Edward Snowdens Life As a Robot — NYMag

For a man accused of espionage and effectively exiled in Russia, Edward Snowden is also, strangely, free.

Snowden attending a TED conference in Vancouver in 2014.

Edward Snowden lay on his back in the rear of a Ford Escape, hidden from view and momentarily unconscious, as I drove him to the Whitney museum one recent morning to meet some friends from the art world. Along West Street, clotted with traffic near the memorial pools of the World Trade Center, a computerized voice from my iPhone issued directions via the GPS satellites above. Snowdens lawyer, Ben Wizner of the American Civil Liberties Union, was sitting shotgun, chattily recapping his clients recent activities. For a fugitive wanted by the FBI for revealing classified spying programs who lives in an undisclosed location in Russia, Snowden was managing to maintain a rather busy schedule around Manhattan.

A couple nights earlier, at the New York Times building, Wizner had watched Snowden trounce Fareed Zakaria in a public debate over computer encryption. He did Tribeca, the lawyer added, referring to a surprise appearance at the film festival, where Snowden had drawn gasps as he crossed the stage at an event called the Disruptive Innovation Awards. Wizner stopped himself mid-sentence, laughing at the absurdity of his pronoun choice: He! Behind us, Snowden stared blankly upward, his face bouncing beneath a sheet of Bubble Wrap as the car rattled over the cobblestones of the Meatpacking District.

Snowdens body might be confined to Moscow, but the former NSA computer specialist has hacked a work-around: a robot. If he wants to make his physical presence felt in the United States, he can connect to a wheeled contraption called a BeamPro, a flat-screen monitor that stands atop a pair of legs, five-foot-two in all, with a camera that acts as a swiveling Cyclops eye. Inevitably, people call it the Snowbot. The avatar resides at the Manhattan offices of the ACLU, where it takes meetings and occasionally travels to speaking engagements. (You can Google pictures of the Snowbot posing with Sergey Brin at TED.) Undeniably, its a gimmick: a tool in the campaign to advance Snowdens cause and his case for clemency by building his cultural and intellectual celebrity. But the technology is of real symbolic and practical use to Snowden, who hopes to prove that the internet can overcome the power of governments, the strictures of exile, and isolation. It all amounts to an unprecedented act of defiance, a genuine enemy of the state carousing in plain view.

We unloaded the Snowbot in front of the Whitney, where a small group had gathered to meet us for a private viewing of a multimedia exhibition by the filmmaker Laura Poitras. It was Poitras whom Snowden first contacted, anonymously, in 2013, referring to the existence of a surveillance system whose reach is unlimited but whose safeguards are not. Their relationship resulted in explosive news articles and a documentary, Citizenfour work that won a Pulitzer and an Oscar and incited global outrage. But the disclosures came at a high price for their source. If Snowden couldnt come home, Poitras at least wanted him to share vicariously in the experience of her Whitney show, Astro Noise, which took its name from an encrypted file of documents he had spirited out of the secret NSA site where he worked in Hawaii. So she had arranged a personal tour.

Outside an eighth-floor gallery, a crowd of Poitrass collaborators and Whitney curators clustered around the Snowbot as a white circle twirled on its monitor. Then, suddenly, the screen awoke and Snowden was there.

Hey! Wizner said, and the group erupted in awkward laughter. The famous fugitive was wearing a gray T-shirt, his face pallid and unshaven. (He calls himself an indoor cat.) His voice sounded choppy, but some fiddling resolved the problem, and Poitras, soft-spoken and clad in black, made introductions. Snowdens preternaturally eloquent Hong Kong hotel-room encounter with Poitras and the Guardian journalists investigating his leaks formed the core of Citizenfour, but even some of those who worked on the documentary had never met its protagonist. One of the cinematographers came forward and wrapped him in a hug.

I dont have hands, Snowden apologized. The most I can do is maybe

He scooted forward.

Sitting in the same homemade studio he uses for his frequent speaking engagements, Snowden could control the robots movements with his computer, maneuvering with uncanny agility, swiveling to make eye contact with people as they spoke to him.

Poitras began with the shows opening piece, a colorful array of prints that resembled modern abstracts but were actually found objects: visualizations of intercepted satellite signals that turned up in the vast trove of NSA documents. The whole show, theres a lot of deep research thats going on behind it, she said. She led Snowden into a darkened gallery, where a spooky ambient soundscape was playing over video footage of a U.S. military interrogation. Momentarily disoriented, he careened into a bench. But Snowden quickly figured out how to navigate in the dark. When he came to parts of the exhibit that required complicated movements lying on a platform to take in the watchful night sky over Yemen, or craning to look at an NSA document through a slit in the wall the humans hoisted him into position.

Wow, okay, I see it, Snowden said as one of Poitrass researchers held him up to view footage of a drone strikes aftermath. This is a surreal experience for a number of reasons.

When the tour was over, Snowden held an impromptu discussion, likening his decision to become a dissident to a risky artistic choice. Theres always that moment where you step out and theres nothing underneath you, he said. You hope that you can build that airplane on the way down, or if you dont, that the world will catch you. In my case, Ive been falling ever since. Still, Snowden said he had no regrets. I do have to say, he told Poitras, that I will be forever grateful that you took me seriously.

As usual, though, when the questions turned to the details of his non-robotic existence, Snowden remained courteously evasive. Whats a day in the life now? asked Nicholas Holmes, the Whitneys general counsel. Do you go for walks in the park?

Well, the Snowbot replied, I go for walks in the Whitney, apparently.

Watch the Snowbot’s visit to New York’s office.

The idea that Snowden is still walking the American streets, virtually or otherwise, is infuriating to his former employers in the U.S.-intelligence community. Its leaders no longer make ominous jokes about wanting to put him on a drone kill list as former NSA and CIA director Michael Hayden did in 2013 but they still vilify him and maintain that he did real harm to Americas safety and international standing. While Snowdens leaks revealed the NSAs controversial and possibly unconstitutional bulk collection of domestic internet traffic and telephone metadata, they also exposed technical details about many other classified activities, including overseas surveillance programs, secret diplomatic arrangements, and operations targeting legitimate adversaries. The spy agencies warn that the public doesnt comprehend the degree of damage done to their protective capabilities, even as events like the Orlando nightclub massacre demonstrate the destructive reach of terrorist ideology. The fallout from Snowdens actions may have prompted a debate about security and privacy that even President Obama acknowledges will make us stronger, but there has been no such reassessment, at least officially, of Snowden himself. He still faces charges of violating the federal Espionage Act, crimes that could carry a decades-long prison sentence.

When Snowden first revealed the NSAs surveillance and his own identity to the world three years ago this month, there was little reason to believe that he would be in a position to communicate much of anything in the future. The last person to leak classified information of such magnitude, Chelsea Manning, was sentenced to 35 years in prison. (Manning, who was held in solitary confinement while awaiting trial, has largely communicated to the public through letters.) Yet so far, to his own surprise, Snowden has managed to avoid the long arm of U.S. law enforcement by finding asylum in Russia. Leaving aside, at least for the moment, the ethics of his actions (and the internal contradictions of his residence in an authoritarian state ruled by a former KGB operative), Snowdens case is, in fact, a study in the boundless freedoms the internet enables. It has allowed him to become a champion of civil liberties and an adviser to the tech community which has lately become radicalized against surveillance and, in the process, the worlds most famous privacy advocate. After he appeared on Twitter last September his first message was Can you hear me now? he quickly amassed some two million followers.

I feel like were sort of dancing around the leadership conversation, Snowden said to me recently as I sat with him at the ACLU offices. Over the past few months, we have encountered one another with some regularity, and while I cant claim to know him as a flesh-and-blood person, Ive seen his intellect in its native habitat. He is at once exhaustively loquacious and reflexively self-protective, prone to hide behind smooth oratory. But occasionally, he has let down his guard and talked like a human being. Im able to actually have influence on the issues that I care about, the same influence I didnt have when I was sitting at the NSA, Snowden told me. He claims that many of his former colleagues would agree that the programs he exposed were wrongfully intrusive. But they have no voice, they have no clout, he said. One of the weirder things thats come out of this is the fact that I can actually occupy that role. Even as the White House and the intelligence chiefs brand him a criminal, he says, they are constantly forced to contend with his opinions. Theyre saying they still dont like me tut-tut, very bad but they recognize that it was the right decision, that the public should have known about this.

Needless to say, it is initially disorienting to hear messages of usurpation emitted, with a touch of Daft Punkish reverb, from a $14,000 piece of electronic equipment. Upon meeting the Snowbot, people tend to become flustered there he is, that face you know, looking at you. That feeling, familiar to anyone whos spotted a celebrity in a coffee shop, is all the more strange when the celebrity is supposed to be banished to the other end of the Earth. And yet he is here, occupying the same physical space. The technology of telepresence feels different from talking to a computer screen; somehow, the fact that Snowden is standing in front of you, looking straight into your eyes, renders the experience less like enhanced telephoning and more like primitive teleporting. Snowden sometimes tries to put people at ease by joking about his limitations, saying humans have nothing to fear from robots so long as we have stairs and Wi-Fi dead zones in elevators. Still, he is quite good at maneuvering on level ground, controlling the robots movements with his keyboard like a gamer playing Minecraft. The eye contact, however, is an illusionSnowden has learned to look straight into his computers camera instead of focusing on the faces on his screen.

Heres the really odd thing, though: After a while, you stop noticing that he is a robot, just as you have learned to forget that the disembodied voice at your ear is a phone. Snowden sees this all the time, whether he is talking to audiences in auditoriums or holding meetings via videoconference. Theres always that initial friction, that moment where everybodys like, Wow, this is crazy, but then it melts away, Snowden told me, and after that, regardless of the fact that the FBI has a field office in New York, I can be hanging out in New York museums. The technology feels irresistible, inevitable. Hes the first robot I ever met; I doubt hell be the last.

Wizner, the head of the ACLUs Speech, Privacy, and Technology Project, says that Snowden asked him to do some research on telepresence in their first conversation, back when he was still very much on the lam. Now that his situation has stabilized at least for the time being he and Snowdens small coterie of advisers are discussing ways they might use it for a widening range of purposes. Glenn Greenwald, one of Snowdens original journalistic collaborators, jokingly talks about taking the Snowbot on the road. I would love to let it loose in the parking lot of Fort Meade, where the NSA is headquartered, he said. Or to randomly go into grocery stores. More seriously, Snowdens advisers are in discussions about a research fellowship at a major American university. Already, the Snowbot has twice taken road trips to Princeton University, where he has participated in wide-ranging discussions about the NSAs capabilities with a group of renowned academic computer-security experts, rolling up to cryptographers during coffee breaks and dutifully posing for selfies.

For larger gatherings, Snowden usually dispenses with the robot, addressing audiences from giant screens. (He often opens with an ironic reference to Big Brother.) He is scheduled to make more than 50 such appearances around the world this year, earning speaking fees that can reach more than $25,000 per appearance, though many speeches are pro bono. Besides allowing Snowden to make a good living, his virtual travels on the public-lecture circuit are part of a concerted campaign to situate him within a widening zone of political acceptability. One of the things we were trying to do is to normalize him, says Greenwald. Normalize his life, normalize his presence. In 2014, Snowden joined Poitras and Greenwald on the board of the Freedom of the Press Foundation, a San Francisco nonprofit, and last year he was elected chairman. It serves as a base for his advocacy and gives him access to a staff of technologists with whom he has been working on encryption projects, tools intended to allow journalists to communicate with people that live in situations of threat in other words, people like Snowden himself.

Through a network of intermediaries chief among them Wizner, who acts as his advocate, gatekeeper, and talent agent in the United States Snowden is able to establish contact with almost anyone he desires to meet. Eds now getting a lot of people on the phone, and its broadening his horizons, says the author Ron Suskind, who has spoken with him on several occasions and recently had him lecture to a class he and Lawrence Lessig were teaching at Harvard Law School. Snowden also recently spoke to Amal Clooneys law class at Columbia, starred in an episode of the Vice show on HBO, and published a manifesto on whistle-blowing on the Intercept, the website Poitras and Greenwald started with the billionaire Pierre Omidyar. And he has been maintaining his presence on Twitter, where he has been playfully talking up Oliver Stones forthcoming film, Snowden, which will star Joseph Gordon-Levitt.

The biopics September release date matches up with Wizners timetable for mobilizing a clemency appeal to Obama. Were going to make a very strong case between now and the end of this administration that this is one of those rare cases for which the pardon power exists, Wizner said. Its not for when somebody didnt break the law. Its for when they did and there are extraordinary reasons for not enforcing the law against the person. He says that while no single event is likely to shift opinion in Washington, Snowdens activities work in the aggregate to further his cause.

One thing Snowden refuses to do, however, is apologize. If anything, the last three years have turned him more strident. Whereas he once espoused a fuzzy dorm-room libertarianism some of it was kind of rudimentary, Greenwald recalls today he offers a more traditional leftist critique of the deep state. On Twitter, he has been admiring of Bernie Sanders, acerbic about Hillary Clintons foreign policy, and bitingly sarcastic about her handling of classified emails. In February, he tweeted: 2016: a choice between Donald Trump and Goldman Sachs. He sees himself as part of a hacktivist movement, and he took pride when the anonymous source behind the massive cache of offshore banking data known as the Panama Papers cited Snowdens example. In his Intercept essay, he called such leaking an act of resistance.

