Page numbers listed correspond to the print edition of this book. You can use your device’s search function to locate particular terms in the text.
academic transcripts, 99, 102–3, 110
AES (Advanced Encryption Standard), 62–68, 73, 85, 89, 160, 163, 166–72, 178, 183, 184, 217, 229–30, 235, 265n–66n, 296n
algorithms, 26–45
attacks on, 161–78, 205–10, 219–20, 234–37, 243–50, 279n, 296n
backdoors to, 206–10, 219–20, 223
complexity of, 80–87, 246
decryption, 57–59, 111–12
definition of, 35–36
design of, 39–45, 63–64, 157–58, 160, 174–76, 195–96, 205–10, 229–30, 243–45
discrete logarithms as basis of, 86–87, 233, 268n–69n, 294n–95n
do-it-yourself, 39–40
elliptic curves as basis of, 86–87, 268n–69n
factoring as basis of, 56–57, 80–87, 163, 185, 233, 267n–68n, 294n–95n
Grover’s, 295n
hash function, 97, 104–10, 111, 112, 114–15, 120–21, 136–37, 144, 164, 271n
implementation of, 170–82, 192–95, 205–6, 228–30, 245–50
keyless, 52, 104–6
key-stretching, 137–38
lightweight, 239
postquantum asymmetric encryption, 233–34, 295n
Rijndael, 64–65
RSA (Rivest-Shamir-Adleman), 81–87, 89, 91, 176–78, 185, 212, 255n, 268n–69n, 284n, 290n
secrecy of, 39–42, 262n, 263n
Shor’s, 294n–95n
Square, 265n
timing attacks on, 176–78, 180
see also ciphers; keys
anonymity, 117, 119, 125–26, 150–54, 199, 203, 214
“anti-padlocks,” 109–10
Apple Computer, 1, 6, 221, 226, 284n–85n
artificial intelligence (AI), 85, 233–34, 242–45
ASCII (American Standard Code for Information Interchange), 29
Atbash cipher, 50–57, 264n
ATMs (automated teller machines), 1, 33, 58, 186, 260n, 261n, 262n
authenticated-encryption modes, 107–15, 124, 145, 163, 167, 199, 264n, 272n
authentication, see data origin authentication; entity authentication
Avalanche platform, 260n
Babington Plot, 160, 167, 173
backdoors, 206–10, 219–20, 223
banking:
accounts for, 23, 24, 39, 46, 47, 93–94, 130, 140–46, 149, 193, 277n
cards used for, 1, 19, 20, 28, 58, 62, 186, 191, 192–93, 235, 237, 275n
online, 149–50, 193, 248, 260n, 262n, 277n, 282n
passwords used for, 6, 140–46
tokens for, 144, 146, 277n
Bardem, Javier, 180, 283n
base stations, 224–25, 293n
Bellaso, Giovan Battista, 160, 162, 265n
Bernstein, Daniel, 290n
Bernstein v. United States, 214, 290n
binary numbers, 29, 232
bitcoin, 1, 6, 98, 105, 117, 118–24, 273n
bitcoin farms, 273n
bits, 28–30, 62, 67
Blaze, Matt, 203
blockchain forks, 273n
blockchains, 6, 119–24, 273n
block ciphers, 62, 66–68, 85, 87, 107, 119, 172, 229, 268n, 273n, 281n
Bluetooth, 60
Bohr, Niels, 294n
border control, 120, 128
Brandis, George, 8
Brown, Dan, 2, 53, 243, 254n, 281n
bytes, 28–30, 64–65
Caesar, Julius, 1, 57–58, 60, 158, 159–60, 167, 168, 195
Caesar ciphers, 159–60, 168, 195
Cameron, David, 8, 256n
captcha tests, 131, 275n
card-not-present fraud, 275n
car keys, 4, 31–32, 146, 181–82, 186, 193, 277n
Carolina, Robert, 254n, 259n
CCM mode, 272n
centralized ledgers, 118
certificate authorities (CAs), 187–90, 284n
challenge-response principle, 146–50
chat rooms, 127
check digits, 101–6, 109, 111
child abuse and pornography, 199, 201
Cider with Rosie (Lee), 89, 269n
Cifra del Sig. Giovan Battista Belaso, La (Bellaso), 160
cipher, ciphers:
Atbash, 50–57, 264n
block, 62, 66–68, 85, 87, 107, 119, 172, 229, 268n, 273n, 281n
breaking of, 60–61, 88–89, 157–58, 171, 205–10, 218, 222–23, 230–37, 245, 248, 253n, 281n
Caesar, 159–60, 168, 195
padding in, 67
