Orchids at the Missouri Botanical Garden

The Missouri Botanical Garden’s Orchid Show ended today.  I went on a date there yesterday to visit the Garden and see the show. [1]Luckily, my girlfriend didn’t mind my bringing my camera along.  I honestly didn’t know that there were this many different types of orchid; there were one or two hundred different varieties on display, and the Botanical Garden boasts more than 3,200 different species of orchid in their collection.

I took quite a few close shots of the orchids, and I’ve included my favorites below.  I’ve made slight adjustments to try to bring out their colors, and to emphasize their structures, but I’ve tried to keep everything as true-to-life as is possible.

While at the Garden, I also took a walk through the rest of their grounds.  While I put my camera away for much of it, I did get a few nice shots of various plants and trees.

I had an awesome time taking photos and walking around.  It was a little crowded, but still pretty nice.  I don’t really make it over to the Garden as much as I would like to, but hopefully I’ll have a chance to visit another time or two during spring break.


References

References
1 Luckily, my girlfriend didn’t mind my bringing my camera along.

What is asymmetric cryptography?

Whitfield Diffie and Martin Hellman were jointly awarded the 2015 ACM A.M. Turing Award today.  Their 1976 paper, New Directions in Cryptography, essentially created asymmetric cryptography.  Today, asymmetric cryptography secures our online communications—from PGP-secured texts, emails, and files, to TLS and SSL-secured websites (including this one).  So how does asymmetric cryptography work, and how is the Diffie-Hellman key exchange more secure than older methods of encryption?

Symmetric encryption

Symmetric encryption relies on a key [1]Essentially, a key is a piece of really complicated math. shared between two or more people.  A message is encrypted using this key, and can then be decrypted by the same key held by somebody else.  Think of it like the front door of a house.  Alice has a key to the door, so she can lock and unlock the door.  Bob also has a key, so he can also lock and unlock the door.  In fact, anyone with a copy of that key can both lock and unlock the door whenever they want.  In the case of a message, this means that anyone with the right key can encrypt (lock) the message, or decrypt (unlock) the message.

It’s possible to break symmetric encryption [2]It’s also possible to break asymmetric encryption, or any encryption, though it takes time.  Perhaps one of the most famous examples is from World War II, when the Allies were struggling to crack encrypted Nazi communications.  The encryption was created with a key that changed daily, and through the use of the Enigma machines.   The cryptography was eventually broken, but largely through the skill of the codebreakers, poor operating practice from some of the German operators, and the capture of key tables and hardware by the Allies.

Asymmetric encryption

Asymmetric encryption, in contrast to symmetric encryption, uses a pair of keys to encrypt messages.  One of the two keys is made public to everyone, and one is kept private (the two types of keys were called, cleverly enough, the public key and the private key, respectively).  Messages encrypted with the public key can only be decrypted using the private key [3]Basically, the message is sent through a mathematical formula that only works one way… unless you have the incredibly complicated and unique formula that comprises the private key., which ensures that the contents of the message can’t be read by anyone except the holder of the (hopefully secure) private key.  So if Alice wants to send an encrypted message to Bob, she starts by finding his public key.  She then encrypts her message using that, and sends it to Bob.  When Bob receives it, he uses his private key to decrypt the message.  If he wants to respond, he can encrypt his reply using Alice’s public key, and the cycle continues.  Since the public keys are usually published or exchanged in a way that lets each party be confident that it belongs to whomever they are sending it to, this ensures that the identity of the recipient can be verified.  Alice knows that only Bob can unlock her message, and Bob knows that only Alice can unlock his.

This is commonly used on websites that are secured by SSL/TLS (including this one).  Pretty much every major website is secured via SSL, and browsers will display a green padlock in the address bar of secured sites.  This serves two purposes; it will prove that the website belongs to whomever it purports to belong to, and it encrypts traffic between your computer and the website so that it can’t be read by attackers, your ISP, or others who may have a vested interest in what you do.
This works in exactly the same way that the messages between Alice and Bob did.  When you visit a website secured with SSL, your browser and the server exchange public keys.  The server encrypts traffic to you using your public key, which your browser decrypts.  And your browser encrypts traffic to the server using the server’s public key, which the server decrypts.  Anyone trying to listen in on the conversation your browser and the server are having will hear nothing but random gibberish.  There’s one additional thing that your browser does to ensure that it’s not talking to a fake server that’s pretending to be the real website: it takes the public key presented by the server, and it compares it to a repository of public keys.  If it matches, it’s the real server.  If it doesn’t, it could be an imposter– and somebody could be listening in.

So the next time you’re wandering around the web, take a minute to appreciate that little green padlock in the corner of your screen, and think about the incredibly complicated math that underpins security on the internet.  It works invisibly to keep your communications safe, secure, and most importantly—private.


I’m not a cryptographer or a security specialist, just somebody who enjoys reading and learning about security.  If you think I left out something important, please send me an email so I can fix it.

References

References
1 Essentially, a key is a piece of really complicated math.
2 It’s also possible to break asymmetric encryption, or any encryption
3 Basically, the message is sent through a mathematical formula that only works one way… unless you have the incredibly complicated and unique formula that comprises the private key.

Email server admins are underappreciated

Today I reconfigured a server I maintain for the Office of Residential Life and Housing.  It broke yesterday because of a database issue, but I’ve taken this as an opportunity to rebuild and improve it with an included email server.  I have it mostly up and running now, but it’s been a long, slow process that took far longer than I expected it to (as a sidenote, this would have been far easier if the backups I had were up-to-date.  Always check your backups!)

Building an email server is more difficult than I expected.  I almost expected to just run sudo apt-get install postfix and have an email server up and running; sure, it would need some configuration, but I’d be able to start sending and receiving mail almost immediately.  And yes, that might be true if I installed something like Mail-in-a-Box or iRedMail, but I decided that that was too easy, jumped into the deep end, and immediately started configuring a mail server using Postfix, Dovecot, MySQL, and Spamassassin (and would have been instantly lost if it hadn’t been for this awesome guide).  So I spent twelve hours copying and adapting code to my purpose, rewriting databases, adding users, restarting when I messed up.

It was absolutely awesome.

There’s something about taking the blank screen of a terminal, typing commands across it, and making something work.  When you reload the page and it actually works the way you want it to, there is an immense feeling of satisfaction and accomplishment.  You took something that was blank and empty, and turned it into something useful.  There’s no feeling quite like it in the world.

That said, I’m totally using one of the ready-to-deploy email servers next time.  Making something work is fantastic when you have the time to do that, but sometimes you just really need to have whatever you’re working on to be up and running.

Listing image by RobH, from Wikimedia. Used under the Creative Commons Attribution-Share Alike 3.0 Unported license.

How Stories Drive the Stock Market

I came across this article today in The New York Times written by Robert Shiller.  Shiller is a Sterling Professor at Yale University who studies macroeconomics, behavioral economics, and public attitudes regarding markets, so he’s very qualified to discuss the role of stories in our economy.

The general gist of the article, as I understand it, is that stock markets are driven as much by feelings and stories than they are by data and rationality.  It underscores the need to critically inspect information that you’re given– it may be rooted in truth, but it could easily be influenced by emotion.  It also underscores why economic predictions can be so difficult to get right, and why economics is a social science; our assumptions are rooted in the belief that people are rational actors who carefully make the best decisions possible, even though people are famously irrational.  If we’re driven by stories and emotions, it’s much harder to predict people’s actions and reactions.

 

Listing image by Sam valadi, and used under the Creative Commons Attribution 2.0 license.