WNYC recently staged a sold-out Friday-night event at the Brooklyn Academy of Music, not far from Fort Greene Park, where some artists surreptitiously erected a Snowden bust last year. At the appointed time, the fugitive appeared on a screen at the front of an ornate opera hall. It was around 2:30 a.m. in Moscow, but Snowden looked wide-awake, wearing an open-collared shirt and blazer and his customary stubble. In an extraordinary and unpredictable way, he told the audience, my own circumstances show there is a model that ensures that even if were left without a state, we arent left without a voice.

When Snowden went public, one of the first people he sought out was a historical antecedent: Daniel Ellsberg, the military analyst who leaked the Pentagon Papers. He, too, was briefly a fugitive and faced Espionage Act charges, until they were dropped because of the illegal retaliatory actions of President Nixon. Now 85, Ellsberg was eager to talk to Snowden and they connected over an encrypted chat program.

I had the feeling that, as I suspected from the beginning, we really were kindred souls, Ellsberg told me.

Ellsberg, mindful of Mannings experience, advised Snowden to give up any thought of returning home. Snowden was inclined to agree. From the beginning, he had spoken fatalistically about the consequences of his actions. All my options are bad, Snowden acknowledged in his first interview in Hong Kong, which was published in the Guardian. If the American government didnt grab him, the Chinese might, just to find out what he knew. He hinted that the CIA might even try to kill him, either directly or through an intermediary like a triad gang. And thats a fear Ill live under for the rest of my life, however long that happens to be, Snowden said at the time.

He didnt have a plan, says Wizner. Snowden assumed that he would probably be silenced in one way or another, so he worked with a sympathetic programmer in the United States to design a website, supportonlinerights.com, which was to contain a letter addressed to the public. But instead, he more or less got away with it. After a nervy flight and an agonizing five-week wait in limbo at the Moscow airport, he was granted temporary asylum in Russia by President Vladimir Putin. Photos soon appeared in the Russian media showing Snowden pushing a grocery cart and looking slyly over his shoulder on a riverboat ride. It was an uneasy deliverance, though, one seemingly subject to Putins unpredictable geopolitical power considerations.

Snowden argues that he was put in Russia by the U.S. government, which canceled his passport while he was en route to Ecuador, trapping him in Moscow during a layover. But to critics, his dependence on Putin is discrediting. I am not saying that he is a Russian spy, but he is in a tough spot, says journalist Fred Kaplan, author of the recent book Dark Territory: The Secret History of Cyber War. He is in a position where, because of his captive status, he cant really say anything that terribly critical about his hosts, who happen to be some of the most sophisticated and intrusive cyberespionage hackers in the world. Many in the intelligence community darkly speculate about the nature of Snowdens accommodation with the FSB, the Russian security service, which is not renowned for its hospitality or respect for civil liberties.

Although Snowden acknowledges that he was approached by the FSB, he claims he has given them no information or assistance, and he vehemently denies he is anyones puppet. He cheered the release of the Panama Papers, which contained voluminous evidence of corruption in Putins inner circle. I have called the Russian president a liar based on his statements on surveillance, in print, in the Guardian, he said with an uncharacteristic flash of annoyance, when I asked whether he felt any constraints in discussing Russia. I have criticized Russias laws on this, that, and the other. Its just frustrating to get the question because its like, look, what do I have to do?

Snowden seems determined to refute predictions that he would end up broken, like so many whistle-blowers before him, or drunk and disillusioned, like a stereotypical Cold War defector. (He has claimed that he drinks nothing but water.) People think of Moscow as being hell on earth, he said during his Whitney visit. But when youre actually there, you realize its not that much different than other European cities. Their politics are wildly different, and of course really theyre problematic in so many ways, but the normal people, they want the same things. He says he does his own shopping and takes the metro. Family members come to visit. His longtime girlfriend, Lindsay Mills, reunited with him in Moscow and has posted Instagram snapshots of her life there.

Last year, before Halloween, Mills posted a Photoshopped picture that posed the couple in front of FBI headquarters, with Snowden costumed as the capped protagonist of Wheres Waldo? As improbable as it may sound, he has told confidants that he doesnt think the U.S. government has managed to pin down his exact whereabouts. He says he has designed his new life around his unique threat model, minimizing his vulnerability to tracking by giving up modern conveniences like carrying a phone. He does not believe that hes shadowed all the time by the CIA, says Ellsberg, who has been in regular contact. But he does believe that he is in the sights of the FSB all the time, partly to keep him safe. Snowden is most at ease when hes on the internet, an environment he feels he can control. As a former systems engineer, he has been able to construct back-end protections that allow him to feel confident that he can evade locational detection, even when he is using the internet like a civilian. He has sometimes chatted via video on Google Hangouts.

Snowden is more wary about in-person meetings, typically conducting them in hotels like the Metropol near Red Square. More than a year after they began speaking, Ellsberg finally had the opportunity to meet Snowden in person, when he visited Moscow with an informal goodwill delegation that also included the actor John Cusack and the leftist Indian author Arundhati Roy. At the appointed time, Snowden called and said to meet him in the lobby of their hotel. Cusack took the elevator downstairs, and Snowden surprised him by getting on at the fourth floor. When they returned to the room, Ellsberg greeted Snowden by saying, Ive been waiting 40 years for someone like you.

Two days of marathon bull sessions and room-service dining ensued. Ellsberg tried unsuccessfully to get confirmation of some long-held suspicions about the extent of the NSAs spying on Americans. Periodically, Snowden would point to the ceiling, to remind the room that others were probably listening. Cusack and Roy later recounted the conversation in a 13,000-word essay, writing that when the meeting was over, Ellsberg lay down on Johns bed, Christ-like, with his arms flung open, weeping for what the United States has turned into a country whose best people must either go to prison or into exile.

The notion that Snowden has become, to some, a sort of mythic figure the Oracle of the Metropol is profoundly annoying to the people who actually hold the nations intelligence secrets. Id love to see him come back to the U.S. and take his medicine, says Robert Litt, general counsel for the Office of the Director of National Intelligence, who has been deeply involved in both the legislative fallout from the NSA revelations and internal government discussions over the potential prosecution of Snowden. Litt says he sees the consequences of Snowdens actions on extremist message boards, which now exhort jihadis to use encryption. It cannot be disputed, he told me, that this has had immeasurable impact.

Snowden believes that officials like Litt are merely trying to scare the public into acquiescence. Last October, the two had a showdown of sorts when they spoke back-to-back at a conference at Bard College. Each time we have an election, its like another round of a game, Snowden told the students. Using a livecasting program designed for gamers that allows him to project illustrations, he filled the auditorium screen with an image of George W. Bush shaking hands with Obama. The policies of one president become the policies of another. Then he played a video clip of the cleric Anwar al-Awlakis son, a 16-year-old American citizen killed by a drone strike in Yemen. He cited a leaked 2015 email in which Litt addressed the hostile legislative climate, recommending keeping our options open for a change in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement.

Surveillance is ultimately not about safety, Snowden said. Surveillance is about power. Surveillance is about control.

Litt opened his remarks by joking that he could sympathize with the act that went on Ed Sullivan after the Beatles. I can hear the NSAs opinion any day, one student stage-whispered, as he and many others got up to head for the exits. Litt called after them, saying he was disappointed with the disdain given that this is an academic environment. He then elaborated on the ominous sentiment expressed in his email.

Every time something bad happens, the finger gets pointed at the intelligence community, Litt said. There is a pendulum that swings back and forth, in terms of the public view of the intelligence community, between, You mean youre doing what? and Why didnt you protect us? And thats a pendulum thats going to swing again.

While much of Washington remains hostile to him, Snowden is far more hopeful about Silicon Valley and is increasingly focusing his efforts on influencing technology and the people who make it. Like me, they grew up with this stuff, he told me. They remember what the internet was like before everybody felt it was being watched.

The Snowden leak was like a gut punch for people across Silicon Valley, says Chris Sacca, a venture capitalist who invested early in Twitter and Uber and who now appears on the television show Shark Tank. Sacca was personally friendly with Obama, raising large sums for his 2012 campaign, but was shocked when he discovered the extent of the NSAs spying and has since become a vocal Snowden supporter. Last November, Sacca did an admiring interview with Snowden at the Summit at Sea, an invite-only weekend of seminar talks and techno dancing aboard a cruise ship, which was attended by the likes of Eric Schmidt, chairman of Alphabet, and Travis Kalanick, CEO of Uber. After fielding over an hour of tough questions, Sacca says, he got a resounding standing ovation from the room.

Even as Snowden captivated the audience on the boat, though, terrorists were mounting a bloody coordinated attack in Paris. The pendulum was swinging back. At first, Wizner says, Snowden was shaken he worried that the attacks had wiped out all of his progress. Almost immediately, anonymous security sources blamed encryption for giving cover to the attackers. (Subsequent reports suggest they may have been more reliant on primitive tactics, like using burner phones.) They dragged out all the old CIA directors, the line of disgrace, to suddenly try to reclaim a halo, Snowden told me. It did look really exploitative. For three weeks, he went quiet, posting just once to Twitter, quoting Nelson Mandela about triumphing over fear. Meanwhile, Syed Farook and Tashfeen Malik attacked in San Bernardino, and Trump called for a ban on Muslim immigration.

Wizner advised his client to be patient. Snowden sometimes says he thinks of his existence like a video game: a series of challenges that culminate in a final screen, where you either win or its game over. But political outcomes are never so final its an iterative process. In February, when Apple announced it was refusing to break into Farooks iPhone for the FBI, Snowden was suddenly scoring points again. (The @FBI is creating a world where citizens rely on #Apple to defend their rights, he tweeted, rather than the other way around.) In an open letter, Tim Cook, Apples chief executive, talked the way Snowden does about privacy, encryption, and government overreach. The next day, Snowden spoke at Johns Hopkins University, where hundreds of shivering students lined up to get into a packed auditorium. This is a case thats not about San Bernardino at all; its not a case thats about terrorism at all, Snowden warned. Its about the precedent.

Litt believes that, besides giving information to enemies, Snowdens disclosures have also had a radicalizing effect in the private sector. The technology and communications community has moved from a position of willingness to cooperate, he told me, to an attitude that ranges from neutrality to outright hostility, which is an extremely bad thing. Recently, Snowden has been working with technical experts who are mobilizing to fortify the internets weak spots, both through collaborations with academic researchers and back-channel conversations with employees at major tech companies.

In all of these conversations, Snowden is operating on the assumption that a truly private space on the internet could be easier to create than to legislate that it may be more fruitful to coax programmers to invent something that is difficult to hack than it would be to try to reshape the entire national-security bureaucracy so it stops trying. Im regularly interacting with some of the most respected technologists and cryptographers in the world, Snowden said. I believe that theres actually a lot more influence that results from those sorts of conversations, because so much of technology is an expert game.

The aspect of the Snowden leaks that most outraged technology experts was not the NSAs communications surveillance but its efforts to undermine encryption, which had broad impacts on computer security. That news has created a period of innovation in encryption, says Moxie Marlinspike, the San Franciscobased security specialist who developed Signal, the messaging program that Snowden likes to use to communicate. Marlinspike has become friendly with Snowden, whom he met in Moscow, where they had a lengthy discussion about the trade-offs between security and usability. (Snowden is always seeing holes hackers can poke through; Marlinspike wants to make encryption accessible to laypeople.) In April, WhatsApp, which is owned by Facebook, announced that it had integrated the Signal protocol Marlinspike developed, allowing it to offer end-to-end encryption. Those sorts of technical decisions, like Apples strengthened encryption standards, affect the privacy of millions of customers.

But Snowden is skeptical of the motives of tech companies. Corporations arent friends of the people, corporations are friends of money, he said. He prefers to collaborate with academics and hacktivists, some of whom are helping him with projects he is developing for the Freedom of the Press Foundation. It already manages SecureDrop, a system for anonymously leaking documents, and the nonprofits technical staff is working with Snowden to develop other programs tailored to protect journalists and whistle-blowers. His goal with us is to start designing and prototyping what the tools of the future will look like, says Trevor Timm, the foundations executive director. One of Snowdens priorities, unsurprisingly, is improving the security of videoconferencing.

About once a week, the team meets on a beta-stage video platform, where they discuss the painstaking work of testing their technology, a probing process called dogfooding. As a prime target for hacking attacks, Snowden is in a unique position to appreciate extreme-threat models. He often comes up with exotic problems to solve and is able to bring in outside minds for confidential consultations. Were building small projects, Snowden says, but he cant help but see larger applications. He talks enthusiastically about virtual reality, which could soon supplant videoconferencing. In five years this shits going to blow your mind, Snowden told me. But he also sees potential dangers. Suddenly, youve got every government in the world sitting in every meeting with you.

Snowden is especially concerned about the monitoring power of Facebook, which acquired Oculus VR, the virtual-reality headset maker, for $2 billion. What if Facebook has a copy of every memory that you ever made with someone else in these closed spaces? he asked rhetorically. We need to have space to ourselves, where nobodys watching, nobodys recording what were doing, nobodys analyzing, nobodys selling our experiences.

It is clear that in virtual reality, Snowden sees more than just a work tool. Right now, the technology is not quite there, but this is the first step, the Snowbot told Peter Diamandis, the space entrepreneur and Singularity University co-founder, in an interview at this years Consumer Electronics Show. I have someone who is very close to me, Snowden explained, who was the victim of a serious car accident, and because of that they cant travel. Virtual reality could bring them together. Or it could allow him to visit home for Thanksgiving, overcoming what he calls the tyranny of distance.