simple substitution, 53–57, 59, 60, 162, 167–68, 265n
statistical analysis of, 60, 265n
stream, 61–62, 67
Vigenère, 60, 162, 265n
weak, 1, 57–58, 60, 67, 157, 160, 161, 167, 173, 195–96
see also specific ciphers
ciphertext, 9n, 50–59, 64–67, 69, 84, 89, 91, 104, 111, 144, 159, 160–73, 208, 210, 234, 241, 242, 281n
Civil War, U.S., 60
Clinton, Bill, 215
cloud storage, 240–41, 296n
CMAC, 107
Cocks, Clifford, 268n
codes:
access, 193–94
error-correcting, 270n
see also ciphers
coin tosses, 183, 282n
Cold War, 1, 58, 225
Comey, James, 7, 202, 256n
complexity, 80–87, 104, 217–18, 223, 246, 267n
computational complexity theory, 104, 267n
“computational tasks,” 78–80
computers:
artificial intelligence in, 85, 233–34, 242–45
electromechanical, 60–61, 171
hacking of, 7, 19–20, 40, 47, 88, 97, 134–35, 140–42, 219, 254n
hard drives of, 67
hardware for, 43–44, 63, 140, 175, 191, 209, 294n
human behavior and, 125–31
keyboards of, 130, 190–91, 259n, 274n
memory of, 94
microchips for, 31, 63, 128, 256n
networks of, 3–4, 186, 213, 219, 254n
processing power of, 62, 78–87, 89, 104, 163–64, 168–70, 176–78, 206, 213, 217, 230–37, 245–50, 267n–68n, 280n–81n
quantum, 6, 164, 230–37, 244, 268n, 294n–95n
servers for, 129–30, 155–56, 172–74, 182, 199, 221
software for, see software
storage capacity of, 94
super-, 2, 63, 82–83, 168–70, 217
confidentiality, 46–51, 53, 54–59, 66–71, 75–76, 84, 87–88, 93–94, 113, 148–50, 158, 172–74, 197, 206, 225, 227–30, 239, 263n, 288n
contracts, digital, 95, 99–100, 109–10, 122–23
Cook, Tim, 221
Cotton, Tom, 202
counters, 146
couriers, 75–76, 88, 153–54
credit cards, 63, 70, 102, 108, 177, 191, 260n
cross-border jurisdictions, 206
“Crypto Anarchist Manifesto” (May), 214
cryptography:
applications of, 9–10, 107–15, 148–50, 157, 257n
basics of, 5–6, 9–10, 24–25, 248, 267n
“breakable unbreakable,” 205–10
breaking of, 88–89, 157–96, 205–10, 218, 222–23, 230–37, 245, 248, 265n, 288n
development of, 10, 87, 155–58, 163–64, 175–76
efficiency in, 62, 64, 76, 88, 103, 105, 111, 118, 171, 242
failure of, 10, 157–78, 205–10, 219–20, 234–37, 243–50, 279n, 296n
forensic investigation of, 158
future of, 10, 227–50
government use of, 7–8, 61, 63, 201–27, 243–44, 247, 257n, 263n, 264n
history of, 1, 57–58, 60, 62–63, 159–60, 257n
human interaction in, 192–95, 239–40
military use of, 41, 60–61, 63, 157–58, 171, 204–5, 207, 215–16, 217, 218, 222, 223, 224, 226, 253n, 281n
processing time in, 176–78
protocols for, 6, 149–50, 172–75, 180, 190, 195, 246–47, 255, 266, 269, 278
quantum, 230–37, 244, 268n, 294n–95n
regulation of, 7–8, 61, 63, 210–11, 289n–90n
risk as factor in, 17, 21–23, 68, 223–24, 296n
secrecy in, 10, 46–78, 84, 93–94, 111, 167–68
social impact of, 2–10, 21, 22, 78, 79, 102, 103, 115–16, 126, 127, 151, 195, 197, 201–4, 210, 213–14, 220, 222, 228, 240, 245, 249
trust as issue in, 23–24, 32, 70, 114, 245–47, 263n, 266n, 270n–71n, 289n–90n, 298n
ubiquity of, 237–40
as warfare, 215–16, 217, 218, 222, 223, 224, 226
see also codes; encryption
crypto war, 215–16, 217, 218
CSI: Cyber, 2, 254n
currency:
crypto-, 122–23
digital, 1, 6, 26, 72, 98, 105, 117–24, 258n, 260n, 273n, see also bitcoin
cyber bullying and stalking, 151–52
Cybersecurity Ventures, 5
cyberspace:
attacks in, 22–23, 128–31, 200–201, 243–45
business activity in, 62–63, 74, 82, 89, 127, 213, 215, 217, 222
common sense in, 22–23
complexity of, 217–18, 223
