For those who are newbie cryptographers, I am very much sure you have more to add on this topic. For digital netizens, the lessons learned portion will be more relevant for you. If you are neither, you can still read on.
These are some notes for the Week 1 of my class on Internet History, Technology, and Security at Coursera. You can take the free course too at coursera.org. I took this course to gain knowledge about, well, the history of the internet. Back in college, we have slightly touched on this topic as part of the syllabus but no further reading was required. And so, I am studying it again in Coursera.
For Week 1, I got 9/10 on the quiz. The next quiz is supposed to be peer-reviewed but I am not sure how that works. I can re-take the quiz but figured that I should leave it that way. You don’t really get that much second chances in real school. Also, this is a reminder for me. The item that I got wrong is about Enigma and human errors and I would like to note why I am amazed at this tech.
Notes about Enigma
- Dutch invention, first used by German military in 1926
- Typewriter-style keypad used to input plain text
- Encryption done by three or more rotors and electrical plugboard
- Daily instructions for settings, known as “key for the day”
- Each message also had “message setting” chosen by sender
- Receiving operator used message setting to recover signal on his Enigma
- Morse code signals intercepted by British
The weakest link in security systems: human factor.
— Fleire Castro (@likke) July 30, 2012
In a whitepaper titled: The Weakest Link: The Human Factor Lessons Learned from the German WWII Enigma Cryptosystem, it points out how the code was cracked due to the negligence of the operator and lack of training from the leaders from the Nazis. It could well be applied to today’s security as quoted:
Today’s managers and computer professionals face the ever-daunting tasks concerning IT security. These professionals must not fall victim to the weakest link – the human factor. Implementing the latest most advanced equipment and security safeguards are to no avail if all the users are not properly trained to be part of the security plan.
Other lessons learned and thoughts on Coursera
1. Wars have propelled innovation in technology. Communication and marketing? Secondary.
2. For a team to work, put folks with different expertise, give them a problem, give them the means to solve it. This reminds me of SCRUM.
3. Online classes are only as good as your dedication and interest in learning.
How Enigma Works
The Enigma Secret
Photo src: cromwell-intl.com