# C STUIO. Project 2 — Making Abstract Concrete

## CD Studio Project 2/ CMU MDes 2016 Fall

### 10/03/2016 Topic Statement — Encryption

Encryption is a way to achieve digital data security in transit across all sorts of networks, not just the Internet. The primary purpose of encryption is to protect the confidentiality of digital data. Besides that, it also provides other key elements of security: authentication(The origin of a message can be verified); integrity(proof that the content has not been changed since it was sent); non-repudiation (the sender of a message cannot deny sending the message).

The encryption algorithm is a procedure of converting electronic data(plaintext) into encrypted text (ciphertext) by an encryption key. Only a recipient who has the required key can get access to these content by decrypting ciphertext back into plaintext, which protects them from being read by unauthorized parties.

There are two main types of keys in cryptography system — symmetric key and asymmetric key (also called as public key). In symmetric key schemes, the encrypting and decrypting key are identical. The risk in this system is that if either party loses the key or the key is intercepted, the system is broken and messages cannot be exchanged securely.While in asymmetric schemes, on contrast, the two keys are distinct but mathematically linked, which are typically used in conjunction to communicate. The challenge for this system is that significant computing resources are required to create long, strong private keys.

Symmetric-key encryption is much faster than asymmetric encryption, but it requires securely distributing and managing large numbers of keys, which means most cryptographic processes use a symmetric algorithm to efficiently encrypt data but use an asymmetric algorithm to exchange the secret key.

Brute force is the most common way to attack an encrypted piece of data, which means trying each key until the right one is found. The length of the key determines encryption strength. Alternative methods of breaking a cipher are to attack the cipher’s implementation. An error in system design or execution can allow such attacks to succeed. Another approach is to find a weakness in the cipher that can be exploited with a complexity less than brute force. The challenge of successfully attacking a cipher is easier of course if the cipher itself is flawed in the first place.

#### Source：

- Bellare, Mihir. “Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements.” Springer Berlin Heidelberg, 2000. Page 1.
- Margaret, Rouse. “Encryption.” TechTarget
- “Encryption.” Webo pedia
- Jeff, Tyson. “How Encryption Works.” How stuff works

### 10/05/2016 Actors and Relationships

According to the statement of the concept “Encryption”, six main actors have been defined — location, plaintext, ciphertext, Key, cipher’s implementation, data attacker.

### 10/06/2016 Class & Peer Review

#### Feedbacks

- Maybe include more background information at the beginning
- It might not be a good idea to end the story by telling how to attack an encrypted piece of data.
- How do reciepiants receive the key? Does the people who send the data need to send a key as well?

### 10/08/2016 Rewrite for Encryption

Encryption is a way to achieve digital data security in transit across all sorts of networks; every time someone uses an ATM or buys something online with a smartphone, makes a mobile phone call or presses a key fob to unlock a car, encryption is used to protect the information being relayed.Encrypting text means concealing its readability and meaning, which is also named as cipher. Almost all serious ciphers use both a key (a variable that is combined in some way with the unencrypted text) and an algorithm (a formula for combining the key with the text) to convert electronic data(plaintext) into encrypted text (ciphertext).

There are two main types of keys in cryptography system — symmetric key and asymmetric key (also called as public key). In symmetric key schemes, the encrypting and decrypting key are identical. When the encrypted file is given to a recipient, they can use the encryption key to “unlock” the encoded document and decrypt it into plain text or a readable file. But this exposes a security flaw in this method: Somehow or other, the encryption key has to be delivered to the recipient, too — otherwise the encrypted data will stay encrypted. A password sent as plain text is an inherent risk: If it’s intercepted, the encrypted communications become fair game.

On contrast, public-key encryption uses two keys for locking and opening up data: a public key that is shared with anyone, and a private key that stays with the sender of encrypted data. For example, in an asymmetric transaction, a sender A asks a recipient B to send B’s public key to A, while a private key being kept by B very much to himself/herself. After A gets B’s public key, he/she uses it to encrypt the file and send it to B. Once B receives the file, he/she can then decrypt the file with the private key to read it. Even though the public keys the ones used to encrypt data — are out in the open, they can’t be analyzed to find out the private key. Furthermore, if either of the sender’s or recipient’s private key is got ahold by unauthorized parties, they can only see one side of this conversation.Thus, most cryptographic processes use a symmetric algorithm to efficiently encrypt data but use an asymmetric algorithm to exchange the secret key.