criminal activity in, 6–7, 19–23, 24, 88, 106, 123–24, 128–31, 140–42, 198–99, 215–16, 255n, 259n–60n, 262n
daily experience in, 18–23
fraud in, 19–23, 24, 88, 106, 123–24, 128–31, 140–42, 259n
freedom in, 25, 153–54, 202–4, 210, 213–14, 246, 257n, 272n–73n, 279n
identity verification in, 10, 27–28, 32–34, 123–34, 140–42, 146, 148–56, 161, 275n
infrastructure of, 24–25, 190, 203, 217, 225–26, 229, 255
networks in, see networks
physical world compared with, 5, 11–25, 26, 27, 34, 47, 69–70, 74, 96, 98–100, 123, 128, 131, 182, 187–88, 217
quantum technology in, 230–37, 244
security issues in, 4–9, 11–25, 44–45, 62–63, 68, 107, 157, 195–96, 213–14, 230–32
as term, 254n
see also internet
cypherpunks, 47, 214, 227
“Cypherpunk’s Manifesto, A” (Hughes), 47
Dachshunds for Dummies (Adamson), 100–102
Daemen, Joan, 64
Dark Web, 105
data:
backups of, 240–41
corruption of, 94–95, 105–6
entry of, 56
errors in, 101–3
meta-, 219, 263n
origin of, 95, 106–9, 112, 172–74
personal, 126–27, 135, 150–51
protection of, 36, 95–98, 157–58, 198, 201–2, 219–20, 229–30, 239–45, 249–50, 293n
size of, 28–30
unreliability of, 93–103
voice, 61
see also files; information
databases, 40, 135–36, 140, 144, 171, 182, 239–42, 248, 275n
data integrity, 93–124, 142, 148–50, 157, 160–61, 187–90, 204–5, 218, 219–20, 264n, 270n, 273n, 277n, 285n, 288n, 293n–94n
data origin authentication, 95, 106–9, 112, 172–74
Da Vinci Code, The (Brown), 53, 254n
decimal numbers, 29
denial-of-service attacks, 260n
DES (Data Encryption Standard), 61–63, 162–63, 169–70, 229, 234, 246, 265n, 273n, 280n, 281n
DESCHALL Project, 281n
Diffie, Whitfield, 268n
Diffie-Hellman key agreement, 187, 268n, 284n
DigiNotar, 269n
digital forensics, 191–92, 278n
Digital Fortress (Brown), 2, 243, 254n, 281n
“digital rights,” 49–50
digital signatures, 72, 105, 110–14, 115, 122, 124, 181, 272n, 293n–94n
discrete logarithms, 86–87, 233, 268n–69n, 294n–95n
distributed ledgers, 118, 119–24
Dropbox, 240
Dual EC DRBG, 209–10, 289n
Dullien, Thomas, 176
Dyson, Esther, 203
Egyptian hieroglyphs, 52
electromagnetic radiation, 177–78
Elizabeth I, Queen of England, 160
elliptic curves, 86–87, 268n–69n
Ellis, James, 268n
email:
attachments for, 200, 220
fraud in, 24, 106, 123–24
security of, 92, 106, 113, 114, 130, 182, 194, 219, 225, 269n
spam in, 18, 260n
embedded chips, 63
encryption:
algorithms as basis of, 9–10, 26–45, 50, 57–59, 161–62
asymmetric, 59–63, 66–68, 72, 76–92, 109–13, 181–87, 213, 214, 233–37, 244, 264n, 268n, 269n–70n
authenticated modes for, 107–15, 124, 145, 163, 167, 199, 264n, 272n
backdoors for, 206–10
decryption vs., 57–59, 111–12, 206–10, 215–18
definition of, 57
end-to-end, 221–22, 225–26, 293n
export/import controls for, 210–12, 214, 216, 290n
homomorphic, 241–42
hybrid, 90–91, 113, 187
legal issues in, 198–99, 206, 210–12, 215–16, 221–22, 290n, 293n
open environment for, 61, 91–92, 113, 186–87, 262n
outputs of, 35–39, 57, 65–68, 104–5, 144, 183, 210
reverse-engineering of, 42–44, 77–78, 84, 85–86, 110–11, 208, 262n, 266n–67n
searchable, 241–42
speed of, 61–62
standards for, 61–68, 160, 161–67, 174–76, 190–95, 219–20, 279n–80n, see also AES (Advanced Encryption Standard); DES (Data Encryption Standard)
strong vs. weak, 172–78, 195–96, 213, 217, 243–45, 292n
symmetric, 59–77, 85, 89–92, 108–13, 168, 169, 181–84, 187, 211, 233–37, 242, 246
“trapdoors” for, 266n–67n
