BSidesSLC 2016 -- Tabletop Cryptography -- Jason Reverri

personal favorite so yeah I'm nibble this is tabletop cryptography besides salt lake it's great to be back and amazing job I love the venue you know the the Google volunteers that have put this together you guys have done an amazing amazing job of course nobody's in here right now cuz they're all out doing other things so very important things keeping the con running so I certainly appreciate all their work so really briefly I am NOT these guys everybody knows who those two guys are right yep dip it in so I'm not a mathematician I'm not a cryptographer I am an enthusiast so so some of the things I'm gonna say in this talk while I think are

technically accurate and from my research I've found to be accurate you know I could be wrong so so you know please keep that in mind this is who I am Jason Rivera aka nibble security engineer for Compu net you know really amazing place to work great group of people and they see the value in shenanigans like this sponsoring b-sides sponsoring hacker camp you know being involved in the community you can find me on twitter at nibble oh did it awesome see there you go yeah also email me I'm also a member DC 801 801 Labs want to give a shout out to that a lot of our members here in the in the session today so you know it's all about

community right that's what this this events about that's what DC 801 is about 801 Labs providing a space to have that community meet grow so amazing stuff so why tabletop so cryptography you know my day-to-day job I'm dealing with things like IPSec IPSec if I can say it right SSL TLS privacy has always been an interest of mine you know and and the the the history of crypto analysis the Enigma machine Alan Turing and how the the enigma and and I'll talk on this a little bit later but but cracking the Enigma and the technologies that were developed around that kind of led directly into what we know as modern computing today I have to definitely

give a shout out to so--but stand up for trans over so so three years ago on the two of us were sitting down there may have been some adult beverages involved and you know he had this great idea that he wanted to do a hacker camp essentially a CTF off-the-grid tents campers out in the middle of the woods somewhere and I'm like you know what that's a crazy idea and I love it let's do it what can I do to help so this guy came up with with this amazing CTF we did it up at first years at Jordan L reservoir last year was up near strawberry reservoir on BLM land and it's it's amazing it's you know

we're out in the woods there's generators to power a full CTF walk sport geocaching just a lot of really fun time just for people that like to get out in the woods a little bit but still have to get their geek on so one of the things that that that I did is I said okay so I've got this passion for cryptography cryptanalysis I'm not an expert in it but I'm interested in it so I learned some more and one of the big keys there was it had to be off the grid I wanted something that we could do without our computers that we could do after hours sitting around the campfire or by generator

light or whatever it was right so that's kind of how the cryptography track came about at at hacker camp and that I was I was helpful with so this year we're doing hacker camp again it'll be the third year it's June 24th through the 25th and it'll be up at that strawberry reservoir site it's BLM land free to camp you know come out check it out it's really you know we had about 30 people up last year people bring their families the plan right now is to have a kids track so if you have little ones you want to get them out in the woods get them to appreciate nature but also get them to appreciate hacker

culture that's what it's about so really quick couple of terms just these are how I interpret these terms just so we're kinda on the same page I don't want you know oh well you know cryptography is this well this is what I when I say cryptography in this talk this is what I mean cryptography is basically you know the art of writing and solving codes it comes from the Greek cryptos meeting hidden and graphi meaning writing right so on ciphertext this is you know the the the code after it's been encrypted right so so you know a system words letters figures symbols whatever substituted for a normal message for the purpose of secrecy cipher is the actual making of the

letter letter substitution so the process encryption again another word that I'll use for a process of turning text or data into a code or you know ciphertext cryptology is the study of codes and ciphers and crypto analysis is the science and of decrypting codes and ciphers so so really I wanted to set the stage kind of with a little bit of history and then dive into the specific you know encryption methods that I used at hacker camp and I've got some examples of those those here so you know we're starting out in ancient times right cryptography has been around for a long time probably as long as people have been writing people have had the need to

maintain some secret or to differentiate their writing in some way so the Egyptians used hieroglyphs as everybody knows I mean that's the rosetta stone right and I'll talk about that a minute but the hieroglyphs in about 1900 BCE they started using hieroglyphic substitution as a way to show a an enlightened Pharaoh right and I don't remember the Pharaohs name I'm really bad at at pronunciation of Egyptian names anyway so but what's interesting kind of about the rosetta stone is before rosetta stone was discovered we didn't know how to interpret these hieroglyphic symbols we kind of had an idea that that was some kind of language right but but what the the rosetta stone allowed was it had three languages on