More than one person told me that, after talking to Snowden for hours on end, they got the sense that he is lonely. His conversation is preoccupied with the theme of escape. He recently collaborated on a track with a French musician, delivering a spoken-word monologue on surveillance over an electronic beat, and recommended the title: Exit.

Snowden sometimes says that although he lives in Russia, he does not expect to die there, and he told me he is optimistic that he will find a way out, somehow. Maybe some Scandinavian country will offer him asylum. Maybe he can work out some kind of deal whether outright clemency or a plea bargain with the Justice Department. Wizner has been working with Plato Cacheris, a well-connected Washington defense attorney, but so far, there have been no official signals that the Justice Department would be willing to offer the kind of lenient terms Snowden would accept. And a window may be closing. He is unlikely to receive a more receptive hearing from Hillary Clinton, who has said he shouldnt be allowed to return without facing the music. As for Donald Trump: He has called Snowden a total traitor and suggested he should be executed. If Im president, he predicted last year, Putin says, Hey, boom youre gone.

So the comparatively thoughtful Obama may be Snowdens best hope, but even Snowdens allies concede that they doubt the outgoing president has the inclination to offer a pardon. There is an element of absurdity to it, Snowden told me. More and more, we see the criticisms leveled toward this effort are really more about indignation than they are about concern for real harm. He says he would return and face the Espionage Act charges if he could argue to a jury that he acted in the public interest, but the law does not currently allow such a defense. These people have been thinking about the law for so long that they have forgotten that the system is actually about justice, Snowden said. They want to throw somebody in prison for the rest of his life for what even people around the White House now are recognizing our country needed to talk about.

Earlier this year, Snowden was buoyed by an invitation from an unexpected source. David Axelrod, the presidents former top political strategist, asked him to appear at the institute he now runs at the University of Chicago. Beforehand, they had a video chat. The president of the United States closest advisers, Snowden told me later, are now introducing me and sharing the stage with me in ways that arent actually critical. Im not saying this to build myself up. Im talking about the recognition by even the people who have the largest incentives to delegitimize me as a person, that maybe we overreacted, maybe this is a legitimate conversation that we need to have.

Axelrod asked Geoffrey Stone, a liberal law professor who is friendly with Obama, to moderate the public talk. Stone is a member of the ACLUs National Advisory Council and the author of a book titled Top Secret: When Our Government Keeps Us in the Dark, but he also served on Obamas commission to review the NSAs surveillance programs, an experience that gave him access to classified information and a dim view of Snowden. My view is that he cannot be granted clemency, because he did commit a criminal offense and it did considerable harm, Stone told me. The people who are celebrating Snowden have no understanding of the harm, for the reason that the people in the intelligence world cant really explain the harm to them. Snowden considered Stones position to be an example of regulatory capture, proof of the seductive power of security clearances. Secret knowledge, Snowden says, is a very intoxicating thing.

Still, Snowden was looking forward to the debate, if only because it illustrates his progress. Wizner, who considered the Axelrod relationship important to his future clemency push, attended the May event in person. Weve gone from the president saying Were not going to scramble jets for a 29-year-old hacker to talking with the presidents rabbi, Wizner said backstage as event staff set up computers and projection equipment. Thats a good journey for us.

Axelrod shambled in, looking sleepy-eyed as always, as students filled the auditorium and Wizner texted last-minute instructions to his client over Signal. Whatever you think about Edward Snowden and his actions, and the adjectives range from traitor to hero, Axelrod said by way of introduction, he has indisputably triggered a really vital public debate about how we strike a balance between civil liberties and security. He sat down in the front row as Snowdens bashful grin filled a large screen.

Snowden had already done one event that day, a cybersecurity conference in Zurich, and he seemed weary as Stone probed for logical weaknesses. The law professor asked when it was appropriate for a relatively low-level official in the national-security realm to take it upon himself to decide that it is in the national interest to disclose the existence of programs that have been approved To decide for himself that I think theyre wrong. Snowden gave his usual homilies about the Constitution, whistle-blowing, and civil disobedience. Do we want to create a precedent that dissidents should be volunteering themselves not for the 11 days in jail of Martin Luther King or the single night of Thoreau, he asked, but 30 years or more in prison, for what is an act of public service?

Stone pointed out that Congress could pass a law allowing defendants to make a whistle-blowing defense in Espionage Act cases but shows no signs of doing it. You believe in democracy, Stone said. But democracy doesnt agree with you. The professor jabbed and Snowden weaved, setting his jaw and taking swigs from a big plastic water bottle. But when the floor opened for questions, it was clear who had won the audience. One student after another got up to offer Snowden praise.

Did you expect to become a celebrity in this way? one asked.

If you go back to June 2013, Snowden said, I said, Look, guys, stop talking about me, talk about the NSA. But he added, Our biology, our brains, the way we relate to things, is about character stories. So they simply would not let me go.

Axelrod watched impassively, his fingers tented under his nose. The full effect of Snowdens performance did not become clear until a few weeks later, when Axelrod had Eric Holder the former attorney general, once Snowdens chief pursuer on his podcast, The Axe Files. Holder allowed that Snowden actually performed a public service, while Axelrod calmly presented Snowdens arguments.

I think there has to be a consequence for what he has done, Holder replied. But I think, you know, in deciding what an appropriate sentence should be, I think a judge could take into account the usefulness of having had that national debate.

Holders concession made international headlines. It didnt mean anything legally, but symbolically it spoke volumes. Political realities were starting to come into alignment with Snowdens virtual ones. From his computer in Moscow, Snowden tweeted:

2013: Its treason!2014: Maybe not, but it was reckless2015: Still, technically it was unlawful2016: It was a public service but2017:

*This article appears in the June 27, 2016 issue of New York Magazine.

More here:
Edward Snowdens Life As a Robot — NYMag

The 10 Biggest Revelations From Edward Snowden’s Leaks

One year ago, the Guardian published its first bombshell story based on leaked top-secret documents showing that the National Security Agency was spying on American citizens.

At the time, journalist Glenn Greenwald and the Guardian never mentioned that they had a treasure trove of other NSA documents, nor that they came from one person. Then three days later, the source surprisingly unmasked himself: His name was Edward Snowden.

Journalist Glenn Greenwald and the Guardian won a Pulitzer Prize for reporting based on Snowden’s information.

Image: John Minchillo/Associated Press

When asked if more revelations were in the pipeline, Greenwald always used to respond that yes, many more were coming and he wasn’t kidding. Over the next year, explosive stories began to trickle out of those documents. Here are the top 10 revelations of the year.

The very first story revealed that Verizon had been providing the NSA with virtually all of its customers’ phone records. It soon was revealed that it wasn’t just Verizon, but virtually every other telephone company in America.

This revelation is still one of the most controversial ones. Privacy advocates have challenged the legality of the program in court, and one Judge deemed the program unconstitutional and “almost Orwellian,” while another one ruled it legal.

The uproar caused by this first story has led President Barack Obama to endorse a reform to the program, and the House of Representatives to pass the first law that tries to change it.

The existence of PRISM was the second NSA bombshell, coming less than 24 hours after the first one. Initially, reports described PRISM as the NSA’s program to directly access the servers of U.S tech giants like Google, Facebook, Microsoft and Apple, among others.

Its reality was slightly different.

PRISM, we soon learned, was less less evil than first thought. In reality, the NSA doesn’t have direct access to the servers, but can request user data from the companies, which are compelled by law to comply.

PRISM was perhaps as controversial as the first NSA scoop, prompting technology companies to first deny any knowledge of it, then later fight for the right to be more transparent about government data requests. The companies ended up partially winning that fight, getting the government to ease some restrictions and allow for more transparency.

The British spy agency, the Government Communications Headquarters (GCHQ), taps fiber optic cables all over the world to intercept data flowing through the global Internet, we learned. The GCHQ works closely with the NSA, sharing data and intelligence in a program that’s codenamed Tempora.

Tempora is one of the key NSA/GCHQ programs, allowing the spy agencies to collect vasts troves of data, but for some reason, it has sometimes been overlooked. After a couple of months from the Tempora revelation, a German newspaper revealed the names of the companies that collaborate with the GCHQ in the Tempora program: Verizon Business, British Telecommunications, Vodafone Cable, Global Crossing, Level 3, Viatel and Interoute.

U.S. President Barack Obama, right, and German Chancellor Angela Merkel are seated together at a G7 dinner in Brussels, on June 4. Their relationship has been tense since reports revealed that the NSA tapped Merkel’s phone.

Image: Charles Dharapak/Associated Press

Over the months, countless stories based on Snowden documents have revealed that the NSA has spied on numerous world leaders and foreign governments.

The German newsweekly Der Spiegel revealed that the NSA targets at least 122 world leaders.

Other stories over the past years have named specific targets like German Chancellor Angela Merkel, Brazil’s President Dilma Roussef, and Mexico’s former President Felipe Calderon, the French Foreign Ministry, as well as leaders at the 2010 G8 and G20 summits in Toronto.

XKeyscore is a tool the NSA uses to search “nearly everything a user does on the Internet” through data it intercepts across the world. In leaked documents, the NSA describes it as the “widest-reaching” system to search through Internet data.

Encryption makes data flowing through the Internet unreadable to hackers and spies, making the NSA’s surveillance programs less useful. What’s the point of tapping fiber optic cables if the data flowing through them is unreadable? That’s why the NSA has a developed a series of techniques and tricks to circumvent widely used web encryption technologies.

The NSA, however, isn’t able to compromise the encryption algorithms underlying these technologies. Instead, it circumvents or undermines them, forcing companies to install backdoors, hacking into servers and computers, or promoting the use weaker algorithms.

In any case, technologists were alarmed.

“Even as the NSA demands more powers to invade our privacy in the name of cybersecurity, it is making the Internet less secure and exposing us to criminal hacking, foreign espionage, and unlawful surveillance. The NSA’s efforts to secretly defeat encryption are recklessly shortsighted and will further erode not only the United States’ reputation as a global champion of civil liberties and privacy but the economic competitiveness of its largest companies,” Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU) said at the time.

The NSA has at its disposal an elite hacker team codenamed “Tailored Access Operations” (TAO) that hacks into computers worldwide, infects them with malware and does the dirty job when other surveillance tactics fail.

Der Spiegel, which detailed TAO’s secrets, labelled it as “a squad of plumbers that can be called in when normal access to a target is blocked.” But they can probably be best described as the NSA’s black bag operations team.

TAO comes in for specific, targeted operations when the NSA can’t find intelligence or needs more detailed information on a target through its bulk surveillance programs. Before Snowden, most of their operations and techniques were shrouded in secrecy, and their secrets make for one of the most fascinating revelations.

When bulk collection or PRISM fails, the NSA had other tricks up its sleeve: It could infiltrate links connecting Yahoo and Google data centers, behind the companies’ backs.

This revelation was made famous mostly by a Power Point slide that included a celebratory smiley face.

This story truly enraged the tech companies, which reacted with much more fury than before. Google and Yahoo announced plans to strengthen and encrypt those links to avoid this kind of surveillance, and a Google security employee even said on his Google+ account what many others must have thought privately: “Fuck these guys.”

It’s not just about Internet data though. The NSA, following its unofficial motto of “collecting it all,” intercepts 200 million text messages every day worldwide through a program called Dishfire.

In leaked documents, the agency described the collected messages as a “goldmine to exploit” for all kinds of personal data.

Other documents also revealed that the NSA can “easily” crack cellphone encryption, allowing the agency to more easily decode and access the content of intercepted calls and text messages.

The NSA intercepts and stores all phone calls made in the Bahamas and Afghanistan through a program called MYSTIC, which has its own snazzy logo.

The Bahamas was revealed by The Intercept, Greenwald’s new website, while the second was revealed by WikiLeaks, which protested The Intercept’s decision to withhold the second country’s name.

The NSA also collects all phone calls’ metadata in Mexico, Kenya and the Philippines.

(H/T to the site Free Snowden, which has an extensive and detailed list of all the NSA revelations.)

Read more here:
The 10 Biggest Revelations From Edward Snowden’s Leaks

Bitcoin – Bitcoin Price Live, BTC Value, Mining, BTC to USD …

THE TEAM

Bitcoin was created by an anonymous name called Satoshi Nakamoto Other notable names rumored to be part of the team include

The practical uses of Bitcoin

If you have the required hardware, you can mine bitcoin even if you are not a miner. There are different ways one can mine bitcoin such as cloud mining, mining pool, etc. For cloud mining, all you need to do is to connect to the datacenter and start mining. The good thing about this is that you can mine from anywhere and you dont need a physical hardware to mine.

For mining pool, all you need to do is to join a mining group, and if that team solves a computational problem, blocks are added to the blockchain, they get the reward and you get a share of it based on your contribution.

PoW algorithm-SHA-256 is used for mining. Which utilizes a lot of computational power.

Bitcoin mining saps energy, costly, uses more power and also the reward delays. For mining, run software, get your wallet ready and be the first to solve a cryptographic problem and you get your reward after the new blocks have been added to the blockchain.Mining is said to be successful when all the transactions are recorded in the blockchain and the new blocks are added to the blockchain.

Notes for investors

Die-hard Bitcoin supporters believe that bitcoin is the future; we are just scratching the surface.Considering the continuous rise of bitcoin in the market capitalization, it is one investment every investor needs to take advantage of it.

