Overview

In this lesson, college student learn about the relationship in between cryptographic keys and passwords. Students check out the Vigenere cipher through a widget to examine exactly how a cryptographic "key" deserve to be supplied to encrypt and decrypt a message. Then, students usage a device that reflects them around how lengthy it would take to crack a given password making use of a standard desktop computer computer. Students experiment through what makes a good password and also answer questions around the "human components" the cybersecurity.

You are watching: What is the difference is between “cracking” a code and “decrypting” a message?

Vocabulary

Encryption algorithm: some method of doing encryptionEncryption key: a certain input the dictates just how to apply the method and can also be used to decrypt the message

For example, the Caesar Cipher is an encryption algorithm that involves shifting the alphabet; the quantity of alphabetic shift used come encode the article is the key

Vigenere cipher (Vee-zha-nair): a technique of encrypting text by using a series of Caesar ciphers based on the letters of a keyword.Computationally Hard: a "hard" trouble for a computer is one in i beg your pardon it cannot arrive at a equipment in a reasonable lot of time.

Goals

Students will certainly be maybe to:

Explain the relationship between cryptographic keys and passwordsExplain in vast terms what renders a key complicated to "crack"Reason about solid vs. Weak passwords making use of a tool that reflects password strengthUnderstand that exponential growth is regarded an encryption algorithm"s strengthExplain how and also why the Vigenere cipher is a stronger kind of encryption than plain substitutionExplain properties that make because that a good key when using the Vigenere Cipher

Purpose

Cryptography and encryption are vital and significant fields within computer system science. This lesson begins to obtain students" feet wet with the human being side of cybersecurity: choosing good passwords through an exploration of the standard Vigenere Cipher. We additionally learn the the Vigenere cipher is actually at risk to frequency analysis (though at first glance that is not) and also in subsequent lessons we will learn far better methods the are provided today. Strong encryption techniques are commonly publicly well-known algorithms, yet have mathematical properties which ensure that the original message cannot conveniently be retrieved. These techniques commonly feature a secret "key" or item of details that is offered when encrypting the message. If the algorithm deserve to be publicly known, the secret an essential is not.

The arts of encryption is coming up v an algorithm the 1) provides the message undecipherable without the vital and 2) is such the the vital should just be discoverable through an exhaustive search of all possible keys, fairly than through some various other analytical technique. In this class we emphasis on make a good key, when in succeeding lessons we learn an ext about problems and also algorithms that are computationally hard. Guessing a random sequence that 200 characters, for example, is computationally hard, because there is no known means to approach the difficulty besides trying the trillions and trillions of possible character combinations.

Resources

Getting Started

Discussion: space there moral reasons to try to crack secret codes?

There are instances in which cracked a password is ethical and also important. Provide students a couple of minutes to write down a an answer and talk about with a neighbor. Have actually students easily share out reasons they come up with. There space a many of various reasons that a human may want to crack a code. Some of them are much more ethical (legal) than others.

Discussion: If random substitution is an algorithm for encryption, what is the key to a arbitrarily subsitution cipher?

Answer: The vital is the really letter-to-letter mapping the was used to encode the message - the can additionally be offered to decrypt.

Discussion: The prestige of a great Key

Good encryption algorithms space publicly known, but use secret keys as an input come the algorithm. The task of cracked the encryption becomes not guessing the an approach but guessing the key. We want guessing the crucial to be computationally hard. This relates to the passwords you choose to usage on a everyday basis. Encryption algorithms are evaluated based ~ above the lot of time it would certainly take a computer system to crack the key. The Vigenere cipher can not be cracked using frequency evaluation (at an initial glance); it needs a "brute force" strategy of do the efforts every combination.

Activity 1: Vigenere Cipher Widget

Hand out the "Exploring the Vigenere Widget" resource and have students open up the "Vigenere Encryption Widget" and also "Vigenere Decryption Widget." have actually students occupational through the activities. They will encrypt and also decrypt a post with the Vigenere widgets.

The Vigenere Cipher Explanation

The Vigenere Cipher is similar to the Caesar Cipher we provided in the ahead lesson. However, the substitution offset transforms depending on the existing character that the key. For example, take into consideration using the post "TEST" with a secret key of "KEY" and think with the complying with steps.

The very first character the the vital is "K," which is the eleventh letter that the alphabet, so our counter is 10 (since A gives a starting offset of 0). Changing the first character of our message, "T," 10 places provides us the character "C" (note that underscores are thought about a 27th "letter" that the alphabet in our Vigenere Cipher).The second character the the crucial is "E," i m sorry is the fifth letter that the alphabet, for this reason our offset is 4. Shifting the second character of ours message, "E," 4 places gives us the character "I."The third character the the an essential is "Y," i beg your pardon is the twenty-fifth letter of the alphabet, so our balance out is 24. Changing the 3rd character of our message, "S," 24 places offers us the personality "P."There is no 4th character of our key, so we rather return come the first character that the key, "K," i m sorry is the eleventh letter of the alphabet, so our balance out is 10. Moving the fourth character of our message, "T," 10 places offers us the personality "C."Now the we"re done encrypting the original message, we just need to add the brand-new characters together to acquire the ciphertext of "CIPC."

The procedure of decryption because that a Vigenere Cipher is very similar to its process of encryption. The only difference is that the moving is done in the various other direction; because that example, through a ciphertext character of "C" and also a an essential character that "K," the deciphered personality is acquired by a change of -10, giving us "T."

Discussion: native what you"ve learned what are the nature of the Vigenère Cipher that make that harder to crack? In other words, if you had to crack a Vigenère cipher what would you do?