there all with the same text right the hieroglyphic text a demonic demotic text and ancient Greek well we knew what a you know how to interpret ancient Greek so we could extrapolate from that the text in hieroglyphs so it's kind of a big deal the in ancient China they were using wax to cover up and hide their their secrets so they would have a piece of paper and they would pour wax over it and the wax would cover the the text and then the the recipient would break the wax and get in there the ancient Assyrians between 1500 - 500 BCE they would use secret tattoos with secret messages it was a really common thing the Hebrew scribes around 600 BCE

they used a substitution cipher called atbash I'm not I'm not you know a very familiar in Tomek scholarship but from my understanding at bash is almost a literal translation of the the word the letters in the Hebrew alphabet the Alif is like a and the last character in the Hebrew alphabet so what this substitution typer do is anytime you had an a you would put a Z and any time you had a B you would put a Y etc right and and yeah I'm getting there hold on so so what's kind of interesting about that was I mean the name of the cipher was was the way that it was encrypted right so so it's almost kind of

conjectured now that it wasn't for secrecy it was to show that there was some special text here it was commonly used in the Biblical Book of Jeremiah so the other really interesting one is the kamasutra right so everybody has an idea of what the kamasutra is right but you know this is a book that had many techniques that were supposed to be what a woman a mature woman would know right and and one of the really interesting things in there is it had one of the art forms I didn't just have sex stuff right it had I had other things like book binding and perfume making and and carpentry and one of the things that

have had in there was the art of secret writing so this was a way that a woman could keep her affairs secret and it was a basic substitution cipher called the I'm gonna slaughter this but but siyeong na cipher so a letter for letter substitution ciphers so pretty interesting so how many you guys know what its khatallah is okay so we got a few so I have asked Attali my wife and my kids made this for me and so as khatallah was kind of considered one of the first military cipher devices used by the spartan greeks around 475 BCE it's a good example of a substitution or a transposition cipher thank you so um who wants to volunteer to solve

this khatallah yeah all right so so what this khatallah was on internet and it relied a lot on people not knowing how to read that was kind of important which at the time was not a problem but so you would have a messenger who would have a very secret message that he or she would carry to correspond some kind of military orders or or information and the recipient would have a very specific pole or a piece of wood that they would wrap the message around and as they wrap the message around the message would become clear so if you were to look at this now it's just a jumble of letters right but as you wrap

it around the the pole and the Greeks you know they were very specific about the size of the the pole right so if you had the wrong size pole it wouldn't wouldn't work right so so I have a message here and our volunteer what's your name Chris all right I provided which is some some tape there Chris because you might need it to tape down the side but go ahead and start working on that and and there's a prize in it for you if it if and when you fix you you figure out what the message is so so we'll come back to you but that's essentially that the graphic isn't the best and I apologize about that but that

is essentially what what Chris is working on there for us and we'll see if timing wise she's able to get there it's pretty long so and and and then back right into the Caesar ciphers so we'll check back with you so how many you guys know what the Caesar cipher is alright so so we're gonna go through this pretty quick so you know is this was used in ancient Rome there's there's documented information on Caesar sending messages to I think was Potomac or somebody in in Germany you know conveying military orders using this kind of encryption method it's also called a rot Cypress or a rotation cipher and it's a classic example of a substitution cipher so and

I apologize in advance the the letters this is kind of a new if anybody's seen a presentation I've done in the past this is kind of a new thing for me having text and and and you know this style to it so the the text doesn't exactly line up the way I wanted but but this is an example so you have you know an example of some some cypher text here you know it's as a substitution Caesar cipher you also know that it is a classic substitution cipher that is commonly called a rot13 right so so we have a rot13 table at the top there you know a equals and B equals you know Oh C equals P etc etc so how

you go through you take your ciphertext and you find the P and you know that that equals C right and you find a equals a and so on so Z and Q D L Y anybody have any questions about that that's a good question right so I'm gonna speed it up a little bit but if there's no question so so everybody's seen you know rot13 was commonly used in the old BBS days to hide you know what what we were saying but it was a it was an easy way to decrypt that message right that's um I don't know if it's still used today it's kind of rot 26 who's a big fan of that one

yes all right every time every time so so we speed it up and then we have our super secret message all right so so that was you know Caesar let's talk about crypto analysis on that so you know while we were all mucking about in the mud in in Western Europe you know arguing over the inherent rights of tarts wielding swords to you know and and and Knights Hussaini back back in in the Arabic civilization they were actually working on things like math and and and and language and and so so there was a there is a gentleman called al Kindi who wrote a book or a manifesto essentially that was called decrypting and cryptic