vulnerability of, 57, 80–87, 192–95, 220–22
see also algorithms; cryptography
endpoint security, 190–92, 206
Enigma, 2, 253n
Enigma machines, 60–61, 157–58, 171, 253n, 281n
entity authentication, 10, 27–28, 32, 123–34, 140–42, 146, 148–56, 161, 275n, see also passwords
Facebook, 79, 276n
factoring (prime factors), 80–87, 163, 185, 233, 267n–68n, 294n–95n
fake news, 95–96, 115–16, 270n
Federal Bureau of Investigation (FBI), U.S., 221, 254n
files:
downloads of, 114
encrypted, 198
medical, 209
modification of, 106–7
protection of, 33, 198
filter bubbles, 116
Financial Cryptography and Data Security conference, 260n
financial transactions, 16–20, 47, 49, 60, 70–71, 72, 73, 98, 108, 127, 135, 149–50, 187–91, 260n
fingerprints, 27, 275n
Firefox browser, 253n
Flickr, 240
forgery, 99, 109–10, 113–14, 128, 173, 272n
freedom, 25, 153–54, 202–4, 210, 213–14, 246, 257n, 272n–73n, 279n
frequency analysis, 162, 170
“freshness,” 133–34
Galbraith, Steven, 264n
Gartner Hype Cycle, 91–92, 269n
General Data Protection Regulation (GDPR), 285n
Gibson, William, 254n
gigabytes, 29
Gmail, 240, 269n
Government Communications Headquarters (GCHQ), British, 86, 268n
“Grande Chiffre de Paris, Le,” 170–71, 172
Gregory, Arthur, 160, 173
Grover, Lov, 295n
Grover’s algorithm, 295n
GSM standard, 263n, 284n
“gummy fingers,” 275n
hackers, hacking, 7, 19–20, 40, 47, 88, 97, 134–35, 140–42, 219, 254n
handwritten signatures, 99, 109–10, 113–14, 272n
hardware security modules, 191–92
hashes (hash functions), 97, 104–10, 111, 112, 114–15, 120–21, 136–37, 144, 164, 271n
Hasting Pudding cipher, 66
Hayden, Michael, 220, 289n–290n
health care, 209, 239–40
Hellman, Martin, 268n
hieroglyphs, 52
HMAC, 107
Hogan-Howe, Bernard, 202
holograms, 14, 128
Homeland, 239–40
Hope, Anthony, 259n
Hughes, Eric, 47
human rights, 49–50, 210, 257n, 278n
IBM, 63
identification, friend or foe (IFF) system, 278n
identity verification, see entity authentication
implants, medical, 239–40
Infineon Technologies, 6, 256n
information:
biometric, 128, 193–94, 275n
consensus on, 97–98, 115–17
control of, 115–16
digital form of, 8, 21–25, 28–30, 229–30, see also data
files of, see also files
financial, 16–20, 118–24, 190–92, 197
hidden, 48–51
leaks of, 176–78, 218–22
mis-, 95–98, 115–17, 118, 270n
protection of, 1–2, 23, 27–28
top secret, 207, 218–20
verification of, 94–100, 115–17
Instagram, 243
integrity:
checks for, 98–100, 136
of data, 93–124, 142, 148–50, 157, 160–61, 187–90, 204–5, 218, 219–20, 264n, 270n, 273n, 277n, 285n, 288n, 293n–94n
degrees of, 95–98
mechanisms for, 187–90
intellectual property, 214
intelligence:
analysts for, 7–8, 160, 165–67, 199, 280n, 282n
diplomatic, 209
government use of, 41–42, 50, 161–67, 202, 203–4, 213, 280n, 289n–90n, 292n
leaks of, 7–8, 163, 203, 218–22, 244, 245, 247, 256n, 263n, 264n, 291n, 297n
military, 60–61, 157–58, 171, 253n, 281n
surveillance in, 7–9, 161–67, 209–10, 211, 218–20, 263n, 280n, 289n–90n
International Standard Book Number (ISBN), 100–106, 271n
internet:
addresses for, 152, 153–56
architecture of, 74, 224, 293n
cloud storage in, 240–41, 296n
criminal attacks on, 7, 198–200, 234, 255n, 256n, 260n, 286n
development of, 62–63, 92
endpoints on, 190–92, 206
future development of, 155–56, 237–40, 296n
harassment on, 151–52
identity verification in, 125–26, 150–56
logins for, 32, 134–35, 138, 143–44