Key generation is very important, because keys need to be truly random, in order to make sure no machine can easily figure out what the key is through mathematical guesswork. Even though both symmetric and asymmetric encryption use keys, they use different methods to generate those keys. Symmetric encryption breaks data into smaller blocks in a method called block ciphering. Block ciphering (for example, 64 contiguous bits) at once as a group rather than to one bit at a time. So that identical blocks of text do not get encrypted the same way in a message (which might make it easier to decipher the ciphertext), it is common to apply the ciphertext from the previous encrypted block to the next block in a sequence. So that identical messages encrypted on the same day do not produce identical ciphertext, an *initialization vector* derived from a *random number generator* is combined with the text in the first block and the key. This ensures that all subsequent blocks result in ciphertext that doesn’t match that of the first encrypting.

A public-key encryption algorithm takes an approach that uses a hash value to encrypt data(Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string.). With hash values, the data is treated as one big number, which is multiplied by another very large number, with the remainder calculated after dividing the data with a third very large number. That remainder is converted to text.This would be nearly impossible to reverse engineer, because without knowing any of the factors in the formula — the original number being multiplied (which represents the actual data), the multiplier or the denominator — there is virtually no chance that you’re going to get the algorithm.

#### source:

- Margaret, Rouse. “Encryption.” TechTarget. http://searchsecurity.techtarget.com/definition/encryption.
- Margaret, Rouse. “Cipher.” TechTarget.http://searchsecurity.techtarget.com/definition/cipher.
- Brian, Proffitt. “Understanding encryption. Here’s the key.” Readwrite. http://readwrite.com/2013/09/19/keys-understanding-encryption/.

### 10/10/2016 Redefine Actors & Relationship

### 10/11/2016 Class & Work Session

#### Next Step

Polish the script and start to make storyboard. Besides that, do some interviews with classmates to assure it is understandable for people who do not have relevant professional background knowledge.

Encryption is a way to achieve digital data security in transit across all sorts of networks; every time someone uses an ATM or buys something online with a smartphone, makes a mobile phone call or presses a key fob to unlock a car, encryption is used to protect the information being relayed.Encrypting text means concealing its readability and meaning, which is also named as cipher. Almost all serious ciphers use both a key (a variable that is combined in some way with the unencrypted text) and an algorithm (a formula for combining the key with the text) to convert electronic data(plaintext) into encrypted text (ciphertext).

There are two main types of keys in cryptography system — symmetric key and asymmetric key (also called as public key). In symmetric key schemes, the encrypting and decrypting key are identical. When the encrypted file is given to a recipient, they can use the encryption key to “unlock” the encoded document and decrypt it into plain text or a readable file. But this exposes a security flaw in this method: Somehow or other, the encryption key has to be delivered to the recipient, too — otherwise the encrypted data will stay encrypted. A password sent as plain text is an inherent risk: If it’s intercepted, the encrypted communications become fair game.

On contrast, public-key encryption uses two keys for locking and opening up data: a public key that is shared with anyone, and a private key that stays with the sender of encrypted data. For example, in an asymmetric transaction, a sender A asks a recipient B to send B’s public key to A, while a private key being kept by B very much to himself/herself. After A gets B’s public key, he/she uses it to encrypt the file and send it to B. Once B receives the file, he/she can then decrypt the file with the private key to read it. Even though the public keys the ones used to encrypt data — are out in the open, they can’t be analyzed to find out the private key. Furthermore, if either of the sender’s or recipient’s private key is got ahold by unauthorized parties, they can only see one side of this conversation.Thus, most cryptographic processes use a symmetric algorithm to efficiently encrypt data but use an asymmetric algorithm to exchange the secret key.

Key generation is very important, because keys need to be truly random, in order to make sure no machine can easily figure out what the key is through mathematical guesswork. Even though both symmetric and asymmetric encryption use keys, they use different methods to generate those keys. Symmetric encryption breaks data into smaller blocks in a method called block ciphering. Block ciphering (for example, 64 contiguous bits) at once as a group rather than to one bit at a time. So that identical blocks of text do not get encrypted the same way in a message (which might make it easier to decipher the ciphertext), it is common to apply the ciphertext from the previous encrypted block to the next block in a sequence. So that identical messages encrypted on the same day do not produce identical ciphertext, aninitialization vectorderived from arandom number generatoris combined with the text in the first block and the key. This ensures that all subsequent blocks result in ciphertext that doesn’t match that of the first encrypting.