correspondence those was around 850 C II and it and that's the first page of it they're an example of it but it basically went through how to do frequency analysis which if you if you know know what that is that the Caesar cipher is very susceptible to frequency analysis I'll jump back to it really quick so you can see and this this message may not be the best one but you can see certain letters reoccurring over and over again and if the keys are no the language that it's in potentially know who sent knew who sent the message knew who was the recipient of the message then you could somehow derive you know the the the message from that

by a z' occur commonly is the most commonly occurring letter in the English language so so if you you know get a rot 13 message chances are if there's a lot of letters in there that are the same it's so also in the 1400s there was a 14 volume encyclopedia written by another gentleman whose name I will not slaughter they're called the Shiva a Lhasa and it had a whole volume dedicated to crypto analysis the only real documented case of crypto analysis in the you know the Middle Ages in Europe were monks cloistered up they they were you know kind of focused on intellectual idea but they were looking in the Bible for things that that they could extrapolate

and codes and things like that so so we weren't completely lost just mostly it's worth noting there too that around this time Mary Queen of Scots happened so just a little bit of trivia there if anybody knows who she was and what happened to her basically a big crypto fail that ended in her head getting lopped off so so secrets are important right so so moving on to the vini a cipher and I'm not French so if I'm mispronouncing that apologies but it's essentially and this is a this is a simplified version of a tabular Ekta or a Vanier square it's called a couple of different things but it's a series of different Caesar ciphers essentially what's really unique

about this is it introduced the use of a code word the code word is interesting because we see it's the concept of a shared secret reoccurring even in today's cryptography right it's a great example of a polyalphabetic substitution cipher so before I get into that how's this guitar going awesome awesome cool I think you're gonna make it so we have this bit of cipher text and since we're the right the the recipient of the message we did not intercept this we know you know who it's from what the method of encryption is we also know the shared secret the key word right the code word it's chocolate right so did your safe word - awesome good to

know so how we would decrypt this message we take our ciphertext and we repeat the code word over and over again and match it up and again apologies that the letters don't match up perfectly there but we take we take our tabular Ekta are our vinny a square and we select the first letter of our code word C and we go over to the first letter of our ciphertext which is y and then we go up and that is our message letter or clear text W do the same with h2o up to H again so see how that happens there okay

oh-oh - s is ec2 T are o to s beep any questions concerns on how that happens yes sir yes sir yep yep so it just repeats for every letter yep absolutely yeah so I don't know if it's if it's a parent there but yeah so and there are a couple of different ways to do this I've seen I you know for ease of presentation I kept the the letters in the same place as the words of the of the encrypted message sometimes we will break it up you know groups of five five five and then you have to kind of stitch it all together once you have the decrypted message but so I'll jump through this really quick

here

this is a really easy one to encrypt and decrypt and and is really pretty pretty secret if you don't know the keyword because the alphabet keeps changing so so where is fancy breath so so yeah it's it's a it was a tough one and it and it kept people thinking for a long time on how to break it and and how to use it and use it well easily especially in the field sometimes called field cryptography right some people that were really really taken with this this this method and crypto analyzing this method everybody know who that is on the left is Charles Babbage bon vivants if you will so he's just a guy that liked to do

really cool things right and at one point he was challenged to decrypt vini a a lot of people thought it was indecipherable and he actually figured out how to do it his findings he did that back in 1854 but his had never actually published his findings his findings weren't published until the 1970s there were a couple other people that that successfully were able to show crypto analysis of the yay after that but at the time he was one of the first people interesting fact about Babbage everybody know what the difference engine is so he's so potentially the first computer if he could have built it he designed that they also hung out with Ida Lovelace really cool lady so so

considered one of the first programmers um the guy in the middle anybody know who that is close his pen name Lewis Carroll charles ludwig Dodgson so Lewis Carroll he actually said that the vini a cipher was unbreakable in 1868 so even though it had already been broken but he was a really big mathematician you can find a lot of secrets and codes in his work last guy everybody else in that is right po right and so on he he did not directly talk about Vinny a but what's really cool about him and in popular culture was in the at 1843 who wrote the Gold Bug which is one of those stories reading and I've read in middle school was like oh that's

kind of cool but it actually goes through step by step how to decipher an encrypted message and it just kind of piqued my interest as a kid I really really liked Poe yeah interestingly also put out a challenge in a periodical called the Philadelphia's Alexander weekly messenger claiming that he could decrypt any monoalphabetic substitution cipher and he successfully deciphered all of the hundreds of submissions that were sent in so so big into codes and and definitely if you have not read the gold-bug since middle school or high school I recommend it so fun stuff how we doing you got it what do you got

