Cracking the Enigma: How Alan Turing was destroyed by the people he saved

alan-turing-s-100th-12-celebratory-images-from-across-the-web-f0424e174dDuring WW2, Germany coordinated their war strategy through a series of encrypted messages, passed from central command to their armed forces. German cryptologists used an Enigma machine to do this. Enigma used Symmetric Cryptography, meaning that the same key was used for both encryption and decryption. Each letter was sent through a series of circuits (consisting of a plug board and 3 rotating wheels) to create a highly randomized output.  The key is the Enigma set-up itself, which is the choice/order of the wheels, the ring setting and plug connections. Enigma configurations were changed daily. Every month, the Germans distributed a key sheet to Enigma operators. This contained a list of different configurations for each day of the month. This key sheet was critical to be able to decrypt the codes. As there were 159 million possible Enigma settings, the time taken to go through all the possible Enigma configurations to decrypt a message would not have been worth the effort.
2009-09-25_3946 The British needed a fast method to decrypt the codes. German troops were advancing fast and the Allied troops needed an advantage. They hired a team of mathematicians and problem solvers to create a decryption machine. Alan Turing lead efforts in Bletchley Park to create one he called The Bombe (not to be confused with another Polish machine of the same name). Exploiting a critical flaw in Enigma, the Bombe was able to decrypt Enigma messages in under 20 minutes. As the Enigma has a rule that a letter could not become itself, the Bombe worked backwards to deduce all the impossible rotor and plug board configurations that violated this rule. It was able to do this very quickly via electrical circuits.

Click here for more information about how Enigma worked and how it was finally broken: 
royal-navy3

As the British wanted to continue to spy on the German forces, the operation continued on in secret. This action resulted in the saving of countless lives and the allied success of key battles, including D-Day. After the war, Alan Turing went on to work for the National Physical Laboratory and published a paper on Artificial Intelligence in 1950 called “The Turing Test”.

Despite all his achievements, Alan Turing’s contributions to allied war victory went mostly unnoticed. He was disgraced and arrested for homosexuality in 1952. He was given a choice of imprisonment or hormone treatments to “cure” his homosexuality. He chose hormone treatments. This didn’t “cure” his homosexuality, instead it resulted in his suffering of emotional and physical scars during the ordeal, eventually culminating to his death at the young age of 41. It wasn’t until 2009 that Britain issued an official apology to Turing.

152074-apple-versus-samsung-sorry-seems-to-be-the-hardest-word1_4352093

Gordon Brown “He truly was one of those individuals we can point to whose unique contribution helped to turn the tide of war,” said Brown. “The debt of gratitude he is owed makes it all the more horrifying, therefore, that he was treated so inhumanely. … Alan and the many thousands of other gay men who were convicted as he was convicted, under homophobic laws, were treated terribly.”

http://www.findingdulcinea.com/news/on-this-day/March-April-08/On-this-Day–British-WWII-Code-Breaker-Goes-on-Trial-for-Homosexuality.html

images6D2USYA6

Alan Turing is now regarded as a father of Cryptography, Artificial Intelligence and the modern computer. In 2014, Benedict Cumberbatch starred as Alan Turing in The Imitation Game, which became the highest grossing independent film in the year. It was nominated in eight categories in the 87th Academy Awards and won the People’s Choice Award at the 39th Toronto International Film Festival. This film was also honored for bringing Turing’s legacy to the public. Alan Turing was also honored at the 2015 London Pride march as a Pride Hero for his contributions. His family represented him in the march. This also happened to coincide with a landmark USA Supreme Court ruling that gay marriage would be recognized under the US Constitution, making all marriages legal across America

Gay-Pride_2015

Advertisements

3 Training grounds to train the white-hacker in you

problem-solving

For those interested in learning about IT security or sharpening their skills, there are free websites that provide great resources and a safe training ground for new professional security professionals/ethical hackers. Even for veterans in the field, these sites can either help you confirm what you already know or broaden your knowledge. Before you start – Having a background in IT is recommended. While you don’t need to be an expert, having some knowledge will go a long way in being able to understand and complete some of the exercises.

  1. OWASP (Open Web Application Security Project). This is a security community with a mission to keep users informed and kept up-to-date about critical application security flaws currently being exploited. This includes an annual list of Top 10 Most Critical Web Application Security Risks, describing what they are, example attacks and how to avoid them. Additionally, OWASP provides free resources (videos/guidelines) for developers to test and review their own code for vulnerabilities.
  1. asecuritysite.com. Not only does this site provide a great selection of theoretical reading, challenges and sample tests for certification exams (e.g. A+, CCNA, ethical hacker to name just a few) but it also teaches you the basics of Cryptography in simple/digestible language. There are also practical calculators to help you understand how Crypto mathematics works e.g. Simple RSA and DSA Calculators.
  2. hackthissite.org. This is a free training ground for white hackers of all levels. This takes a no-nonsense, learn-by-doing approach to teaching. Once you have signed up, you literally need to hack your way through all the basic levels until you “graduate” to the intermediate and hard levels. Each level provides a new lesson about insecure coding. Although it takes some patience and persistence to complete some of the exercises, the personal rewards are well worth it! Hacking websites is not legal and can lead to criminal charges so for those who have those intentions, this isn’t for you. However, for ethical hackers or site developers/administrators who are interested in developing safer sites and up for the challenge, then go for it!

Of-course, if you are still needing more information about anything, there is great community at http://security.stackexchange.com/!