The current market capitalization of bitcoin stands at an all-time high of $109 billion. As at January 2016, bitcoin was traded at I BTC for $970 but today is being traded at $6,600 for 1 BTC.

From the statistics presented above, it that bitcoin is one investment, you will never regret embarking on. It keeps recording an impressive results daily in the cryptocurrency market.

MUST READ!

Cryptocurrency investment is speculative, and it involves unquantifiable risks the market is full of uncertainty, susceptible to attack and capital loss, and sensitive to secondary issues, time may do not permit to mention here.Seek advice before investing.

Read the original post:

Bitcoin – Bitcoin Price Live, BTC Value, Mining, BTC to USD …

Cryptography – Engineering and Technology History Wiki

Cryptography Background

The word cryptography comes from the Greek words kryptos meaning hidden and graphein meaning writing. Cryptography is the study of hidden writing, or the science of encrypting and decrypting text and messages.

It is believed that the oldest known text to contain one of the essential components of cryptography, a modification of the text, occurred some 4000 years ago in the Egyptian town of Menet Khufu where the hieroglyphic inscriptions on the tomb of the nobleman KHNUMHOTEP II were written with a number of unusual symbols to confuse or obscure the meaning of the inscriptions.

In 5BC the Spartans, a warrior society famed for their austere lifestyle, bravery, and skill in battle, developed a cryptographic device to send and receive secret messages. This device, a cylinder called a Scytale, was in the possession of both the sender and the recipient of the message. To prepare the message, a narrow strip of parchment or leather, much like a modern-day paper streamer, was wound around the Scytale and the message was written across it. Once unwound, for transport to the receiver, the tape displayed only a sequence of meaningless letters until it was re-wound onto a Scytale of exactly the same diameter. The code, produced by unwinding the tape, was a TRANSPOSITION cipher, that is, one where the letters remain the same but the order is changed. This is still the basis for many popular modern-day techniques.

The other major ingredient of these modern techniques is the ADDITIVE/SUBSTITUTION cipher. Although the Greek writer Polyibus described a substitution technique, its first recorded use was by Julius Caesar. Messages were encoded by substituting the letter in the text by one that is three positions to the right. A became D, V became Y etc. The reason why a substitution of three letters, and not four, two or six, was chosen has never been explained.

In an essay written in 1466, an Italian Leon Battista Alberti who is often called the father of western cryptography, described the construction of a cypher disk, founding the concept of POLY ALPHABETIC ciphers. Although he had made the most important advance in cryptography in at least five hundred years, he did not develop his concept. It was left for others, the best known being the French cryptographer Blaise de Vigenere to devise a practical poly alphabetic system which bears his name, the VIGENERE SQUARE. At the time, and for a considerable time afterwards this technique was believed to be unbreakable (Le Chiffre Indechiffrable). There was however a weakness in this cipher waiting to be exploited because the cyphertext produced by this method was vulnerable to the yet undiscovered statistical attack.

The earliest known use of cryptography is found in non-standard hieroglyphs carved into monuments from Egypt’s Old Kingdom (ca 4500+ years ago). These are not thought to be serious attempts at secret communications, however, but rather to have been attempts at mystery, intrigue, or even amusement for literate onlookers. These are examples of still other uses of cryptography, or of something that looks (impressively if misleadingly) like it. Some clay tablets from Mesopotamia, somewhat later are clearly meant to protect information they encrypt recipes, presumably commercially valuable. Later still, Hebrew scholars made use of simple monoalphabetic substitution ciphers (such as the Atbash cipher) beginning perhaps around 500 to 600 BC.

Cryptography has a long tradition in religious writing likely to offend the dominant culture or political authorities. Perhaps the most famous is the ‘Number of the Beast’ from the Book of Revelation in the Christian New Testament. ‘666’ might be a cryptographic (i.e., encrypted) way of concealing a dangerous reference; many scholars believe it’s a concealed reference to the Roman Empire, or more likely to the Emperor Nero himself, (and so to Roman persecution policies) that would have been understood by the initiated (who ‘had the key to understanding’), and yet be safe or at least deniable (and so ‘less’ dangerous) if it came to the attention of the authorities. At least for orthodox Christian writing, most of the need for such concealment ended with Constantine’s conversion and the adoption of Christianity as the official religion of the Empire.

A Scytale, an early device for encryption. The Greeks of Classical times are said to have known of ciphers (e.g., the scytale transposition cipher claimed to have been used by the Spartan military). Herodotus tells us of secret messages physically concealed beneath wax on wooden tablets or as a tattoo on a slave’s head concealed by regrown hair, though these are not properly examples of cryptography per se as the message, once known, is directly readable; this is known as steganography. Another Greek method was developed by Polybius (now called the “Polybius Square”).[1] The Romans certainly did know something of cryptography (e.g., the Caesar cipher and its variations). There is ancient mention of a book about Roman military cryptography (especially Julius Caesar’s); it has been, unfortunately, lost.

In India, cryptography was also well known. It is recommended in the Kama Sutra as a technique by which lovers can communicate without being discovered.

The first page of al-Kindi’s manuscript On Deciphering Cryptographic Messages, containing the first descriptions of cryptanalysis and frequency analysis. See also: Voynich Manuscript. It was probably religiously motivated textual analysis of the Qur’an which led to the invention of the frequency analysis technique for breaking monoalphabetic substitution ciphers by al-Kindi sometime around AD 800 (Ibrahim Al-Kadi -1992). It was the most fundamental cryptanalytic advance until WWII.

Essentially all ciphers remained vulnerable to this cryptanalytic technique until the development of the polyalphabetic cipher by Leone Battista Alberti (ca 1465), and many remained so thereafter. Alberti is often called the “Father of Western Cryptology”. Johannes Trithemius, in his work Poligraphia, invented the tabula recta, a critical component of the Vigenre cipher. The French cryptographer Blaise de Vigenere devised a practical poly alphabetic system which bears his name, the Vigenre cipher.[2]

Although Leone Battista Alberti is usually considered the father of polyalphabetic cipher, Prof. Al-Kadi’s 1990 paper (ref- 3), reviewing Arabic contributions to cryptography reported knowledge of polyalphabetic ciphers 500 years before Alberti, based on a recently discovered manuscript by al-Kindi.[citation needed]

The Arab mathematician, Al-Kindi, wrote a book on cryptography entitled Risalah fi Istikhraj al-Mu’amma (Manuscript for the Deciphering Cryptographic Messages), circa AD 800. He described the first cryptanalysis techniques, including some for polyalphabetic ciphers, cipher classification, Arabic Phonetics and Syntax, and, most importantly, described the use of several techniques for cryptanalysis, and gave the first descriptions on frequency analysis.[3] He also covered methods of encipherments, cryptanalysis of certain encipherments, and statistical analysis of letters and letter combinations in Arabic.[4]

Ahmad al-Qalqashandi (1355-1418) wrote the Subh al-a ‘sha, a 14-volume encyclopaedia which included a section on cryptology. This information was attributed to Taj ad-Din Ali ibn ad-Duraihim ben Muhammad ath-Tha ‘alibi al-Mausili who lived from 1312 to 1361, but whose writings on cryptography have been lost. The list of ciphers in this work included both substitution and transposition, and for the first time, a cipher with multiple substitutions for each plaintext letter. Also traced to Ibn al-Duraihim is an exposition on and worked example of cryptanalysis, including the use of tables of letter frequencies and sets of letters which can not occur together in one word.

In Europe, cryptography became (secretly) more important as a consequence of political competition and religious revolution. For instance, in Europe during and after the Renaissance, citizens of the various Italian states the Papal States and the Roman Catholic Church included were responsible for rapid proliferation of cryptographic techniques, few of which reflect understanding (or even knowledge) of Alberti’s polyalphabetic advance. ‘Advanced ciphers’, even after Alberti, weren’t as advanced as their inventors / developers / users claimed (and probably even themselves believed). They were regularly broken. This over-optimism may be inherent in cryptography for it was then, and remains today, fundamentally difficult to accurately know how vulnerable your system actually is. In the absence of knowledge, guesses and hopes, as may be expected, are common.

Cryptography, cryptanalysis, and secret agent/courier betrayal featured in the Babington plot during the reign of Queen Elizabeth I which led to the execution of Mary, Queen of Scots. An encrypted message from the time of the Man in the Iron Mask (decrypted just prior to 1900 by tienne Bazeries) has shed some, regrettably non-definitive, light on the identity of that real, if legendary and unfortunate, prisoner. Cryptography, and its misuse, were involved in the plotting which led to the execution of Mata Hari and in the conniving which led to the travesty of Dreyfus’ conviction and imprisonment, both in the early 20th century. Fortunately, cryptographers were also involved in exposing the machinations which had led to Dreyfus’ problems; Mata Hari, in contrast, was shot.

Outside of Europe, after the end of the Muslim Golden Age at the hand of the Mongols, cryptography remained comparatively undeveloped. Cryptography in Japan seems not to have been used until about 1510, and advanced techniques were not known until after the opening of the country to the West beginning in the 1860s. During the 1920s, it was Polish naval officers who assisted the Japanese military with code and cipher development.

It wasn’t until the 19th century that cryptographers developed anything more than ad-hoc approaches to either encryption or cryptoanalysis. Examples include Charles Babbage’s Crimean War era work on the mathematical cryptanalysis of polyalphabetic ciphers, redeveloped and published somewhat later by the Prussian Friedrich Kasiski. The understanding of cryptography at this time typically consisted of hard-won rules of thumb; eg, Auguste Kerckhoffs’ cryptographic writings in the latter 19th century. Edgar Allan Poe used systematic methods to solve ciphers in the 1840s. In particular he placed a notice of his abilities in the Philadelphia paper Alexander’s Weekly Express Messenger, inviting submissions of ciphers, of which he proceeded to solve almost all. His successes created a public stir lasting several months. He later wrote an essay on methods of cryptography which proved useful as an introduction for the novice Room 40 British cryptanalysts attempting to break German codes and ciphers during World War I, and in a famous story, “The Gold Bug”, in which cryptoanalysis featured prominently.

Around 1854, Charles Babbage, developed the method of statistical analysis by which he successfully decrypted messages encrypted by the Vigenere square. Unfortunately, due to his habit of not completing the paperwork, or possibly to protect the fact that because of his work Britain could decrypt Vigenere messages sent in the Crimea, this fact was not discovered until the twentieth century. The honour of developing the statistical attack technique and cracking Vigenere was to go to the Prussian Kasiski in 1863, this technique having since been termed the “Kasiski Test”.

In 1917, Gilbert Vernam proposed a teletype cipher where a previously-prepared key, kept on a paper tape, is combined character by character with the plaintext message to produce the output ciphertext. This led to the development of the one time pad and to the use of electromechanical devices known as cipher machines.

Both cryptography and cryptoanalysis have become far more mathematical since WWII. Even so, it has taken the wide availability of computers and the Internet as a communications medium, to bring effective cryptography into common use by anyone other than national governments or similarly large enterprises.

The Enigma machine was widely used by Nazi Germany; its cryptanalysis by the Allies provided vital Ultra intelligence. By World War II, mechanical and electromechanical cipher machines were in wide use, although where such machines were impractical manual systems continued in use. Great advances were made in both cipher design and cryptanalysis, all in secrecy. Information about this period has begun to be declassified as the official British 50-year secrecy period has come to an end, as U.S. archives have slowly opened, and as assorted memoirs and articles have appeared.

The Germans made heavy use, in several variants, of an electromechanical rotor machine known as Enigma. Mathematician Marian Rejewski, at Poland’s Cipher Bureau, in December 1932 deduced the detailed structure of the German Army Enigma, using mathematics and limited documentation supplied by Captain Gustave Bertrand of French military intelligence. This was the greatest breakthrough in cryptanalysis in a thousand years and more, according to historian David Kahn. Rejewski and his mathematical Cipher Bureau colleagues, Jerzy Rycki and Henryk Zygalski, continued reading Enigma and keeping pace with the evolution of the German Army machine’s components and encipherment procedures. As the Poles’ resources became strained by the changes being introduced by the Germans, and as war loomed, the Cipher Bureau, on the Polish General Staff’s instructions, on July 25, 1939, at Warsaw, initiated French and British intelligence representatives into the secrets of Enigma decryption.

Soon after World War II broke out on 1 September 1939, key Cipher Bureau personnel were evacuated on September 17, as the Soviet Union entered eastern Poland, they crossed into Romania. From there they reached Paris, France; at PC Bruno, near Paris, they continued breaking Enigma, collaborating with British cryptologists at Bletchley Park as the British got up to speed on breaking Enigma. In due course, the British cryptographers whose ranks included many chess masters and mathematics dons such as Gordon Welchman, Max Newman, and Alan Turing the conceptual founder of modern computing substantially advanced the scale and technology of Enigma decryption.