A public-key encryption algorithm takes an approach that uses a hash value to encrypt data(Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string.). With hash values, the data is treated as one big number, which is multiplied by another very large number, with the remainder calculated after dividing the data with a third very large number. That remainder is converted to text.This would be nearly impossible to reverse engineer, because without knowing any of the factors in the formula — the original number being multiplied (which represents the actual data), the multiplier or the denominator — there is virtually no chance that you’re going to get the algorithm.

### 10/12/2016 Class & Work Session

#### Rewrite the description

Every time someone uses an ATM or buys something online with a smartphone, makes a mobile phone call or presses a key fob to unlock a car, encryption is used to protect the information being relayed. Encryption, at its core, is similar to those decoder rings you played with when you were little. You have a message, you encode it using a secret cipher, and only other people with the cipher can read it. All modern ciphers use both a key and an algorithm to convert electronic data into encrypted text.

When Andrew wants to send some information to Blair, to assure the data safe, he uses a encrypting key to encode it to make it unreadable. Then after receiving the information, Blair decodes it to read it with a decrypting key.

There are two main types of keys in cryptography system — symmetric key and asymmetric key (also called as public key).

If they use symmetric keys, the encrypting and decrypting key are identical. When the encrypted file is given to a Blair, both Andrew and Blair can use the encryption key to “unlock” the encoded document and decrypt it into plain text or a readable file. But this exposes a security flaw in this method: Somehow or other, the encryption key has to be delivered to Blair as plain text, which is an inherent risk: If it’s intercepted, the encrypted communications become fair game.

On contrast, public-key encryption uses two keys for locking and opening up data: a public key that is shared with anyone, and a private key that stays with the sender of encrypted data. For example, Andrew asks Blair to send her public key to him, while a private key being kept by Blair very much to herself. After Andrew gets Blair’s public key, he uses it to encrypt the file and send it to her. Once Blair receives the file, she can then decrypt the file with the private key to read it. When Blair wants to send some data back to Andrew, they have to reverse this process and do it again. Even if either of the Andrew’s or Blair’s private key is got ahold by unauthorized parties, they can only see one side of this conversation.Thus, most cryptographic processes use a symmetric algorithm to efficiently encrypt data but use an asymmetric algorithm to exchange the secret key.

Any time that you send information across the Internet, it can be viewed by just about anyone that would want to see it. Encryption protects our data. It protects our data from criminals. It protects it from competitors, neighbors, and family members. It protects it from malicious attackers, and it protects it from accidents. It protects our conversations, whether video, voice, or text. It protects our privacy. It protects our anonymity. And sometimes, it protects our lives.

### 10/18/2016 Class & Work Session

#### Rewrite the description (Focusing on two keys and algorithms)

Every time you make a mobile phone call, buy something online with a smartphone, use an ATM, have a physical examination, or presses a key fob to unlock a car, encryption is used to protect the information being relayed. Encryption, at its core, is similar to those decoder rings you played with when you were little. You have a message, you encode it using a secret cipher, and only other people with the cipher can read it.

All modern ciphers use both a key and an algorithm to convert electronic data into encrypted text and change it back later. The key used by sender to encode data is called as encrypting key, while the other one used by recipient to decode information is named as decrypting key. There are two main types of keys in cryptography system — symmetric key and asymmetric key.

Imagine Andrew wants to send some information to Blair. If he chooses symmetric key, he the encrypting and decrypting key are identical, which means both Andrew and Blair can use their keys to “unlock” the encoded document and decrypt it into a readable file. But this exposes a security flaw in this method: the encryption key has to be delivered to Blair as plain text, which is an inherent risk: If it’s intercepted, the encrypted communications become fair game.

On the other hand, if they choose using asymmetric keys, there are two keys for locking and opening up data. For example, Andrew asks Blair to send her public key to him, while a private key being kept by Blair very much to herself. After Andrew gets Blair’s public key, he uses it to encrypt the file and send it to her. Once Blair receives the file, she can then decrypt the file with the private key to read it. If Blair wants to send some information back to Andrew, they have to reverse this process and do it again. The public key can be shared with anyone, and the private keys only stay with the sender of encrypted data. Even if either of the Andrew’s or Blair’s private key is got ahold by unauthorized parties, they can only see one side of this conversation.

Encryption is only one layer of the security process. Any time that you send information across the Internet, it can be viewed by just about anyone that would want to see it. Encryption protects our data. It protects our data from criminals. It protects it from competitors, neighbors, and family members. It protects it from malicious attackers, and it protects it from accidents. It protects our conversations, whether video, voice, or text. It protects our privacy. It protects our anonymity. And sometimes, it protects our lives.