as network, 3–4, 74, 123, 152–54, 155, 169, 174, 186, 199, 201, 222, 224, 278n, 293n
news sources on, 12, 95–96, 270n
online shopping for, 31, 86–187, 190, 234, 237
as open system, 186–87, 223–24
passwords for, see passwords
payment transfers on, 16–20, 47, 49, 60, 70–71, 72, 73, 98, 108, 127, 135, 149–50, 187–91, 260n
protocols for, 150, 255n, 269n, 282n, 284n, 294n, see also Transport Layer Security (TLS)
routers for, 152–54, 155, 186, 199, 201, 222, 278n
security of, 69, 106, 123, 149–50, 191–92, 197, 219, 220–22, 234, 296n
service providers (ISPs) for, 152, 217
of Things (IoT), 237–40, 296n
traffic rate on, 61, 69–70, 173, 198, 254n
see also websites
Internet of Things (IoT), 237–40
Internet Protocol Security (IPSec), 269n
iPhone, 221
iris scans, 27
ISIS, 221
ISO/IEC 18033 standard, 279n–80n
job applications, 99
journalism, 96
Junger v. Daley, 290n
Kerckhoffs, Auguste, 43, 50
keyboards, 130, 190–91, 259n, 274n
key-distribution problem, 68–71, 72, 73, 90–91
keyed hash function, 106–8
keyloggers, 143, 190–91, 259n, 274n
keypads, 145, 262n
keys, 26–45
access to, 27–28, 71–92, 144–45, 180–82, 200, 215
alphabetic, 9n, 159–60, 168, 195
certificates for, 187–90
critical role of, 26–27, 44–45, 97, 158
cryptographic importance of, 6, 9–10, 140, 165–67, 248
destruction of, 180, 287n
distribution of, 10, 68–71, 72, 73, 90–91, 92, 113–14, 115, 166, 169–70, 181–82, 185–90, 219, 235–37, 248, 266n
escrow for, 215–16, 218, 291n
exhaustive search for, 167–70
factory default, 178–80, 181
56-bit, 169
40-bit, 211
generation of, 32–36, 72–74, 104–8, 149–50, 167, 180–82, 187–90, 230–32
length of, 29–32, 38, 73, 90–91, 167–70, 174–78, 211, 229–30, 265n, 280n
life cycle of, 180–82
location of, 30–32
management of, 68–71, 180–82, 206, 215–16, 218, 246
master, 193–94
numbers as basis of, 20–23, 35–39, 80–87, 104–5, 230–37
128-bit, 30, 73, 90–91, 169, 183, 184, 211, 229–30, 234, 271n
ownership of, 88–89
passwords compared with, 32–34, 136–37, 144, 184–85, 192
physical, 4, 26–32, 34, 59–60, 69, 70, 146, 180, 181–82, 186, 193, 277n, 282n
private, 77–78, 80, 83, 110–12, 115, 119, 123–24, 176–78, 181–82, 219–20, 256n, 284n
pseudorandom, 184–85, 186, 209–10
public, 43–44, 77–78, 84, 87–89, 91–92, 110–11, 112, 113, 114, 115, 119, 163, 176–78, 181–82, 186–90, 215–16, 219–20, 268n, 269n, 282n
random generation of, 37–39, 57–59, 104–5, 120–21, 142–50, 165–66, 168, 172, 182–85, 230–37, 244, 262n, 268n, 282n–83n, 294n–95n
reinstallation attacks for, 255n
secrecy of, 32–34, 44–45, 51–52, 68–71, 106–8, 115, 167, 180–82, 195–96, 200, 230–31, 266n
on smartcards, 192–93
storage of, 155, 180–82, 184
sub-, 65
256-bit, 234, 235
use of, 27–28, 34, 67–68, 158–60, 215–16
see also specific types of keys
kilobytes, 29
knowable, taxonomy of, 161–64, 176
Kocher, Paul, 176–78
Lee, Laurie, 89, 269n
Let’s Encrypt certificate authority, 284n
letters, 13–14, 16, 26, 99, 160, 167, 173, 228–29, 261n, 293n
letters of introduction, 261n
location-based apps, 259n–60n
locks:
digital, 59–60, 69–71, 74–78, 85–88, 92, 109–10, 147–48, 228–30
physical, 14, 22–27, 34–35, 40–41
logins, 32, 134–35, 138, 143–44, see also passwords
logos, 14, 188–89
loss aversion, 270n
LTE (Long-Term Evolution) standard, 263n
Luhn, Hans Peter, 271n
MACs (message authentication codes), 107–15, 124, 145, 163, 167, 199, 272n
Maizière, Thomas de, 8
malware, 5, 7, 20, 130–31, 198, 200, 255n, 256n, 259n–60n, 274n, 286n