At the end of the War, on 19 April 1945, Britain’s top military officers were told that they could never reveal that the German Enigma cipher had been broken because it would give the defeated enemy the chance to say they “were not well and fairly beaten”. [1]

US Navy cryptographers, with cooperation from British and Dutch cryptographers broke into several Japanese Navy crypto systems after 1940. The break into one of these, JN-25, famously led to the US victory in the Battle of Midway; and to the publication of that fact in the Chicago Tribune shortly after the battle, though the Japanese seem not to have noticed for they kept using the JN-25 system. A US Army group, the SIS, managed to break the highest security Japanese diplomatic cipher system (an electromechanical ‘stepping switch’ machine called Purple by the Americans) even before WWII began. The Americans referred to the intelligence resulting from cryptanalysis, perhaps especially that from the Purple machine, as ‘Magic’. The British eventually settled on ‘Ultra’ for intelligence resulting from cryptanalysis, particularly that from message traffic protected by the various Enigmas. An earlier British term for Ultra had been ‘Boniface’ in an attempt to suggest, if betrayed, that it might have an individual agent as a source.

The German military also deployed several mechanical attempts at a one-time pad. Bletchley Park called them the Fish ciphers, and Max Newman and colleagues designed and deployed the Heath Robinson, and then the world’s first programmable digital electronic computer, the Colossus, to help with their cryptanalysis. The German Foreign Office began to use the one-time pad in 1919; some of this traffic was read in WWII partly as the result of recovery of some key material in South America that was discarded without sufficient care by a German courier.

The Japanese Foreign Office used a locally developed electrical stepping switch based system, named Purple by the US, and also had used several similar machines for attaches in some Japanese embassies. One of these was called the ‘M-machine’ by the US, another was referred to as ‘Red’. All these systems were broken, to one degree or another, by the Allies.

SIGABA is described in U.S. Patent 6,175,625 , filed in 1944 but not issued until 2001. Allied cipher machines used in WWII included the British TypeX and the American SIGABA; both were electromechanical rotor designs similar in spirit to the Enigma, albeit with major improvements. Neither is known to have been broken by anyone during the War. The Poles used the Lacida machine, but its security was found to be less than intended (by Polish Army cryptographers in the UK), and its use was discontinued. US troops in the field used the M-209 and the still less secure M-94 family machines. British SOE agents initially used ‘poem ciphers’ (memorized poems were the encryption/decryption keys), but later in the War, they began to switch to one-time pads.

The VIC cipher (used at least until 1957 in connection with Rudolf Abel’s NY spy ring) was a very complex hand cipher, and is claimed to be the most complicated known to have been used by the Soviets, according to David Kahn in Kahn on Codes. For the decrypting of Soviet ciphers (particularly when one-time pads were reused), see the Venona project.

Until the 1970s, secure cryptography was largely the preserve of governments. Two events have since brought it squarely into the public domain:

The era of modern cryptography really begins with Claude Shannon, arguably the father of mathematical cryptography, with the work he did during WWII on communications security. In 1949 he published Communication Theory of Secrecy Systems in the Bell System Technical Journal and a little later the book, Mathematical Theory of Communication, with Warren Weaver. Both included results from his WWII work. These, in addition to his other works on information and communication theory established a solid theoretical basis for cryptography and also for much of cryptanalysis. And with that, cryptography more or less disappeared into secret government communications organizations such as NSA, GCHQ, and their equivalents elsewhere. Very little work was again made public until the mid ’70s, when everything changed.

The mid-1970s saw two major public i.e., non-secret; advances. First was the publication of the draft Data Encryption Standard in the U.S. Federal Register on 17 March 1975. The proposed DES cipher was submitted by a research group at IBM, at the invitation of the National Bureau of Standards (now NIST), in an effort to develop secure electronic communication facilities for businesses such as banks and other large financial organizations. After ‘advice’ and modification by NSA, acting behind the scenes, it was adopted and published as a Federal Information Processing Standard Publication in 1977 (currently at FIPS 46-3). DES was the first publicly accessible cipher to be ‘blessed’ by a national agency such as NSA. The release of its specification by NBS stimulated an explosion of public and academic interest in cryptography.

The aging DES was officially replaced by the Advanced Encryption Standard (AES) in 2001 when NIST announced FIPS 197. After an open competition, NIST selected Rijndael, submitted by two Belgian cryptographers, to be the AES. DES, and more secure variants of it (such as Triple DES; see FIPS 46-3), are still used today, having been incorporated into many national and organizational standards. However, its 56-bit key-size has been shown to be insufficient to guard against brute force attacks. One such attack, undertaken by the cyber civil-rights group Electronic Frontier Foundation in 1997, succeeded in 56 hours the story is in Cracking DES, published by O’Reilly and Associates. As a result, use of straight DES encryption is now without doubt insecure for use in new cryptosystem designs, and messages protected by older cryptosystems using DES, and indeed all messages sent since 1976 using DES, are also at risk. Regardless of DES’ inherent quality, the DES key size (56-bits) was thought to be too small by some even in 1976, perhaps most publicly by Whitfield Diffie. There was suspicion that government organizations even then had sufficient computing power to break DES messages; clearly others have achieved this capability.

The second development, in 1976, was perhaps even more important, for it fundamentally changed the way cryptosystems might work. This was the publication of the paper New Directions in Cryptography by Whitfield Diffie and Martin Hellman. It introduced a radically new method of distributing cryptographic keys, which went far toward solving one of the fundamental problems of cryptography, key distribution, and has become known as the Diffie-Hellman key exchange. The article also stimulated the almost immediate public development of a new class of enciphering algorithms, the asymmetric key algorithms.

Prior to that time, all useful modern encryption algorithms had been symmetric key algorithms, in which the same cryptographic key is used with the underlying algorithm by both the sender and the recipient, who must both keep it secret. All of the electromechanical machines used in WWII were of this logical class, as were the Caesar and Atbash ciphers and essentially all cipher systems throughout history. The ‘key’ for a code is the codebook, which must likewise be distributed and kept secret, and so shares most of the same problems in practice.

Of necessity, the key in every such system had to be exchanged between the communicating parties in some secure way prior to any use of the system (the term usually used is ‘via a secure channel’) such as a trustworthy courier with a briefcase handcuffed to a wrist, or face-to-face contact, or a loyal carrier pigeon. This key management requirement is never trivial and very rapidly becomes unmanageable as the number of participants increases, or when secure channels aren’t available for key exchange, or when, as is sensible cryptographic practice, keys are frequently changed. In particular, if messages are meant to be secure from other users, a separate key is required for each possible pair of users. A system of this kind is known as a secret key, or symmetric key cryptosystem. D-H key exchange (and succeeding improvements and variants) made operation of these systems much easier, and more secure, than had ever been possible before in all of history.

In contrast, asymmetric key encryption uses a pair of mathematically related keys, each of which decrypts the encryption performed using the other. Some, but not all, of these algorithms have the additional property that one of the paired keys cannot be deduced from the other by any known method other than trial and error. An algorithm of this kind is known as a public key or asymmetric key system. Using such an algorithm, only one key pair is needed per user. By designating one key of the pair as private (always secret), and the other as public (often widely available), no secure channel is needed for key exchange. So long as the private key stays secret, the public key can be widely known for a very long time without compromising security, making it safe to reuse the same key pair indefinitely.

For two users of an asymmetric key algorithm to communicate securely over an insecure channel, each user will need to know their own public and private keys as well as the other user’s public key. Take this basic scenario: Alice and Bob each have a pair of keys they’ve been using for years with many other users. At the start of their message, they exchange public keys, unencrypted over an insecure line. Alice then encrypts a message using her private key, and then re-encrypts that result using Bob’s public key. The double-encrypted message is then sent as digital data over a wire from Alice to Bob. Bob receives the bit stream and decrypts it using his own private key, and then decrypts that bit stream using Alice’s public key. If the final result is recognizable as a message, Bob can be confident that the message actually came from someone who knows Alice’s private key (presumably actually her if she’s been careful with her private key), and that anyone eavesdropping on the channel will need Bob’s private key in order to understand the message.

Asymmetric algorithms rely for their effectiveness on a class of problems in mathematics called one-way functions, which require relatively little computational power to execute, but vast amounts of power to reverse, if reversal is possible at all. A classic example of a one-way function is multiplication of very large prime numbers. It’s fairly quick to multiply two large primes, but very difficult to find the factors of the product of two large primes. Because of the mathematics of one-way functions, most possible keys are bad choices as cryptographic keys; only a small fraction of the possible keys of a given length are suitable, and so asymmetric algorithms require very long keys to reach the same level of security provided by relatively shorter symmetric keys. The need to both generate the key pairs, and perform the encryption/decryption operations make asymmetric algorithms computationally expensive, compared to most symmetric algorithms. Since symmetric algorithms can often use any sequence of (random, or at least unpredictable) bits as a key, a disposable session key can be quickly generated for short-term use. Consequently, it is common practice to use a long asymmetric key to exchange a disposable, much shorter (but just as strong) symmetric key. The slower asymmetric algorithm securely sends a symmetric session key, and the faster symmetric algorithm takes over for the remainder of the message.

Asymmetric key cryptography, Diffie-Hellman key exchange, and the best known of the public key / private key algorithms (i.e., what is usually called the RSA algorithm), all seem to have been independently developed at a UK intelligence agency before the public announcement by Diffie and Hellman in 1976. GCHQ has released documents claiming they had developed public key cryptography before the publication of Diffie and Hellman’s paper. Various classified papers were written at GCHQ during the 1960s and 1970s which eventually led to schemes essentially identical to RSA encryption and to Diffie-Hellman key exchange in 1973 and 1974. Some of these have now been published, and the inventors (James H. Ellis, Clifford Cocks, and Malcolm Williamson) have made public select parts of their work.

The public developments of the 1970s broke the near monopoly on high quality cryptography held by government organizations, refer to S Levy’s Crypto for a journalistic account of some of the policy controversy of the time in the US. For the first time ever, those outside government organizations had access to cryptography not readily breakable by anyone, including governments. Considerable controversy, and conflict, both public and private, began more or less immediately. It has not yet subsided. In many countries, for example, export of cryptography is subject to restrictions. Until 1996 export from the U.S. of cryptography using keys longer than 40 bits, ie too small to be very secure against a knowledgeable attacker, was sharply limited. As recently as 2004, former FBI Director Louis Freeh, testifying before the 9/11 Commission, called for new laws against public use of encryption.

One of the most significant people favouring strong encryption for public use was Phil Zimmermann. He wrote and then in 1991 released PGP (Pretty Good Privacy), a very high quality crypto system. He distributed a freeware version of PGP when he felt threatened by legislation then under consideration by the US Government that would require backdoors to be included in all cryptographic products developed within the US. His system was released worldwide shortly after he released it in the US, and that began a long criminal investigation of him by the US Government Justice Department for the alleged violation of export restrictions. The Justice Department eventually dropped its case against Zimmermann, and the freeware distribution of PGP has continued around the world. PGP even eventually became an open Internet standard, RFC 2440 or OpenPGP.

The development of cryptography has been paralleled by near equal developments in cryptoanalysis of the “breaking” of codes and ciphers. The early discovery and application of frequency analysis to the reading of encrypted communications has on occasion altered the course of history. Thus the Zimmermann Telegram triggered the United States’ entry into World War I; and Allied reading of Nazi Germany’s ciphers shortened World War II, in some evaluations by as much as two years.

Modern cryptoanalysts sometimes harness large numbers of integrated circuits. This board is part of the EFF DES cracker, which contained over 1800 custom chips and could brute force a DES key in a matter of days. While modern ciphers like AES and the higher quality asymmetric ciphers are widely considered unbreakable, poor designs and implementations are still sometimes adopted and there have been important cryptanalytic breaks of deployed crypto systems in recent years.

Notable examples of broken crypto designs include DES, the first Wi-Fi encryption scheme WEP, the Content Scrambling System used for encrypting and controlling DVD use, the A5/1 and A5/2 ciphers used in GSM cell phones, and the CRYPTO1 cipher used in the widely deployed MIFARE Classic smart cards from NXP Semiconductors, a spun off division of Philips Electronics. All of these are symmetric ciphers. Thus far, not one of the mathematical ideas underlying public key cryptography has been proven to be ‘unbreakable’, and so some future mathematical analysis advance might render systems relying on them insecure. While few informed observers foresee such a breakthrough, the key size recommended for security as best practice keeps increasing as increased computing power required for breaking codes becomes cheaper and more available.

More recent developments utilising quantum computing is the NTRUEncrypt lattice based systems first proposed in 1996. It was standardised in 2008 by the IEEE Std 1363.1. This currently appears to be the leading candidate when RSA and elliptic curve cryptography eventually need to be withdrawn. The parallels, and an ideafor quantum encryption techniques are based on the massive computational intensive thermodynamics modelling in the book by George G Szpiro.

A5/0 utilizes no encryption.

A5/1 is the original A5 algorithm used in Europe.

A5/2 is a weaker encryption algorithm created for export and used in the United States.

A5/3 is a strong encryption algorithm created as part of the 3rd Generation Partnership Project (3GPP).

Motorola build voice/data crypto radios, XTS3000, XTS5000 etc. These have DES-XL, DVI-XL, DVP-XL (noting DVP is an early first generation Securenet product).

DVP is a Motorola developed Digital Voice Privacy algorithm made in the mid-1970’s using 32bit key length.

DES is Motorola encryption algorithm that meets US Government encryption guidelines, using a 56bit DES key.

DVP-XL is Motorola proprietary encryption algorithm using 32bit key encryption.

DVI-XL is an export grade variant of DVP-XL for export outside of the US.

DES-XL is a Motorola variant of the US Government DES algorithm.

DVP and DES are self-synchronizing modes of operation, coverage range is slightly degraded due to data errors due to Rayleigh fading on radio channel.