### 10/18/2016 Class & Work Session

#### Rewrite the description…again (to explain encryption with Caesar’s Cipher)

[introduction & What is it?]

Every time we send a email, buy something online, log in social network website, or drive with a navigation system, we are exchanging private information(credit card numbers, password, purchasing record, location) through internet, an open and public system. Encryption is the process to keep these data secretly on this open platform, which is changing and scrambling the content to hide the original data.

[How does it work?- Part 1]

One of the well-known encryption is Caesar’s Cipher, which is moving the letters in an alphabet with a certain number of spaces down. The number only knowning by sender and recipient is called as a “key”. For example, to send the message “HELLO” while using a key of 3, the message would be “JGNNQ”. However the big flaw of Caesar’s Cipher is anyone could find out the key and decrypt the information by trying every possible one since there are only 26 letters in English alphabet.

To make it more difficult to cipher, we can use several different key sequently while adopting longer keys. longer keys with more possible key solutions allows shifting each letter by different number thus . For instance a 10 digit-key means 10 billion key solutions. Today, we use 56 bits, 168 bits, and even 256 bits keys. It takes 1 minute to cipher a piece data which is cyphered by three 1 digit keys, but it will cost 260,000 years for a computer to cipher a 168 bits key.

[How does it work?- Part 2]

There are two main types of keys in cryptography system — symmetric key and asymmetric key. In symmetric key encryption, like Caesar’s Cipher, sender needs to send the key to recipient along with the encrypted message, which is obviously not safe enough on the internet. Thus here comes the asymmetric keys. There are two keys in asymmetric encryption — a public key to encrypt information and a private key to decrypt it. For example, Alice wants her friend Brown to send her some message, so she generates a public key and send it to him, while a private key being kept by Alice very much to herself. After Brown gets Alice’s public key, he uses it to encrypt the file and send it to her. Once Alice receives the file, she can then decrypt the file with the private key to read it. If Alice wants to send some information back to Andrew, they have to reverse this process and do it again. The public key can be shared with anyone, and the private keys only stay with the sender of encrypted data.

[Summation]

Since a increasing number of people have been spending more and more time on the internet, more and more data are transformed on the internet. The need of data security has become more and more important. Encryption protects our data. It protects it from competitors, neighbors, and family members. It protects it from criminals, malicious attackers, and it protects it from accidents. And sometimes, it protects our lives.

### 10/20/2016 Class & Work Session

#### Rewrite the description…another time (Delete the symmetric and asymmetric algorithm part)

[introduction & What is it?]

Every time we send a email, buy something online, log in social network website, or drive with a navigation system, we are exchanging private information(credit card numbers, password, purchasing record, location) through internet, an open and public system. Encryption is the process to keep these data secretly on this open platform, which is changing and scrambling the content to hide the original data.

[How does it work?]

One of the well-known encryption is Caesar’s Cipher, which is moving the letters in an alphabet with a certain number of spaces down. The number only knowning by sender and recipient is called as a “key”. For example, to send the message “HELLO” while using a key of 3, the message would be “JGNNQ”. However the big flaw of Caesar’s Cipher is anyone could find out the key and decrypt the information by trying every possible one since there are only 26 letters in English alphabet.

To make it more difficult to cipher, we can use several different key sequently while adopting longer keys. longer keys with more possible key solutions allows shifting each letter by different number thus . For instance a 10 digit-key means 10 billion key solutions. Today, we use 56 bits, 168 bits, and even 256 bits keys. It takes 1 minute to cipher a piece data which is cyphered by three 1 digit keys, but it will cost 260,000 years for a computer to cipher a 168 bits key.

[Why it is important?]

Since a increasing number of people have been spending more and more time on the internet, more and more data are transformed on the internet. The need of data security has become more and more important. Encryption protects our data. It protects it from competitors, neighbors, and family members. It protects it from criminals, malicious attackers, and it protects it from accidents. And sometimes, it protects our lives.

#### Inspiration graphics

[possible direction 1]

Since the the major part of the script is storytelling, Roy Lichtenstein style could be a suitable to achieve this goal. Meanwhile, I want to establish a visual style using one default color and one main color combing with various textures to convey information. The advantage of this visual style is providing the animation and the transition between shots more viable and more free.

[possible direction 2]

Four to five main strong colors with geometric shapes. The use of strong colors is helpful to enhance the comparison between different actors and the relationship among the ones which belong to same category.