Black Hat has responded to the ongoing COVID-19 crisis and the need for strict distancing by going completely virtual for its American 2020 event. The rThreat team is pleased to sponsor this event to advance the goals of improving security, maintaining ongoing education, and officially launching our platform to the public. Join us at our virtual booth in the Business Hall, where you can meet our staff, schedule a demo of our breach and attack simulation technology, and participate in Passport to Prizes for a chance to win a $150 Amazon gift card from rThreat. 

We also have our own competition going on! Did you make invisible ink from lemon juice when you were a kid? I did! I have always been drawn to cryptography and spy technology. I think many people in our field have. That’s why I’ve put together a few puzzles to entice you to come to our virtual booth. If you love puzzles, register for access to the Business Hall (it’s free!) and take our Cryptography Challenge. If you correctly answer our three challenges, you can enter to win a free 90-day trial of rThreat’s breach and attack simulation technology and an Apple Watch! 

Cryptographic methodology used to be the pinnacle of security technology, and still remains at its core. Before the invention of computers, even before the discovery of electricity, codes and ciphers have been used to transmit information between business partners, between cities in fractured kingdoms, and between generals and scouts across warzones. Encrypting information is a technology so essential to human civilization, encryption devices and encrypted messages have been found in virtually every corner of the world throughout human history. 

While the cipher methods in our Black Hat 2020 cryptography challenge have been cracked for decades or centuries, and are therefore useless for protecting real secrets, studying these old methods of encryption is still an occasion for great excitement and wonder. The vastness of different encryption methods people have independently invented throughout our species’ history is a testament to our cleverness. And yet, the remarkable similarities in goals and methods of cryptography between distant groups reveals how remarkably like-minded people can be. 

Similar to how TTP analysis informs cybersecurity researchers about the goals, motivations, and identities of threat actors, the analysis of cultural phenomena (including, but not limited to cryptography) can teach us a lot about how humans think and behave. In particular, cryptography can give insight into what people value and who holds power. For example, if in a particular place and time in history, military orders were issued in code, but peace agreements were not, we might speculate that the military valued secrecy, or suspected its enemies of engaging in espionage, while the government valued transparency in law, or had no motivation to secrete its treaties, or had strong motivation to publicize its treaties. 

In the present day, what gets encrypted, how it gets encrypted, who has the right or ability to use encryption, who has the right or ability to break encryption, etc. can similarly inform our understanding of value and power in our society. If your lawmakers want to require backdoor access to all encrypted data, so that select government agents can read anyone’s data without obstruction, what might that say about your government? What might this say about the cultural, social, political, or economic function of cryptography in your country? 

Cryptography is also at the core of virtually all computer security concepts; from the essential – authentication of your identity to a computer system is accomplished by presenting a password or other secret token – to the applied – encryption guards access to banking, government records, email, etc. The encryption methods used in modern computer systems weren’t pulled out of thin air. They are the product of a thousands-year-old arms race for total information security. It’s not surprising, then, that long-defunct encryption methods remain useful for teaching the principles of cryptography. For every deprecated encryption method, there is a story about how it was cracked, and what revisions were made to re-establish security and advance the encryption arms race. These stories explain how modern encryption came to be.

Speaking of stories, if you’re currently working from home during the COVID-19 pandemic, you have probably found yourself with more free time than usual and a new thirst for entertainment. May I recommend that you make your next entertainment choice one that features cryptography? These movies range from only slightly inaccurate historical documentaries to completely farcical historical fantasy, and should not be used to learn actual history, but are very entertaining and feature concepts from cryptography at the forefront. They may also help you to solve our cryptography challenges if you get stuck! 

1. Imitation Game (2014) – British WWII codebreakers Alan Turing (Benedict Cumberbatch), Joan Clarke (Keira Knightley), and others defeat the German’s “Enigma” encryption machine. Mathematician Gordon Welchman, who was instrumental in realizing Turing’s Bombe machine, is strangely absent from this adaptation. 
2. National Treasure (2004) – Historian and treasure hunter Benjamin Gates (Nic Cage) races to unravel a series of ancient and modern clues arranged by the founding fathers of the United States, which he hopes will lead him to treasure. It bears virtually no resemblance to real history. 
3. The Da Vinci Code (2006) – “Symboligist” Robert Langdon (Tom Hanks) and “Cryptographist” Sophie Neveu (Audrey Tautou) investigate a murder in the Louvre, involving them in a (completely fictional) covert political and religious conflict. Based on the novel by Dan Brown. 

We hope to meet you at our virtual booth at Black Hat 2020. Come schedule a demo to see our breach and attack simulation technology in action, take our Cryptography Challenge, or just say hello! Register for free today: http://bit.ly/blackhatreg 

Do you want to learn more about cybersecurity? Please subscribe to our newsletter.