DVP-XL, DVI-XL, DES-XL use a sync header and periodic sync updates. For operation on fading radio channels, this provides encryption coverage range similar to analog FM voice coverage.

DVP-XL, DVI-XL, and DES-XL should provide similar coverage on conventional or trunked systems. Since current generation of trunking control channels are not encrypted, someone could monitor which talkgroups are active and the general level of activity, even though they could not monitor the talkgroup conversations on the traffic channels.

DES-OFB used output feedback for error correction.

ADP is a 40bit key length software based encryption method, simple, but restricts hardware updates.

AES-256, these algorithms that use a 256 bit key length.

Microsoft messed up the Windows 3.1 and Windows 95 password file (.PWL) encryption key processing, providing a maximum of 32 bits of keyspace. A dictionary attack could recover most password in a few seconds. Frank Stevenson extended this attack by taking advantage of the fact that the RC4 cipher that Microsoft used was a pure keystream generator, allowing all information protected with it to be recovered in a fraction of a second, even with more recent upgrades to 128bit keys.

The idea of self encrypting polymorphic viruses gained popularity in the early 1990s and brought to life generators of polymorphic code – in early 1992 the famous “Dedicated” virus appears, based on the first known polymorphic generator MtE and the first in a series of MtE-viruses; shortly after that there appears the polymorphic generator itself.

Cryptography is featured heavily in the 1998 film Mercury Rising with Bruce Willis, Alec Baldwin and Miko Hughes.

The 1992 film Sneakers touches on crypro techniques, and the 1988 Vietnam war film Bat 21 shows a crypto style graphical map key used to rescue a general.

“The Cryptographer”, Tobias Hill, Faber and Faber, 2003. Fiction. Investigative novel around the world’s first Quadrillionaire who made money from code breaking.

Bamford, James. The Puzzle Palace. Boston: Houghton Mifflin, 1982.

Bennett, Charles, Gilles Brassard, and Artur K. Ekert. Quantum Cryptography. Scientific American 267, Issue 4,July 1992.

Coe, Michael D. Breaking the Maya Code. London and New York: Thames and Hudson, 1992.

Fouche Gaines, Helen. Cryptanalysis: A Study of Ciphers and Their Solution. New York: Dover Publications, 1956.

Kahn, David. The Codebreakers, rev. ed. New York: Scribner, 1996.

Mel, H.X., and Doris Baker. Cryptography Decrypted. Boston, MA: Addison, Wesley, 2001.

Menezes, A. J., Paul C. Oorschot, and S. Vanstone. Handbook of Applied Cryptography. Boca Raton: CRC Press, 1996.

Port, Otis with Inka Resch, Theyre Listening to Your Calls. Businessweek, May 31, 1999.

Russell, Francis. The Secret War. Virginia: Time-Life Books, 1981.

Singh, Simon. The Code Book. New York: Doubleday, 1998.

Szpiro, George G. The Secret Life of Numbers. Washington, DC: Joseph Henry Press, 2006

Encryption Wars Article – Spectrum Magazine May 2000

Exhaustive Cryptoanalysis of the NBS Data Encryption Standard

View post:
Cryptography – Engineering and Technology History Wiki

Definition of Cryptography | What is Cryptography …

Definition: Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.

Description: Earlier cryptography was effectively synonymous with encryption but nowadays cryptography is mainly based on mathematical theory and computer science practice.

Modern cryptography concerns with:

Confidentiality – Information cannot be understood by anyone

Integrity – Information cannot be altered.

Non-repudiation – Sender cannot deny his/her intentions in the transmission of the information at a later stage

Authentication – Sender and receiver can confirm each

Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.

Three types of cryptographic techniques used in general.

1. Symmetric-key cryptography

2. Hash functions.

3. Public-key cryptography

Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the receiver applies the same key to decrypt the message and recover the plain text.

Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. Public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.

Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plain text to be recovered. Hash functions are also used by many operating systems to encrypt passwords.

More here:
Definition of Cryptography | What is Cryptography …

Cryptology – Cryptography | Britannica.com

The easiest way to describe the techniques on which cryptography depends is first to examine some simple cipher systems and then abstract from these examples features that apply to more complex systems. There are two basic kinds of mathematical operations used in cipher systems: transpositions and substitutions. Transpositions rearrange the symbols in the plaintext without changing the symbols themselves. Substitutions replace plaintext elements (symbols, pairs of symbols, etc.) with other symbols or groups of symbols without changing the sequence in which they occur.

In manual systems transpositions are generally carried out with the aid of an easily remembered mnemonic. For example, a popular schoolboy cipher is the rail fence, in which letters of the plaintext are written alternating between rows and the rows are then read sequentially to give the cipher. In a depth-two rail fence (two rows) the message WE ARE DISCOVERED SAVE YOURSELF would be written

Simple frequency counts on the ciphertext would reveal to the cryptanalyst that letters occur with precisely the same frequency in the cipher as in an average plaintext and, hence, that a simple rearrangement of the letters is probable.

The rail fence is the simplest example of a class of transposition ciphers, known as route ciphers, that enjoyed considerable popularity in the early history of cryptology. In general, the elements of the plaintext (usually single letters) are written in a prearranged order (route) into a geometric array (matrix)typically a rectangleagreed upon in advance by the transmitter and receiver and then read off by following another prescribed route through the matrix to produce the cipher. The key in a route cipher consists of keeping secret the geometric array, the starting point, and the routes. Clearly, both the matrix and the routes can be much more complex than in this example; but even so, they provide little security. One form of transposition (permutation) that was widely used depends on an easily remembered key word for identifying the route in which the columns of a rectangular matrix are to be read. For example, using the key word AUTHOR and ordering the columns by the lexicographic order of the letters in the key word

In decrypting a route cipher, the receiver enters the ciphertext symbols into the agreed-upon matrix according to the encryption route and then reads the plaintext according to the original order of entry. A significant improvement in cryptosecurity can be achieved by reencrypting the cipher obtained from one transposition with another transposition. Because the result (product) of two transpositions is also a transposition, the effect of multiple transpositions is to define a complex route in the matrix, which in itself would be difficult to describe by any simple mnemonic. (See Product ciphers, below.)

In the same class also fall systems that make use of perforated cardboard matrices called grilles; descriptions of such systems can be found in most older books on cryptography. In contemporary cryptography, transpositions serve principally as one of several encryption steps in forming a compound or product cipher.

In substitution ciphers, units of the plaintext (generally single letters or pairs of letters) are replaced with other symbols or groups of symbols, which need not be the same as those used in the plaintext. For instance, in Sir Arthur Conan Doyles Adventure of the Dancing Men (1903), Sherlock Holmes solves a monoalphabetic substitution cipher in which the ciphertext symbols are stick figures of a human in various dancelike poses.

The simplest of all substitution ciphers are those in which the cipher alphabet is merely a cyclical shift of the plaintext alphabet. Of these, the best-known is the Caesar cipher, used by Julius Caesar, in which A is encrypted as D, B as E, and so forth. As many a schoolboy has discovered to his embarrassment, cyclical-shift substitution ciphers are not secure. And as is pointed out in the section Cryptanalysis, neither is any other monoalphabetic substitution cipher in which a given plaintext symbol is always encrypted into the same ciphertext symbol. Because of the redundancy of the English language, only about 25 symbols of ciphertext are required to permit the cryptanalysis of monoalphabetic substitution ciphers, which makes them a popular source for recreational cryptograms. The explanation for this weakness is that the frequency distributions of symbols in the plaintext and in the ciphertext are identical, only the symbols having been relabeled. In fact, any structure or pattern in the plaintext is preserved intact in the ciphertext, so that the cryptanalysts task is an easy one.

There are two main approaches that have been employed with substitution ciphers to lessen the extent to which structure in the plaintextprimarily single-letter frequenciessurvives in the ciphertext. One approach is to encrypt elements of plaintext consisting of two or more symbols; e.g., digraphs and trigraphs. The other is to use several cipher alphabets. When this approach of polyalphabetic substitution is carried to its limit, it results in onetime keys, or pads.

In cryptosystems for manually encrypting units of plaintext made up of more than a single letter, only digraphs were ever used. By treating digraphs in the plaintext as units rather than as single letters, the extent to which the raw frequency distribution survives the encryption process can be lessened but not eliminated, as letter pairs are themselves highly correlated. The best-known digraph substitution cipher is the Playfair, invented by Sir Charles Wheatstone but championed at the British Foreign Office by Lyon Playfair, the first Baron Playfair of St. Andrews. Below is an example of a Playfair cipher, solved by Lord Peter Wimsey in Dorothy L. Sayerss Have His Carcase (1932). Here, the mnemonic aid used to carry out the encryption is a 5 5-square matrix containing the letters of the alphabet (I and J are treated as the same letter). A key word, MONARCHY in this example, is filled in first, and the remaining unused letters of the alphabet are entered in their lexicographic order:

Plaintext digraphs are encrypted with the matrix by first locating the two plaintext letters in the matrix. They are (1) in different rows and columns; (2) in the same row; (3) in the same column; or (4) alike. The corresponding encryption (replacement) rules are the following:

When the two letters are in different rows and columns, each is replaced by the letter that is in the same row but in the other column; i.e., to encrypt WE, W is replaced by U and E by G.

When A and R are in the same row, A is encrypted as R and R (reading the row cyclically) as M.

When I and S are in the same column, I is encrypted as S and S as X.

When a double letter occurs, a spurious symbol, say Q, is introduced so that the MM in SUMMER is encrypted as NL for MQ and CL for ME.

An X is appended to the end of the plaintext if necessary to give the plaintext an even number of letters.

Encrypting the familiar plaintext example using Sayerss Playfair array yields:

If the frequency distribution information were totally concealed in the encryption process, the ciphertext plot of letter frequencies in Playfair ciphers would be flat. It is not. The deviation from this ideal is a measure of the tendency of some letter pairs to occur more frequently than others and of the Playfairs row-and-column correlation of symbols in the ciphertextthe essential structure exploited by a cryptanalyst in solving Playfair ciphers. The loss of a significant part of the plaintext frequency distribution, however, makes a Playfair cipher harder to cryptanalyze than a monoalphabetic cipher.

The other approach to concealing plaintext structure in the ciphertext involves using several different monoalphabetic substitution ciphers rather than just one; the key specifies which particular substitution is to be employed for encrypting each plaintext symbol. The resulting ciphers, known generically as polyalphabetics, have a long history of usage. The systems differ mainly in the way in which the key is used to choose among the collection of monoalphabetic substitution rules.

The best-known polyalphabetics are the simple Vigenre ciphers, named for the 16th-century French cryptographer Blaise de Vigenre. For many years this type of cipher was thought to be impregnable and was known as le chiffre indchiffrable, literally the unbreakable cipher. The procedure for encrypting and decrypting Vigenre ciphers is illustrated in the figure.

In the simplest systems of the Vigenre type, the key is a word or phrase that is repeated as many times as required to encipher a message. If the key is DECEPTIVE and the message is WE ARE DISCOVERED SAVE YOURSELF, then the resulting cipher will be

The graph shows the extent to which the raw frequency of occurrence pattern is obscured by encrypting the text of this article using the repeating key DECEPTIVE. Nevertheless, in 1861 Friedrich W. Kasiski, formerly a German army officer and cryptanalyst, published a solution of repeated-key Vigenre ciphers based on the fact that identical pairings of message and key symbols generate the same cipher symbols. Cryptanalysts look for precisely such repetitions. In the example given above, the group VTW appears twice, separated by six letters, suggesting that the key (i.e., word) length is either three or nine. Consequently, the cryptanalyst would partition the cipher symbols into three and nine monoalphabets and attempt to solve each of these as a simple substitution cipher. With sufficient ciphertext, it would be easy to solve for the unknown key word.

The periodicity of a repeating key exploited by Kasiski can be eliminated by means of a running-key Vigenre cipher. Such a cipher is produced when a nonrepeating text is used for the key. Vigenre actually proposed concatenating the plaintext itself to follow a secret key word in order to provide a running key in what is known as an autokey.

Even though running-key or autokey ciphers eliminate periodicity, two methods exist to cryptanalyze them. In one, the cryptanalyst proceeds under the assumption that both the ciphertext and the key share the same frequency distribution of symbols and applies statistical analysis. For example, E occurs in English plaintext with a frequency of 0.0169, and T occurs only half as often. The cryptanalyst would, of course, need a much larger segment of ciphertext to solve a running-key Vigenre cipher, but the basic principle is essentially the same as beforei.e., the recurrence of like events yields identical effects in the ciphertext. The second method of solving running-key ciphers is commonly known as the probable-word method. In this approach, words that are thought most likely to occur in the text are subtracted from the cipher. For example, suppose that an encrypted message to President Jefferson Davis of the Confederate States of America was intercepted. Based on a statistical analysis of the letter frequencies in the ciphertext, and the Souths encryption habits, it appears to employ a running-key Vigenre cipher. A reasonable choice for a probable word in the plaintext might be PRESIDENT. For simplicity a space will be encoded as a 0. PRESIDENT would then be encodednot encryptedas 16, 18, 5, 19, 9, 4, 5, 14, 20 using the rule A = 1, B = 2, and so forth. Now these nine numbers are added modulo 27 (for the 26 letters plus a space symbol) to each successive block of nine symbols of ciphertextshifting one letter each time to form a new block. Almost all such additions will produce random-like groups of nine symbols as a result, but some may produce a block that contains meaningful English fragments. These fragments can then be extended with either of the two techniques described above. If provided with enough ciphertext, the cryptanalyst can ultimately decrypt the cipher. What is important to bear in mind here is that the redundancy of the English language is high enough that the amount of information conveyed by every ciphertext component is greater than the rate at which equivocation (i.e., the uncertainty about the plaintext that the cryptanalyst must resolve to cryptanalyze the cipher) is introduced by the running key. In principle, when the equivocation is reduced to zero, the cipher can be solved. The number of symbols needed to reach this point is called the unicity distanceand is only about 25 symbols, on average, for simple substitution ciphers.