Mary, Queen of Scots, 1, 57–58, 60, 157, 160, 161, 167, 173, 288n
masking (side channel) attacks, 176–78, 180
masquerades (false identities), 140–42, 150–51
materiality, 17–18
May, Timothy, 214
MD5 hash, 97, 114–15, 164, 271n
media:
news, 12, 95–96, 270n
social, 23, 79, 116, 126, 127, 259n–60n, 275n
megabytes, 29
Meltdown bug, 256n
“Merchandise 7X,” 44
messaging services, 1, 58, 186–87, 194, 201, 203–4, 221, 225, 291n
MI-5, 254n
microchips, 31, 63, 128, 256n
microphones, 220
mobile phones, 2, 6, 28, 31, 36, 43, 47, 49, 58, 70, 129, 131, 152, 155, 158, 183–86, 191, 193, 198, 199, 201, 212, 219, 220, 224–25, 234–35, 237, 260n, 274n, 276n–77n, 291n, 293n
modes of operation, 67
Moore, Daniel, 226–27
Moore, Gordon, 280n
Moore’s law, 280n–81n
Morse code, 52
Murphy, Cian, 254n
Napoleon Bonaparte, 1, 57–58, 60, 157, 170–71, 172
Natanz uranium enrichment plant, 5, 255n
National Audit Office, British, 256n
National Health Service (NHS), British, 256n
National Institute of Standards and Technology (NIST), U.S., 63–64, 267n, 295n, 296n
national security, 203–4, 213, 292n
National Security Agency (NSA), U.S., 7–8, 209–10, 211, 218–20, 263n, 280n, 289n–90n
Netscape browser, 211
networks:
banking, 25, 36, 119–24, 234
centralized, 74, 217–18
4G and 5G technology for, 246, 284n
infrastructure of, 190, 203, 217, 225–26, 229, 255
internet as example of, 3–4, 74, 123, 152–54, 155, 169, 174, 186, 199, 201, 222, 224, 278n, 293n
logins for, 32, 143–44
management of, 3–7, 198, 200–201
passwords for, 32–34, 143–44
phone, 2, 6, 28, 36, 43, 47, 49, 58, 70, 129, 131, 152, 155, 158, 183–84, 193, 198, 199, 201, 212, 219, 220, 224–25, 234–35, 237, 260n, 274n, 276n–77n, 293n
security for, 32–34, 200–201, 246, 263n, 284n, 293n
telecommunications, 44, 63, 129, 183–84, 234, 246, 263n, see also mobile phones
Wi-Fi, 1, 6, 31, 47, 58, 60, 69–70, 94, 108, 113, 146, 150, 174, 186, 234, 255n, 266n, 282n, 294n
New Yorker, 125, 126
“nibbles,” 29
nobody-but-us (NOBUS) vulnerabilities, 289n–90n
nondeterministic random numbers, 182–83
nonrepudiation, 110–14
Norton antivirus program, 5
numbers:
data converted to, 20–23
prime, 80–87, 163, 185, 233, 267n–68n, 294n–95n
random, 37–39, 57–59, 104–5, 120–21, 142–50, 165–66, 168, 172, 182–85, 230–37, 244, 262n, 268n, 282n–83n, 294n–95n
number theory, 267n
Obama, Barack, 223
odds (probability), 16, 17, 173, 282n
Omand, David, 204
one-time pads, 235, 295n–96n
onion routing, 152–54, 199, 201, 222, 278n
out-of-office messages, 22
pacemakers, 239–40
padlocks, 59–60, 74–78, 85–88, 92, 109–10
Paris terrorist attacks (2015), 8
passports, 128
passwords:
“agony” of, 134–37
banking, 6, 140–46
copies of, 32–34, 70, 192
creation of, 33–34, 38, 70, 105, 128–29, 133–46, 199–200
databases for, 135–36, 140, 144, 248
default, 135
dictionary attacks on, 136–38, 142, 143
encrypted, 135–37, 199–200
hacking of, 19–20, 40, 134–35, 140–42, 254n
hashes for, 136–37, 144
identification based on, 32–34, 128–29
keys and, 32–34, 136–37, 144, 184–85, 192
longevity of, 133–36
management of, 139–43, 192, 199–200
for networks, 32–34, 143–44
passphrases and, 136–37, 198
pseudorandom keys from, 184–85
random generation of, 142–44, 145
resets of, 141, 142–44, 145, 192
security of, 6, 32–34, 70, 134–46, 198, 245, 276n–77n
stolen, 140–42, 143, 248
strong vs. weak, 6, 38, 133–34, 139–40, 181
perfect forward secrecy, 284n
petaflops, 82–83, 168–69
Phelippes, Thomas, 160, 173
