[Cryptography] high-school crypto project

Dave Horsfall dave at horsfall.org
Wed May 7 18:15:45 EDT 2014 

On Wed, 7 May 2014, John Denker wrote:

> Well, first of all, it is not true that "everything else has already 
> been done in standard cryptography".  The fact that you would say this 
> suggests that your background in cryptography is not as strong as you 
> think it is.

And also mention that according to Bruce Schneier and other experts in 
crypto, don't even *think* of writing your own crypto system (unless all 
you want to do is stop your kid sister, in which case ROT-13 will probably 
suffice) until you've broken a couple.

Read (or at least skim) Applied Cryptography by Bruce Schneier at a 
minimum, and possibly Handbook of Applied Cryptography by Menezes et al.

One famous quote (origin forgotten): "Crypto is too important to be left 
to amateurs."

> Secondly, quantum cryptography is the most-challenging area of a 
> challenging subject.  It requires an understanding of physics waaaay 
> beyond anything that is normally covered in high school. Quantum 
> cryptography would make more sense as a graduate thesis of above-average 
> difficulty, rather than as a high-school project.

It's still worth a brief mention, though.  Kids are unbelievably smart 
these days.

> However, even that would require a lot of work, to do it properly. 
> Remember that there is a lot more to security than just crypto. For 
> example, securing a set of election results requires verrry much more 
> than resistance to wiretapping.

Heh.  In the Obfuscated C Code Contest, someone submitted a program that 
purported to count votes, but actually skewed them towards a particular 
candidate.  It was not obvious upon a casual inspection (and I've been 
writing in C for years); it was *evil*.

> Perhaps an even better option would be to take one of the open questions 
> discussed on this list, and write a review.  Pick something that doesn't 
> require graduate-level physics.  For example, a few weeks ago there was 
> a discussion of sending encrypted email and (!) cover traffic via a 
> netnews stream, thereby providing a certain amount of anonymity and 
> deniability. A number of suggestions were made a different times.  It 
> might be worth writing a review that collects, evaluates, and harmonizes 
> the various suggestions.

All great ideas.

In summary, if he can make the class go "wow!", then they'll never forget 
it.

The original poster certainly got what he asked for :-)

-- Dave

More information about the cryptography mailing list