In 1918 Gilbert S. Vernam, an engineer for the American Telephone & Telegraph Company (AT&T), introduced the most important key variant to the Vigenre system. At that time all messages transmitted over AT&Ts teleprinter system were encoded in the Baudot Code, a binary code in which a combination of marks and spaces represents a letter, number, or other symbol. Vernam suggested a means of introducing equivocation at the same rate at which it was reduced by redundancy among symbols of the message, thereby safeguarding communications against cryptanalytic attack. He saw that periodicity (as well as frequency information and intersymbol correlation), on which earlier methods of decryption of different Vigenre systems had relied, could be eliminated if a random series of marks and spaces (a running key) were mingled with the message during encryption to produce what is known as a stream or streaming cipher.

There was one serious weakness in Vernams system, however. It required one key symbol for each message symbol, which meant that communicants would have to exchange an impractically large key in advancei.e., they had to securely exchange a key as large as the message they would eventually send. The key itself consisted of a punched paper tape that could be read automatically while symbols were typed at the teletypewriter keyboard and encrypted for transmission. This operation was performed in reverse using a copy of the paper tape at the receiving teletypewriter to decrypt the cipher. Vernam initially believed that a short random key could safely be reused many times, thus justifying the effort to deliver such a large key, but reuse of the key turned out to be vulnerable to attack by methods of the type devised by Kasiski. Vernam offered an alternative solution: a key generated by combining two shorter key tapes of m and n binary digits, or bits, where m and n share no common factor other than 1 (they are relatively prime). A bit stream so computed does not repeat until mn bits of key have been produced. This version of the Vernam cipher system was adopted and employed by the U.S. Army until Major Joseph O. Mauborgne of the Army Signal Corps demonstrated during World War I that a cipher constructed from a key produced by linearly combining two or more short tapes could be decrypted by methods of the sort employed to cryptanalyze running-key ciphers. Mauborgnes work led to the realization that neither the repeating single-key nor the two-tape Vernam-Vigenre cipher system was cryptosecure. Of far greater consequence to modern cryptologyin fact, an idea that remains its cornerstonewas the conclusion drawn by Mauborgne and William F. Friedman that the only type of cryptosystem that is unconditionally secure uses a random onetime key. The proof of this, however, was provided almost 30 years later by another AT&T researcher, Claude Shannon, the father of modern information theory.

In a streaming cipher the key is incoherenti.e., the uncertainty that the cryptanalyst has about each successive key symbol must be no less than the average information content of a message symbol. The dotted curve in the figure indicates that the raw frequency of occurrence pattern is lost when the draft text of this article is encrypted with a random onetime key. The same would be true if digraph or trigraph frequencies were plotted for a sufficiently long ciphertext. In other words, the system is unconditionally secure, not because of any failure on the part of the cryptanalyst to find the right cryptanalytic technique but rather because he is faced with an irresolvable number of choices for the key or plaintext message.

In the discussion of transposition ciphers it was pointed out that by combining two or more simple transpositions, a more secure encryption may result. In the days of manual cryptography this was a useful device for the cryptographer, and in fact double transposition or product ciphers on key word-based rectangular matrices were widely used. There was also some use of a class of product ciphers known as fractionation systems, wherein a substitution was first made from symbols in the plaintext to multiple symbols (usually pairs, in which case the cipher is called a biliteral cipher) in the ciphertext, which was then encrypted by a final transposition, known as superencryption. One of the most famous field ciphers of all time was a fractionation system, the ADFGVX cipher employed by the German army during World War I. This system used a 6 6 matrix to substitution-encrypt the 26 letters and 10 digits into pairs of the symbols A, D, F, G, V, and X. The resulting biliteral cipher was then written into a rectangular array and route encrypted by reading the columns in the order indicated by a key word, as illustrated in the figure.

The great French cryptanalyst Georges J. Painvin succeeded in cryptanalyzing critical ADFGVX ciphers in 1918, with devastating effect for the German army in the battle for Paris.

View post:
Cryptology – Cryptography | Britannica.com

What is Cryptography & Types of Cryptography | Synopsys

With symmetric cryptography, the same key is used for both encryption and decryption. A sender and a recipient must already have a shared key that is known to both. Key distribution is a tricky problemand was the impetus for developing asymmetric cryptography.

With asymmetric crypto, two different keys are used for encryption and decryption. Every user in an asymmetric cryptosystem has both a public key and a private key. The private key is kept secret at all times, but the public key may be freely distributed.

Data encrypted with a public key may only be decrypted with the corresponding private key. So, sending a message to John requires encrypting that message with Johns public key. Only John can decrypt the message, as only John has his private key. Any data encrypted with a private key can only be decrypted with the corresponding public key. Similarly, Jane could digitally sign a message with her private key, and anyone with Janes public key could decrypt the signed message and verify that it was in fact Jane who sent it.

Symmetric is generally very fast and ideal for encrypting large amounts of data (e.g., an entire disk partition or database). Asymmetric is much slower and can only encrypt pieces of data that are smaller than the key size (typically 2048 bits or smaller). Thus, asymmetric crypto is generally used to encrypt symmetric encryption keys which are then used to encrypt much larger blocks of data. For digital signatures, asymmetric crypto is generally used to encrypt the hashes of messages rather than entire messages.

A cryptosystem provides for managing cryptographic keys including generation, exchange, storage, use, revocation, and replacement of the keys.

Originally posted here:
What is Cryptography & Types of Cryptography | Synopsys

AES encryption

AES encryption

Encrypt and decrypt text with AES algorithm

As you see this implementation is using openssl instead of mcrypt and the result of the encryption/decryption is not compatible with each other.The mcrypt function will be deprecated feature in PHP 7.1.x

It is a webtool to encrypt and decrypt text using AES encryption algorithm. You can chose 128, 192 or 256-bit long key size for encryption and decryption. The result of the process is downloadable in a text file.

If you want to encrypt a text put it in the white textarea above, set the key of the encryption then push the Encrypt button.The result of the encryption will appear in base64 encoded to prevent character encoding problems.If you want to decrypt a text be sure it is in base64 encoded and is encrypted with AES algorithm!Put the encrypted text in the white textarea, set the key and push the Decrypt button.

When you want to encrypt a confidential text into a decryptable format, for example when you need to send sensitive data in e-mail.The decryption of the encrypted text it is possible only if you know the right password.

AES (acronym of Advanced Encryption Standard) is a symmetric encryption algorithm.The algorithm was developed by two Belgian cryptographer Joan Daemen and Vincent Rijmen.AES was designed to be efficient in both hardware and software, and supports a block length of 128 bits and key lengths of 128, 192, and 256 bits.

AES encryption is used by U.S. for securing sensitive but unclassified material, so we can say it is enough secure.

Please fill out our survey to help us improving aesencryption.net.

We appreciate your feedback!

View post:
AES encryption

HTTPS – Wikipedia

HTTP Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network, and is widely used on the Internet.[1][2] In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS), or formerly, its predecessor, Secure Sockets Layer (SSL). The protocol is therefore also often referred to as HTTP over TLS,[3] or HTTP over SSL.

The principal motivation for HTTPS is authentication of the accessed website and protection of the privacy and integrity of the exchanged data while in transit. It protects against man-in-the-middle attacks. The bidirectional encryption of communications between a client and server protects against eavesdropping and tampering of the communication.[4] In practice, this provides a reasonable assurance that one is communicating without interference by attackers with the website that one intended to communicate with, as opposed to an impostor.

Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in corporate information systems.[citation needed] Since 2018[update][citation needed], HTTPS is used more often by webusers than the original non-secure HTTP, primarily to protect page authenticity on all types of websites; secure accounts; and keep user communications, identity, and web browsing private.

The Uniform Resource Identifier (URI) scheme HTTPS has identical usage syntax to the HTTP scheme. However, HTTPS signals the browser to use an added encryption layer of SSL/TLS to protect the traffic. SSL/TLS is especially suited for HTTP, since it can provide some protection even if only one side of the communication is authenticated. This is the case with HTTP transactions over the Internet, where typically only the server is authenticated (by the client examining the server’s certificate).

HTTPS creates a secure channel over an insecure network. This ensures reasonable protection from eavesdroppers and man-in-the-middle attacks, provided that adequate cipher suites are used and that the server certificate is verified and trusted.

Because HTTPS piggybacks HTTP entirely on top of TLS, the entirety of the underlying HTTP protocol can be encrypted. This includes the request URL (which particular web page was requested), query parameters, headers, and cookies (which often contain identity information about the user). However, because host (website) addresses and port numbers are necessarily part of the underlying TCP/IP protocols, HTTPS cannot protect their disclosure. In practice this means that even on a correctly configured web server, eavesdroppers can infer the IP address and port number of the web server (sometimes even the domain name e.g. http://www.example.org, but not the rest of the URL) that one is communicating with, as well as the amount (data transferred) and duration (length of session) of the communication, though not the content of the communication.[4]

Web browsers know how to trust HTTPS websites based on certificate authorities that come pre-installed in their software. Certificate authorities (such as Let’s Encrypt, Digicert, Comodo, GoDaddy and GlobalSign) are in this way being trusted by web browser creators to provide valid certificates. Therefore, a user should trust an HTTPS connection to a website if and only if all of the following are true:

HTTPS is especially important over insecure networks (such as public Wi-Fi access points), as anyone on the same local network can packet-sniff and discover sensitive information not protected by HTTPS. Additionally, many free to use and paid WLAN networks engage in packet injection in order to serve their own ads on webpages. However, this can be exploited maliciously in many ways, such as injecting malware onto webpages and stealing users’ private information.[5]

HTTPS is also very important for connections over the Tor anonymity network, as malicious Tor nodes can damage or alter the contents passing through them in an insecure fashion and inject malware into the connection. This is one reason why the Electronic Frontier Foundation and the Tor project started the development of HTTPS Everywhere,[4] which is included in the Tor Browser Bundle.[6]

As more information is revealed about global mass surveillance and criminals stealing personal information, the use of HTTPS security on all websites is becoming increasingly important regardless of the type of Internet connection being used.[7][8] While metadata about individual pages that a user visits is not sensitive, when combined, they can reveal a lot about the user and compromise the user’s privacy.[9][10][11]

Deploying HTTPS also allows the use of HTTP/2 (or its predecessor, the now-deprecated protocol SPDY), that are new generations of HTTP, designed to reduce page load times, size and latency.

It is recommended to use HTTP Strict Transport Security (HSTS) with HTTPS to protect users from man-in-the-middle attacks, especially SSL stripping.[11][12]

HTTPS should not be confused with the little-used Secure HTTP (S-HTTP) specified in RFC 2660.

As of April2018[update], 33.2% of Alexa top 1,000,000 websites use HTTPS as default,[13] 57.1% of the Internet’s 137,971 most popular websites have a secure implementation of HTTPS,[14] and 70% of page loads (measured by Firefox Telemetry) use HTTPS.[15]

Most browsers display a warning if they receive an invalid certificate. Older browsers, when connecting to a site with an invalid certificate, would present the user with a dialog box asking whether they wanted to continue. Newer browsers display a warning across the entire window. Newer browsers also prominently display the site’s security information in the address bar. Extended validation certificates turn the address bar green in newer browsers. Most browsers also display a warning to the user when visiting a site that contains a mixture of encrypted and unencrypted content.

Most web browsers alert the user when visiting sites that have invalid security certificates.

The Electronic Frontier Foundation, opining that “In an ideal world, every web request could be defaulted to HTTPS”, has provided an add-on called HTTPS Everywhere for Mozilla Firefox that enables HTTPS by default for hundreds of frequently used websites. A beta version of this plugin is also available for Google Chrome and Chromium.[16][17]

The security of HTTPS is that of the underlying TLS, which typically uses long-term public and private keys to generate a short-term session key, which is then used to encrypt the data flow between client and server. X.509 certificates are used to authenticate the server (and sometimes the client as well). As a consequence, certificate authorities and public key certificates are necessary to verify the relation between the certificate and its owner, as well as to generate, sign, and administer the validity of certificates. While this can be more beneficial than verifying the identities via a web of trust, the 2013 mass surveillance disclosures drew attention to certificate authorities as a potential weak point allowing man-in-the-middle attacks.[18][19] An important property in this context is forward secrecy, which ensures that encrypted communications recorded in the past cannot be retrieved and decrypted should long-term secret keys or passwords be compromised in the future. Not all web servers provide forward secrecy.[20][needs update]

A site must be completely hosted over HTTPS, without having part of its contents loaded over HTTPfor example, having scripts loaded insecurelyor the user will be vulnerable to some attacks and surveillance. Also having only a certain page that contains sensitive information (such as a log-in page) of a website loaded over HTTPS, while having the rest of the website loaded over plain HTTP, will expose the user to attacks. On a site that has sensitive information somewhere on it, every time that site is accessed with HTTP instead of HTTPS, the user and the session will get exposed. Similarly, cookies on a site served through HTTPS have to have the secure attribute enabled.[11]

HTTPS URLs begin with “https://” and use port 443 by default, whereas HTTP URLs begin with “http://” and use port 80 by default.