phishing attacks, 140–42, 260n, 277n, 282n
PINs (personal identification numbers), 30, 32–34, 46, 145, 193, 248, 261n, 262n
plaintext, 50–57, 64–66, 67, 69, 84, 87, 104, 111, 144, 159–60, 162, 163, 168, 170–72, 206–8, 219–24, 229, 234, 236, 241, 242, 281n, 295n
Please Rob Me website, 259n–60n
postquantum asymmetric encryption algorithms, 233–34, 295n
Pretty Good Privacy (PGP), 214, 290n
prime factors, 80–87, 163, 185, 233, 267n–68n, 294n–95n
Prisoner of Zenda, The (Hope), 259n
privacy settings, 127
pseudorandom number generators, 184–85, 186, 209–10
public-key certificates, 187–90
PwC, 5
quantum computers, 6, 164, 230–37, 244, 268n, 294n–95n
quantum key distribution (QKD), 230–31, 234–37
quantum optimal channels, 234–35
quantum random number generation, 230–37, 244, 268n, 294n–95n
radio-frequency identification (RFID) tags, 238–39
random number generation, 37–39, 57–59, 104–5, 120–21, 142–50, 165–66, 168, 172, 182–85, 230–37, 244, 262n, 268n, 282n–83n, 294n–95n
ransomware, 7, 198, 200, 256n, 260n, 286n
RC4 cipher, 174, 282n
Real World Crypto Symposium, 247
Regulation of Investigatory Powers Act (2000), British, 291n
relay attacks, 277n
remote keyless entry systems, 146
Reporters Without Borders, 272n–73n
reverse engineering, 42–44, 77–78, 84, 85–86, 110–11, 208, 262n, 266n–67n
Rid, Thomas, 226–27
Rijmen, Vincent, 64
Rijndael algorithm, 64–65
Rivest, Ronald, 81, 271n
robotics, 155, 243
ROCA attacks, 256n
root certificate authority, 189–90
rounds (operations), 65
routers, 152–54, 155, 186, 199, 201, 222, 278n
RSA (Rivest-Shamir-Adelman) algorithm, 81–87, 89, 91, 176–78, 185, 212, 255n, 268n–69n, 284n, 290n
RSA Security, 281n
Rudd, Amber, 204, 257n
Rumsfeld, Donald, 161–64, 280n
satellites, 234–35
Schneier, Bruce, 175, 280n
sci.crypt newsgroup, 176
seals and stamps, 99, 100, 102–3, 109–10, 160, 173, 188–89, 271n
searchable encryption schemes, 241–42
search engines, 19, 116, 260n
secret communications, 1, 50–58, 60, 157, 160, 161, 167, 173, 288n
secret formulas, 43–45
Secure Multipurpose Internet Mail Extensions (S/MIME), 269n
Secure Shell (SSH), 269n
security:
complexity and, 80–87, 217–18, 246
context of, 15–17, 23–24, 26–27
core functionalities of, 46
digital, 1–10, 24–25, 33–34, 41–42, 56–57, 197–227, 292n
“dilemma” of, 7–9, 197–227, 292n
endpoint, 190–92, 206
future trends in, 245–50
home, 12, 16, 22, 26–28, 34, 69, 180, 181–82, 238
mechanisms for, 13–14
network, 32–34, 200–201, 246, 263n, 284n, 293n
physical, 17–23
privacy and, 7–9, 46–47, 197–227, 245–50, 292n
risk in, 16, 22, 42, 48, 67, 68, 103, 143, 162, 176, 193, 194, 200, 209, 223, 224, 234, 241
strong vs. weak, 33–34, 41–42
September 11th attacks (2001), 18
Sessions, Jeff, 8
SHA-1, SHA-2, SHA-3 families, 271n
Shannon, Claude, 295n
Shor, Peter, 294n
Shor’s algorithm, 294n–95n
“shoulder surfing,” 134–35, 143
side channel (masking) attacks, 176–78, 180
Signal, 203–4
signatures:
digital, 72, 105, 110–14, 115, 122, 124, 181, 272n, 293n–94n
handwritten, 99, 109–10, 113–14, 272n
SIM (subscriber identity module) cards, 31, 58, 70, 184, 186, 191
simple-substitution ciphers, 53–57, 59, 60, 162, 167–68, 265n
situational aspect, 18, 23, 26–28
Skyfall, 2, 253n–54n, 282n
smartcards, 63, 131, 177, 191, 192–93, 196
smartphones, 220, 291n
“snake oil,” 262n, 280n
Sneakers, 2, 254n
Snowden, Edward, 7–8, 163, 203, 218, 220, 221, 222, 244, 245, 247, 256n, 263n, 264n, 291n, 297n