very good sir all right so your prize I know you already have applied cryptography we talked about that but you can select a book I have a copy of Neal Stephenson's crypto nomicon awesome all right there you go thank you appreciate it and if everybody else wants to check out this khattala it'll be up here and I'll probably be at the the comp unit tenable table after so so I have a couple more books and I'm crypto challenges so so whoever solves those other crypto challenges first you get your choice of a couple of books I'll talk about that later yeah so some early cipher machines most of these machines on the left there on

the Albertini cipher machine on a lot of these were really just ways to try and streamline using Vinnie a or Caesar for that matter variance on the Caesar cipher in in the field right for military use things like that most of these were substitution ciphers the Wheatstone the second one there used instead of letters that use symbols the jeffersonian sim cylinder this is commonly attributed to Jefferson but it's never been proved that he actually used one I have a toy version of it here if anybody wants to try and take a look at it I have a secret message but basically you would line up it's a series of wheels and in an official grade one you can move the wheels around

so you can really be sneaky with your message but you essentially have your your your message your clear text and you line it up and then you pick another another line and you know it's completely corrupted ZX + H cui cze let's see ya see n right and then you'd look through here and see that there is a secret message so anybody wants to check this out I can come up and look at it or after the last one that's a picture from the the crypto Museum at the NSA that is a Confederate cypher disc from the Civil War so so one interesting tidbit about that is you know again they had a as a variation on beignet they had

code words and they used primarily the same three code words or phrases throughout the whole war so once once the Allies would figure those out and had access to their device or not the Allies excuse me the-the-the-the northerns folks the Yanks they they were able to decrypt Yanks what version of that had letters and numbers on it a series of zeros and eights so another fun one is the Mexican Army cipher disk this was this was considered state-of-the-art I have one here there's a toy version of it essentially but whose user in the border war with the US early 1900s it's a mono alphabetic cipher but essentially how you'd use it is the the the sender of the message the

receiver of the message would have an agreed-upon setting where you would have you know the letter A equals it's a series of numbers around each each wheel right so the letter A you would have a shared secret of you know a five 2960 zero and then you would send a series of encoded messages and using that you could decrypt it if you continued to use the same setting over and over again people get you know wind of it they understand it they get the device very easy to intercept and decrypt the messages what's interesting is I've seen this guy did a video where he uses a on YouTube so I saw it on the internet so

you know it works but he actually makes it so that this is still a fairly decent encryption device which is interesting by changing the rotation of the wheels with each letter you're decrypting it really makes it pretty and pretty tough to crack so so another one that's that's really common that kind of came out of the cracking of VIN yay was a one-time pad which is basically considered an uncrackable piece of of encryption so very good any questions about that awesome so the big one enigma right everybody knows enigma or everybody knows enigma yes ok good you haven't seen a little know it's good good good all right so um you know all these things we've done in hacker camp write

codes you know 100 200 s this was the 500 write this was the Big Dawg so encryption was a rotor based cryptographic device so you had different rotors that would move and the text would change as you you know in cipher and decipher a message right some of the first rotor machines started showing up around 1915 a couple of Dutch naval officers developed it they I believe there were only two rotors and that one the it was then modified with a keyboard and the light system to input the text and you know spit out the the decrypted message the actual enigma that was used by the Nazis and World War 2 was developed around 1918 by Arthur

Shree biasts that actually had three interchangeable rotors see not only would the rotors move but you had different rotors with letters in different locations on them so so pretty pretty amazing they had a plug board to to change how the the the the text was reflected and I'll make a little bit more sense in a few minutes if you're not familiar with the inner workings of the but some interesting statistics the the increased as you increase the rotors it increases the the the ability to decrypt the message exponentially right so big numbers so as as you have you know with with three wheels six pairs of letters that are swapped that increases the possible settings of keys to 159 million

million million right and you know if you had a thousand cryptographers each with captured Enigma machines and they'd had tested four keys per minute all day every day it would take 1.8 billion years to try every combination that kinda gives you an idea right so when I was researching hacker camp I found this really cool thing called the paper enigma so so this is really a very simple offline representation of what enigma does was developed by a guy Michael cause he works for Google now and there's a link there to a Google code page that he has with a I think it's JavaScript or a working version of the pea paper enigma on his website but

essentially you have there on the the right side of the page your your cylinders hold up I've got them here too but you take your handy dandy scissors and you cut along the dotted line just like in kindergarten right and you have rotor one two and three and the rotors are then placed into over the the input output and reflector and you notice the the arrows on the right side of the the rotor placement that indicates that the rotor moves as you were to type in the letter right so so rotor three moves every time you input a letter and it basically goes across reflects back and then gives you your plain text letter and and I have