HTTP is not encrypted and is vulnerable to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information, and modify webpages to inject malware or advertisements. HTTPS is designed to withstand such attacks and is considered secure against them (with the exception of older, deprecated versions of SSL).

HTTP operates at the highest layer of the TCP/IP model, the Application layer; as does the TLS security protocol (operating as a lower sublayer of the same layer), which encrypts an HTTP message prior to transmission and decrypts a message upon arrival. Strictly speaking, HTTPS is not a separate protocol, but refers to use of ordinary HTTP over an encrypted SSL/TLS connection.

Everything in the HTTPS message is encrypted, including the headers, and the request/response load. With the exception of the possible CCA cryptographic attack described in the limitations section below, the attacker can only know that a connection is taking place between the two parties and their domain names and IP addresses.

To prepare a web server to accept HTTPS connections, the administrator must create a public key certificate for the web server. This certificate must be signed by a trusted certificate authority for the web browser to accept it without warning. The authority certifies that the certificate holder is the operator of the web server that presents it. Web browsers are generally distributed with a list of signing certificates of major certificate authorities so that they can verify certificates signed by them.

Let’s Encrypt, launched in April 2016,[21] provides free and automated SSL/TLS certificates to websites.[22] According to the Electronic Frontier Foundation, “Let’s Encrypt” will make switching from HTTP to HTTPS “as easy as issuing one command, or clicking one button.”[23]. The majority of web hosts and cloud providers already leverage Let’s Encrypt, providing free certificates to their customers.

The system can also be used for client authentication in order to limit access to a web server to authorized users. To do this, the site administrator typically creates a certificate for each user, a certificate that is loaded into their browser. Normally, that contains the name and e-mail address of the authorized user and is automatically checked by the server on each reconnect to verify the user’s identity, potentially without even entering a password.

An important property in this context is perfect forward secrecy (PFS). Possessing one of the long-term asymmetric secret keys used to establish an HTTPS session should not make it easier to derive the short-term session key to then decrypt the conversation, even at a later time. DiffieHellman key exchange (DHE) and Elliptic curve DiffieHellman key exchange (ECDHE) are in 2013 the only ones known to have that property. Only 30% of Firefox, Opera, and Chromium Browser sessions use it, and nearly 0% of Apple’s Safari and Microsoft Internet Explorer sessions.[20] Among the larger internet providers, only Google supports PFS since 2011[update] (State of September 2013).[citation needed]

A certificate may be revoked before it expires, for example because the secrecy of the private key has been compromised. Newer versions of popular browsers such as Firefox,[24] Opera,[25] and Internet Explorer on Windows Vista[26] implement the Online Certificate Status Protocol (OCSP) to verify that this is not the case. The browser sends the certificate’s serial number to the certificate authority or its delegate via OCSP and the authority responds, telling the browser whether the certificate is still valid.[27]

SSL and TLS encryption can be configured in two modes: simple and mutual. In simple mode, authentication is only performed by the server. The mutual version requires the user to install a personal client certificate in the web browser for user authentication.[28] In either case, the level of protection depends on the correctness of the implementation of software and the cryptographic algorithms in use.

SSL/TLS does not prevent the indexing of the site by a web crawler, and in some cases the URI of the encrypted resource can be inferred by knowing only the intercepted request/response size.[29] This allows an attacker to have access to the plaintext (the publicly available static content), and the encrypted text (the encrypted version of the static content), permitting a cryptographic attack.

Because TLS operates at a protocol level below that of HTTP, and has no knowledge of the higher-level protocols, TLS servers can only strictly present one certificate for a particular address and port combination.[30] In the past, this meant that it was not feasible to use name-based virtual hosting with HTTPS. A solution called Server Name Indication (SNI) exists, which sends the hostname to the server before encrypting the connection, although many old browsers do not support this extension. Support for SNI is available since Firefox 2, Opera 8, Safari 2.1, Google Chrome 6, and Internet Explorer 7 on Windows Vista.[31][32][33]

From an architectural point of view:

A sophisticated type of man-in-the-middle attack called SSL stripping was presented at the Blackhat Conference 2009. This type of attack defeats the security provided by HTTPS by changing the https: link into an http: link, taking advantage of the fact that few Internet users actually type “https” into their browser interface: they get to a secure site by clicking on a link, and thus are fooled into thinking that they are using HTTPS when in fact they are using HTTP. The attacker then communicates in clear with the client.[34] This prompted the development of a countermeasure in HTTP called HTTP Strict Transport Security.

HTTPS has been shown vulnerable to a range of traffic analysis attacks. Traffic analysis attacks are a type of side-channel attack that relies on variations in the timing and size of traffic in order to infer properties about the encrypted traffic itself. Traffic analysis is possible because SSL/TLS encryption changes the contents of traffic, but has minimal impact on the size and timing of traffic. In May 2010, a research paper by researchers from Microsoft Research and Indiana University discovered that detailed sensitive user data can be inferred from side channels such as packet sizes. More specifically, the researchers found that an eavesdropper can infer the illnesses/medications/surgeries of the user, his/her family income and investment secrets, despite HTTPS protection in several high-profile, top-of-the-line web applications in healthcare, taxation, investment and web search.[35] Although this work demonstrated vulnerability of HTTPS to traffic analysis, the approach presented by the authors required manual analysis and focused specifically on web applications protected by HTTPS.

The fact that most modern websites, including Google, Yahoo!, and Amazon, use HTTPS causes problems for many users trying to access public Wi-Fi hot spots, because a Wi-Fi hot spot login page fails to load if the user tries to open an HTTPS resource.[36][37] Several websites, such as neverssl.com or nonhttps.com, guarantee that they will always remain accessible by HTTP.

Netscape Communications created HTTPS in 1994 for its Netscape Navigator web browser.[38] Originally, HTTPS was used with the SSL protocol. As SSL evolved into Transport Layer Security (TLS), HTTPS was formally specified by RFC 2818 in May 2000.

See the original post:
HTTPS – Wikipedia

Persecution of WikiLeaks editor Julian Assange continues …

By James Cogan 5 July 2018

Today is the 100th consecutive day of the denial, by the Ecuadorian embassy in London, of the democratic right of WikiLeaks editor Julian Assange to communicate with the outside world, or receive visitors, apart from his legal representatives and a brief, unexplained visit by two Australian consular officials.

Julian Assange sought political asylum in the small embassy building on June 19, 2012. For 2,767 daysmore than six yearsthe British government has denied him exposure to direct sunlight and adequate medical care. On July 3, he turned 47-years-old, enduring conditions that the United Nations Working Group on Arbitrary Detention condemned as deprivation of liberty, a violation of his human rights and tantamount to torture.

The reasons why Assange sought asylumand why it was granted, under international law, by Ecuadorhave not changed. He was being given no support by the government of Australia, where he was born and holds citizenship, under conditions where he faced the prospect of extradition to the United States.

In June 2012, Assange lost his last legal appeal against an attempt to extradite him to Sweden to answer questions over manufactured allegations that he may have committed sexual assault offenses. His concern, however, was not the Swedish case. It was the well-grounded fear that Sweden would hand him over to the US to face charges of espionage, in response to WikiLeaks publication of leaked documents that had revealed American war crimes, and intelligence and diplomatic intrigues.

The threat that Assange could face a US show trial on charges that carry massive prison sentences, or even the death penalty, has only become more serious. Former CIA director and now Trumps secretary of state, Mike Pompeo, declared in April 2017after WikiLeaks began publishing explosive exposures of CIA hacking and criminalitythat the US government can no longer allow Assange and his colleagues the latitude to use free speech values against us. The Trump administrations attorney general, Jeff Sessions, declared several days later that Assanges arrest was a priority.

The Swedish prosecutors office ended its investigation and extradition request in May 2017 with no sexual offence charges ever being laid. The British government and police, however, immediately made clear that if Assange left the Ecuadorian embassy he would be detained for breaching his bail conditions.

The danger that faces Assange was spelled out this week by lawyer Geoffrey Robertson. The well-known human rights defender stated: If he leaves the embassy, he will be arrested, held for a short time for a breach of bail, and in that time, the US foreign secretary will order an extradition request that will keep him in prison for years, fighting a US extradition request to prosecute him as a spy.

Since Ecuador cut off his communication on March 28, and leading up to the June 19 sixth anniversary of his involuntary confinement in the embassy, there has been a renewed groundswell of demands that the persecution of Julian Assange be ended. He has not committed any crime. He is the editor of an award-winning media organisation, which has informed the world of numerous cases of government and corporate criminality and abuse of power.

The demands have been raised around the world: Ecuador must restore Assanges communications; the British government must drop its pursuit of a minor bail breach and allow him to leave the United Kingdom if he chooses; and the Australian government must exercise its undeniable diplomatic power and legal discretion to secure the unconditional release of an Australian citizen and journalist facing unjust treatment.

The response of the political establishments of the United States, Britain and Australia, however, has been to continue their vendetta to silence WikiLeaks and prosecute Assange.

Mike Pence, Trumps vice president, visited Ecuador last week. On the eve of the trip, 10 of the most prominent Democratic Party senators demanded that he pressure the government of President Lenn Moreno to renege on Assanges right to asylum and expel him from the embassy.

Based on statements made after the talks, Pence does not seem to have pressed Moreno on the asylum issue. Instead, the Trump administration appears content to use the Ecuadorian government as its agent in a vindictive attempt to break Assange, physically and psychologically, by denying him his fundamental right to access and communicate with the outside world.

For its part, the May government in the United Kingdom is participating in the effort to pressure Assange to leave the embassy with no guarantees against extradition to the US.

In words dripping with deceit, Minister of State for Europe and the Americas Sir Alan Duncan told the British parliament on June 26: We would like to make the assurance that, if he [Assange] were to step out of the embassy, he would be treated humanely and properly and the first priority would be to look after his health, which we think is deteriorating.

Assanges health has been deteriorating over the past six years because the May government has refused to allow him to even temporarily leave the embassy building to visit a hospital or a dentist. Duncans real attitude to the WikiLeaks editor was made clear on March 27, when he labelled him a miserable little worm, who should give himself up to British justice.

The Labour Party opposition headed by Jeremy Corbyn has made no attempt to expose the utter fraud of Duncans statement, let alone demand that Assange be given a guarantee against US extradition and the right to leave the UK unhindered.

The Australian government of Prime Minister Malcolm Turnbull has likewise not shifted from its cowardly collaboration with the US.

Assanges father John Shipton wrote to Turnbull last month, appealing to him for assistance in extricating his son from the Ecuadorian embassy, with the necessary protections.

Turnbull has responded with a deafening silence. Moreover, the establishment media has raised not a single question of the government over Assanges condition, or even asked that it explain why it sent two officials to visit him on June 7, for the first time since he sought asylum.

The Australian Labor Party, which denounced Assange as a criminal when it was in government, has predictably also said nothing. More significantly, the Greens leadership, along with independent Andrew Wilkie, who once claimed to defend WikiLeaks and Assange, have also remained mute over the issue.

Only one member of parliament has mentioned Assange: Green senator Andrew Bartlett, who is retiring in a matter of weeks. On June 28, during debate on sweeping anti-democratic, foreign interference laws, Bartlett noted in the Senate that government member Andrew Hastie had raised Assange and WikiLeaks as examples of the kinds of individuals and organisations that the new legal powers would be required to suppress.

Bartlett used one of his last opportunities to speak in parliament, to provide at least some voice to the sentiments of millions of ordinary people in Australia.

Im not giving him [Assange] a character reference, Bartlett insisted, but I am certainly saying he has a right as an Australian citizen to receive proper support against what has clearly been an international conspiracy by governments to try and silence him. He has been kept in isolation for years. He has been basically silenced already because of the threat he poses to the statenot to the community, not to the public. These laws are attempts to criminalise and attack people like Julian Assange.

In a later contribution, Bartlett directly asked: Given that Mr Hastie specifically referred to Julian Assange, is there actually an explicit focus on the activities of him and his organisation? A government minister replied: The answer is no.

The honest answer to that question would have been yes.

Successive Labor and Coalition governments have collaborated in the persecution of Assange and WikiLeaks because of their support for the full alignment of Australian imperialism with its alliance partner, the US, in its escalating geo-strategic and military confrontation with China. The Australian ruling elite is just as hostile to an independent and critical media as its American counterpart.

There is little question that the new Australian foreign interference laws are intended to be used against media organisations that publish leaked information, which exposes US and Australian war plans against China. They can also potentially be used to criminalise anti-war political opposition and activity. Most ominously, the laws are being hailed internationally as a model for legislation in other countries.

Assange and WikiLeaks are a sharp example of the broader campaign to censor and silence oppositional voices. The fight to defend him is inseparable from the struggle to alert and mobilise the international working class against the ongoing attacks on fundamental democratic rights and against the danger of dictatorship and war.

SEP (Australia) to hold meetings on new foreign interference laws: A move towards dictatorship and war [3 July 2018]

Full WSWS Coverage on the defence of Julian Assange

Google is blocking the World Socialist Web Site from search results.

To fight this blacklisting:

Read more:
Persecution of WikiLeaks editor Julian Assange continues …