (CRRU), the meanings of those two coded notes remain a mystery. As of today, his death still remains "undetermined." What do you think happen to Ricky McCormick? Was he killed? Set up? Chemical imbalance? Drugs? A.J. & super producer, Wade discuss theories that have been circling his death, but ultimately the two coded notes left behind. Do the notes have any meaning? A.J & Wade share their own personal thoughts on what may have actually happened to McCormick & leading up to his death. Share your thoughts on Twitter and Facebook! Twitter: @AJBarrera @ProducerWade Facebook: www.facebook.com/PsychicMediumAJBarrera Periscope: @AJBarrera

This week, Dave and Gunnar talk about: Twitter security, Chrome security, SpiderOak security, SnapChat security, Open Security, OpenShift security, and calendar security. Subscribe via RSS or iTunes. A prototype. Twitter improves 2 factor authentication Android Device Manager web page going live for some users Google Chrome lets you – or anyone using your computer – see the plaintext web passwords stored by your browser (by design) “Three people can keep a secret if two of them are dead,” Benjamin Franklin LavaBit and Silent Circle shut down. Gunnar came back from Mil-OSS LANT Open Security from the folks that brought you mil-oss Red Hat Government Symposium registration now open! Hellekson’s Law is now under review Gunnar considers signing up for Reputation.com and ponders their sponsorship eligibility OpenShift Enterprise on top of a trust between IPA/IdM and Windows Active Directory TaskPaper vs. Remember the Milk Hackpad with Dropbox integration DropDAV: DAV for Dropbox, paging Adam Clater Unrelated but still useful: Fix Dropbox Connection Issues With NetworkManager and Wifi The new dgshow.org website? Fork us! Creative People Say No Cutting Room Floor 3D printable objects modeled on expired 19th century patents We Give Thanks Adam Clater for getting us to think about storage liberation

Cryptanalysis before World War II

Watching the sky, you can see the Sun, moon, planets and stars moving above Earth. It is very intuitive to imagine that you are standing still and the objects you are observing are moving above you and this was the view taken by geocentric models of the cosmos. A Greek model, which was dominant in many parts of the world for hundreds of years, had a spherical Earth at the centre of the universe, with the other heavenly bodies orbiting in perfect circles. This talk by Peter Rowlett outlines

Cryptography is the process by which messages are communicated through secret means. Cipher cryptography converts messages by applying some cipher algorithm with a secret key to a plaintext message, converting it into a ciphertext message that cannot be read by interceptors. Cryptanalysis is the science that attempts to decipher these messages without access to the secret key. This talk focuses on substitution ciphers and demonstrates the processes of encrypting and breaking some examples of thes

We describe the Diffie-Hellman key-exchange protocol and the Pohlig-Hellman cipher. We discuss discrete logarithms and the cryptanalysis of these two systems. We also describe the Mental Poker protocol. About the speaker: Before coming to Purdue, Professor Wagstaff taught at the Universities of Rochester, Illinois, and Georgia. He spent a year at the Institute for Advanced Study in Princeton. His research interests are in the areas of cryptography, parallel computation, and analysis of algorithms, especially number theoretic algorithms. He and J. W. Smith of the University of Georgia have built a special processor with parallel capability for factoring large integers.

We describe the Diffie-Hellman key-exchange protocol and the Pohlig-Hellman cipher. We discuss discrete logarithms and the cryptanalysis of these two systems. We also describe the Mental Poker protocol.