massive re-write from org-publish to weblorg

1 files changed, 0 insertions, 103 deletions

diff --git a/blog/aes-encryption/index.org b/blog/aes-encryption/index.org
deleted file mode 100644
index 03dcbf9..0000000
--- a/blog/aes-encryption/index.org
+++ /dev/null
@@ -1,103 +0,0 @@
-#+title: AES Encryption
-#+description: Learn how the AES Encryption algorithm works.
-#+date: <2018-11-28 Wed>
-#+filetags: :security:
-
-* Basic AES
-If you're not familiar with encryption techniques, [[https://en.wikipedia.org/wiki/Advanced_Encryption_Standard][AES]] is the *Advanced
-Encryption Standard*. This specification was established by the National
-Institute of Standards and Technology, sub-selected from the Rijndael family of
-ciphers (128, 192, and 256 bits) in 2001. Furthering its popularity and status,
-the US government chose AES as their default encryption method for top-secret
-data, removing the previous standard which had been in place since 1977.
-
-AES has proven to be an extremely safe encryption method, with 7-round and
-8-round attacks making no material improvements since the release of this
-encryption standard almost two decades ago.
-
-#+begin_quote
-Though many papers have been published on the cryptanalysis of AES, the fastest
-single-key attacks on round-reduced AES variants [20, 33] so far are only
-slightly more powerful than those proposed 10 years ago [23,24].
-
-- [[http://research.microsoft.com/en-us/projects/cryptanalysis/aesbc.pdf][Bogdonav, et al.]]
-#+end_quote
-
-* How Secure is AES?
-In theory, AES-256 is non-crackable due to the massive number of combinations
-that can be produced. However, AES-128 is no longer recommended as a viable
-implementation to protect important data.
-
-A semi-short [[http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html][comic strip]] from Moserware quickly explains AES for the public to
-understand. Basically AES encrypts the data by obscuring the relationship
-between the data and the encrypted data. Additionally, this method spreads the
-message out. Lastly, the key produced by AES is the secret to decrypting it.
-Someone may know the method of AES, but without the key, they are powerless.
-
-To obscure and spread the data out, AES creates a substitution-permutation
-network. Wikipedia has a wonderful [[https://upload.wikimedia.org/wikipedia/commons/thumb/c/cd/SubstitutionPermutationNetwork2.png/468px-SubstitutionPermutationNetwork2.png][example of an SP network]] available. This
-network sends the data through a set of S boxes (using the unique key) to
-substitute the bits with another block of bits. Then, a P box will permutate, or
-rearrange, the bits. This is done over and over, with the key being derived from
-the last round. For AES, the key size specifies the number of transformation
-rounds: 10, 12, and 14 rounds for 128-bit, 192-bit, and 256-bit keys,
-respectively.
-
-* The Process
-1. *KeyExpansion=: Using [[https://en.m.wikipedia.org/wiki/Advanced_Encryption_Standard][Rijndael's key schedule]], the keys are dynamically
-   generated.
-2. *AddRoundKey*: Each byte of the data is combined with this key using bitwise
-   xor.
-3. *SubBytes*: This is followed by the substitution of each byte of data.
-4. *ShiftRows*: Then, the final three rows are shifted a certain number of
-   steps, dictated by the cipher.
-5. *MixColumns*: After the rows have been shifted, the columns are mixed and
-   combined.
-
-This process does not necessarily stop after one full round. Steps 2 through 5
-will repeat for the number of rounds specified by the key. However, the final
-round excludes the MixColumns step. As you can see, this is a fairly complex
-process. One must have a solid understanding of general mathematic principles to
-fully understand how the sequence works (and to even attempt to find a
-weakness).
-
-According to research done by Bogdanov et al., it would take billions of years
-to brute force a 126-bit key with current hardware. Additionally, this brute
-force attack would require storing 2^{88} bits of data! However, there are a few
-different attacks that have been used to show vulnerabilities with the use of
-this technology. Side-channel attacks use inadvertent leaks of data from the
-hardware or software, which can allow attackers to obtain the key or run
-programs on a user's hardware.
-
-Please note that this is not something you should run out and try to implement
-in your =Hello, World!= app after only a few hours of research. While AES
-(basically all encryption methods) is extremely efficient in what it does, it
-takes a lot of time and patience to understand. If you're looking for something
-which currently implements AES, check out the [[https://www.bouncycastle.org/documentation.html][Legion of the Bouncy Castle]] for
-Java implementations of cryptographic algorithms.
-
-* Why Does Encryption Matter?
-There are limitless reasons to enable encryption at-rest or in-transit for
-various aspects of your digital life. You can research specific examples, such
-as [[https://arstechnica.com/tech-policy/2018/12/australia-passes-new-law-to-thwart-strong-encryption/][Australia passes new law to thwart strong encryption]]. However, I will simply
-list a few basic reasons to always enable encryption, where feasible:
-
-1. Privacy is a human right and is recognized as a national right in some
-   countries (e.g., [[https://www.law.cornell.edu/wex/fourth_amendment][US Fourth Amendment]]).
-2. "Why not?" Encryption rarely affects performance or speed, so there's usually
-   not a reason to avoid it in the first place.
-3. Your digital identity and activity (texts, emails, phone calls, online
-   accounts, etc.) are extremely valuable and can result in terrible
-   consequences, such as identity theft, if leaked to other parties. Encrypting
-   this data prevents such leaks from ruining lives.
-4. Wiping or factory-resetting does not actually wipe all data from the storage
-   device. There are methods to read data from the physical disks/boards inside
-   devices.
-5. Corporations, governments, and other nefarious groups/individuals are
-   actively looking for ways to collect personal information about anyone they
-   can. If someone's data is unencrypted, that person may become a target due to
-   the ease of data collection.
-
-​*Read More:*
-
-- [[http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf][Federal Information Processing Standards Publication 197]]