social media, 23, 79, 116, 126, 127, 259n–60n, 275n
software:
algorithms in, 42–43, 178–80
antivirus, 5, 200
browser, 189
bugs in, 256n
downloads of, 97
email, 194
encryption, 63, 67, 191–92, 212, 215–16, 226
security of, 175–76, 226
virus (malware), 5, 7, 20, 130–31, 198, 200, 255n, 256n, 259n–60n, 274n, 286n
Sony Pictures Studios, 5, 255n
Spafford, Gene, 191
Spectre bug, 256n
Spooks, 2, 254n
Spotify, 240
spyware, 259n
Square algorithm, 265n
Stanford University, 86
Stasi (Ministry for State Security), 260n
statistical analysis, 60, 265n
steganography, 49–50, 57
Stobert, Elizabeth, 134
Strategic Arms Limitation Talks (SALT II), 225
stream ciphers, 61–62, 67
Stuxnet, 255n
Sunway TaihuLight supercomputer, 82–83
supercomputers, 2, 63, 82–83, 168–70, 217
surveillance cameras, 22
SWIFT (Society for Worldwide Interbank Financial Telecommunication) network, 260n
synchronized counters, 146
technology:
artificial intelligence in, 85, 233–34, 242–45
capability gap in, 244–45
development of, 63, 157–58, 245–50, 269n
dual-use, 204–5
4G and 5G, 246, 284n
quantum, 230–37
security, 5–6
sensing, 237–38
singularity in, 242–43
telecommunications, 44, 63, 129, 183–84, 234, 246, 263n, see also mobile phones
“televisionland,” 254n
terabytes, 29
terrorism, 8, 201, 204–5, 287n
text messages, 243
timing attacks, 176–78, 180
“Timing cryptanalysis of RSA, DH, DSS” (Kocher), 176–78
tokens, 128, 131, 144, 146, 155, 277n
Tor (The Onion Router), 152–54, 199, 201, 222, 278n
totalitarian states, 23
Transport Layer Security (TLS), 149–50, 172–74, 190, 246–47, 269n, 278n, 282n, 283n–84n
“trapdoors,” 266n–67n
Triple DES, 62, 229, 234, 265n
trolling, 151–52
“true randomness,” 182–83
Trump, Donald, 270n
“trusted parties,” 70, 266n
Turing, Alan, 60, 131, 264n, 274n
Turing test, 274n
Turnbull, Malcolm, 222
“2016 Data Breach Investigations Report,” 276n–77n
unknown vs. known information, 161–64, 176
USB memory sticks, 21, 165, 192, 200–201, 255n
Verizon, 276n–77n
Vernam cipher, 295n
Vigenère, Blaise de, 265n
Vigenère cipher, 60, 162, 265n
virtual private networks (VPNs), 58
virtual societies, 213–14
viruses, computer, 5, 7, 20, 130–31, 198, 200, 255n, 256n, 259n–60n, 274n, 286n
Wang Xiaoyun, 164
WannaCry malware, 7, 256n, 286n
watermarks, 14, 188
websites:
attacks on, 174, 187, 219–20, 246–47
blacklists for, 198, 200
browsers for, 1, 6, 90, 91, 92, 98, 149–50, 172–74, 189, 211, 219, 246–47, 253n, 282n, 284n–85n
certificates for, 6, 187–90, 284n
encryption for, 72–74
hacking of, 47, 97, 219
management of, 115
passwords for, 134, 141
registration with, 127, 151
search engines for, 19, 116, 260n
secure connections to, 1–2, 23, 33, 90, 149–50, 172–74, 190–92, 219–20, 246–47
Transport Layer Security (TLS) for, 149–50, 172–74, 190, 246–47, 269n, 278n, 282n, 283n–84n
see also internet
WEP Protocol, 282n, 294n
WhatsApp, 1, 58, 186–87, 203–4, 291n
Wi-Fi networks, 1, 6, 31, 47, 58, 60, 69–70, 94, 108, 113, 146, 150, 174, 186, 234, 255n, 266n, 282n, 294n
Wikipedia, 116, 117, 273n
wire-haired dachshunds, 127
Wired Equivalent Privacy (WEP), 174
World Press Freedom Index, 272n–73n
World War II, 1, 9, 58, 60–61, 157–58, 171, 207, 211, 281n
World Wide Web, 1, 62–63, 213, 237, see also internet
WPA2 protocol (Wi-Fi Protected Access), 255n, 282n
Yale locks, 59
Zeid Ra’ad Al Hussein, 8, 202–3, 257n
zero-day exploits, 220
Zimmermann, Phil, 214, 290n, 292n