the obtained secret footage of how to use this device and we'll see if this works so so let's let's alright so first thing you want to do clean up your workspace you don't want anything else distracting you this has sped up a little bit this decryption took about ten minutes so you see the rotor move I can't actually see it going so that's kind of tough but you see I moved the rotor and not me some secret person somewhere and so we have our first letter so worth noting the the placement of the rotors is that shared secret key word at the bottom PFF and so each letter is run through the process the the crypto message and then given the

plaintext letter so again the machine would have done this for you but by doing the paper enigma the the goal of the hope the idea is that you'll understand a little bit more intimately how the device itself worked it's not just a black box anymore it's not an enigma anymore it's it's obtainable it's understandable and so it speeds up here in a second and what what you want to look for is when rotor 2 moves so right now we rotor 1 is the only one moving we've got the first kind of start of the of the the the message there and it's about 12 letters and something like that when rotor 2 moves but that as as a

message would become longer and more complex you would see that rotor 2 would move every so often and then ultimately rotor 1 the one all the way on the left would move so it's a really increasing the the difficulty of decrypting the message um so there's these there's kind of hard to see there but there's arrows to the right of the rotor so as as rotor one moves up there's a there's a little arrow at the top so that it signifies every time that rotor moves but then there's a black arrow on there on yeah yeah you can come up and grab a sheet if north but yeah so it you see here the arrow yeah absolutely and there's

instructions on the bottom I have a ton of these because this is you know part of the the challenge right is going through in a paper enigma so so feel free to come up and grab these L so I have the Vinnie I squares here as well so any questions around that so it's a fun um yes sir

so I'm gonna talk about crypto analyzing it in a second but but I mean absolutely so that that's what I just showed was a decrypt of an encrypted message there and and I can go through it you know yes yeah yeah same setting and everything yes so so that shared secret is is is key there right so so cracking enigma right so this is this is a very popular eyes story it's it's a key part of crypto nomicon the book but also you know what the difference what's the name of the movie difference engine yeah or didn't know the imitation game right so you know kind of you know talking about Alan Turing and and his time at

Bletchley Park but so so how did they crack this in World War two right how did this happen so so it started in Poland they intercepted one of the devices in about 1928 so the the and then the poles math the out of it right they started doing the work breaking the three rotor enigma from 1932 to 1939 so intercepting messages and being able to actively break those messages through math that changed as the Nazis added more rotors to to the Enigma they kind of became overwhelmed so they had that you know as the war went on actually kind of started right on 1939 they handed over all their findings to the French and ultimately the English and

that's where Bletchley Park happened where you know they had I believe is a hundred and forty of the bombs is what they were called so these are essentially enigmas built on enigmas built on enigmas and an automated way of trying to crack the code within a time frame before the Nazis moved to a new shared secret when about 1942 the Germans added another rotor to the u-boats enigmas because that was a really really secretive part of the operation and and the what's a little less commonly known as the u.s. got involved in decrypting these messages as well the US Navy worked with the National Cash Register company they had built a hundred and twenty-one us-made bombs that were used

from September 1943 to march of 1945 actively decrypting u-boat messages and also messages for the Luftwaffe and the land forces so pretty pretty interesting stuff again what what I guess really excites me about this is these these were early computers and and the use of these led directly to you know this right so um just some resources and and credits that I have to give out you know obviously I said I'm not not not the smartest guy but you know what inspired me for this Neal Stephenson's crypto nomicon a really cool piece of fiction if you haven't read it I highly recommend it you know it has real people like Alan Turing and he inserts fictional

characters that interact with them to help at Bletchley Park and then also a a more modern-day setting that still really holds true even though the books what probably 10 15 years old the house so so great great novel highly recommend it the code book by Simon's sting I think is how you say his name um but that's right here amazing book if you're interested in the history of cryptography solve the puzzle you may have the chance to pick this the other one just because I think that this applies directly to us the very sought-after second edition of Bruce Schneier applied cryptography so solve these challenges ones of in yay ones an enigma I'm not going to tell you which

is which but if you've been paying attention at all it should be apparent I have paper enigmas here and have been the I squares here I have Ewan solved the text you're one of the first two people now to solve the text you get to choose one of those books you know I've got a couple other shout outs there you know the National cryptology Museum at the NSA headquarters I can't even read it anymore but there's a Flickr feed I used some of that were some of the photos I used dr. Wayne Summers had a really good presentation on cipher machines and then a bunch of links and I've got those on on my website

www.recepttura.com tog Rafi so any questions concerns tomatoes great thank you