Some of the an essential points for conversation include:

Vigenère is solid because when reviewing the cipher message there room no discerable trends assuming a great key to be chosen.Because the ciphertext is resistant to evaluation it leaves us simply having actually to guess what the an essential is.Even if we know the length of the crucial we could still have to try every feasible letter mix which is a prohibitively big number of possiblities.

Activity 2: Keys and also Passwords

Remind the student that:

We know that a an excellent encryption algorithm reduces the trouble of cracked it to just guessing the key.We want the key to it is in Computationally difficult to guess - in other words, hard for a computer to guess.Computationally difficult typically way that arriving at the equipment would take a computer a prohibitively lengthy time - together in: centuries or eons.In regards to cracking encryption, that method that the variety of possible secrets must it is in so large, that also a computer system trying billions of possible keys per second is unlikely to come at the correct vital in a reasonable quantity of time.Nowadays when you use a password for a website or device, your password is offered as a cryptographic key. So, selecting a good password is meaningful due to the fact that we want the an essential to be tough for a computer system to guess.

Cryptographic Keys and also Your Passwords: If friend have ever before joined a website where you had to create an account come login, you additionally had to develop a password. The password is used as a crucial to perform a variety of things at the site, yet mostly it"s provided to authenticate (prove) who you are. Open up the "How secure is mine Password?" resource. Test part passwords out. Shot answering the inquiries in the "Keys and also Passwords" worksheet.

Ask the students to try the following:

Try typing common words native the dictionary or popular names prefer "apple" or "chicago"Try typing something that"s over 16 charactersTry a wire of 4 arbitrarily words together, favor AppleChicagoBalletTreeType a 0, then keep typing 0s and also watch what wake up to the statistics (actually, you could want come just host 0 under for a while)

Watch the following video clip as a class, and also have students prize the complying with questions throughout or after the video.

What is the difference is in between "cracking" a code and also "decrypting" a message?Knowing what you understand now about frequency analysis, would certainly you feel comfortable sending your password end the web using a substitution cipher? Why or why not.Using the Vigenere Cipher, walk the length of the vital matter? because that example, if one an essential is size 5 and also another is 20, does one develop a "better" encrypted post than the other, or is it usually the same? explain your reasoning.Why is the Vigenere Cipher tough to crack?

Wrap Up

Before the Vigenere cipher to be cracked, numerous governments openly offered it. The is, they make no an enig about the fact that castle were utilizing the Vigenere cipher - it was publicly known. In the contemporary day, it continues to be the situation that many encryption approaches are publicly known.

Prompt: Why can it actually be a an excellent thing the encryption algorithms are freely shared, so the anyone that wishes can try to crack them?

Possible responses include:

If the defense of an encryption technique relies solely on the method remaining a secret, that actually may not be the secure.Ideally, a method will be so for sure that also if you recognize which method was used, it is daunting or impossible to crack the message.By do encryption techniques public, we open up them up to being tested by anyone that wishes come ensure there room no clever ways of cracked the encryption.

Here room some resources for the students to read around how not to acquire hacked.

Assessment

Q1: (Choose two.) Why is the Vigenere Cipher difficult to crack?A.) One cannot fix using frequency analysis directly.B.) lengthy keys produce exponential expansion possibilities.C.) The vital is always mystery to both the sender and also receiver the the message.D.) A Vigenere cipher relies upon an "alphabet shift" algorithm.Q2: What troubles exist with encryption schemes such together the Vigenere Cipher, also when solid encryption secrets are used?Q3: Why room computers much better than people at break encryptions such together the Vigenere?A.) computer systems are smarter than humans.B.) computers are quicker than humans.C.) The Vigenere was initially designed through a computer.D.) They are not; humans are better as breaking Vigenere encryptions than computers.Q4: Which renders for a password the is harder to crack?A.) A word native the dictionaryB.) 8 random characters that include numbers and also punctuationC.) A 16-character password the is all letter of the alphabetD.) A 32-character password the is all letter of the alphabetE.) A 150-character password the is all the same characterQ5: Companies and organizations typically require customers to readjust their passwords frequently. Websites have password length and complexity requirements. Is it far better to change your password commonly or to have a much longer password? What level of security is proper to need of end users? does this change, depending upon the paper definition (for example, employee or customer)?

Extended Learning

The students can learn more about various kinds of ciphers on Crypto Corner.

Assign each college student a kind of cipher. Students have to then study the cipher, consisting of information ~ above its algorithm, the history, and also what lock would have to do to crack the cipher. Lock should current an example, and also describe the procedure they monitor in cracked the code.

See more: My Wife Has A Boyfriend And I Like It, Why Do I Want My Wife To Have A Boyfriend

Stories about cracking codesRead Blown come Bits chapter 5, Pages 161-165

Answer the adhering to questions after reading

The opened pages of Blown to Bits, thing 5, talk about a move the government made to shot to control encryption in the after-effects of the terrorist strikes of September 11, 2001, yet then dropped. Additionally, during the 1990s, the US government was pressuring the computer industry come be permitted to have actually a "back door" come decryption. Why do you think they quit urging because that this?

Possible Answer: This would threaten the public"s to trust in the web as an e-commerce vehicle. Any earlier door might probably be exploited by others. The government thought they might eventually rest cryptography without a ago door.

Encryption is clearly regarded as essential to web commercial activity. That it will not be outlawed seems prefer a settled matter. However conversely, have to it be required by federal government regulation? What about for other non-web media, such together mobile phone call traffic and television?

Have students discover videos demonstrating these or other advanced encryption methods; ask castle to explain each algorithm and what causes it to it is in "hard."

Standards Alignment

Computer science Principles: 2.3.2 (A)Computer science Principles: 3.1.1 (A)Computer scientific research Principles: 4.2.1 (A, B, C, D)Computer science Principles: 6.3.1 (C, H, I, J, K)