Lesson 6: Keeping Data Secret
Students have a discussion on the different levels of security they would like for personal data. Once the class has developed an understanding of the importance of privacy, they learn about the process of encrypting information by enciphering a note for a partner and deciphering the partner's note. The class concludes with a discussion about the importance of both physical and digital security.
As students have been encoding and decoding with data, they have not been worried about the securing of the data that they are using. In this lesson, they begin to think about how they can ensure that only the intended recipient can read the data that they send. They will use a simple cipher to encode a message. Students should understand that in order to encrypt a message, they need both an algorithm and a key, and that it is important that the key be kept secret.
Warm Up (5 mins)
Activity (40 mins)
Wrap Up (5 mins)
Students will be able to:
- Apply a method of encryption to ensure the secure transmission of data.
- Use both physical and digital security measures to secure data.
For the Teacher
- Keeping Data Secret - Exemplar
For the Students
- Keeping Data Secret - Activity Guide
- Decrypt - to change information so that its hidden meaning is shown
- Encrypt - to change information so that its meaning is hidden
Warm Up (5 mins)
Display the binary string from Code Studio Level 2.
The prompt serves to kick off the review of what someone needs in an encoding system. Students should understand that without knowing the system used to encode the string into binary, they have no way of knowing what it would mean.
Prompt: Here's an example of a message that someone might send over the Internet to a friend. What do you need to decode this message?
In the last few lessons, we've seen lots of different types of data that can be encoded into binary. All of our encoding systems have a couple of things in common, though.
Review: Briefly review the characteristics of an encoding system:
- It needs to be unambiguous.
- Everyone needs to agree on it.
Display the binary string and decoding key on Code Studio Level 3.
Give students time to decode the binary string and discuss what they think it means.
Allow students to brainstorm ideas to keep message a secret. In most cases, students may think of using a secret code rather than one publicly available. This could work, but it's a lot of work to make a new code for every type of data, and you would have to repeat that work if your code was accidentally revealed.
Prompt What if I wanted to send a message that was secret, so only my friend could understand it?
Today we're going to look at a system that will let us keep all types of messages secret.
Activity (40 mins)
Reducing Paper This activity can be done online. Rather than coloring in the squares, students can type an "X" into each square that would be colored black.
Group: Put students into pairs.
Distribute one copy of Keeping Data Secret - Activity Guide to each student.
Encoding and Decoding
Here's the same system that we saw before, but with more emojis. With your partner, decode the binary string and decide what you think the message means.
Allow students to share out what they have found and their own interpretations of the emojis.
Encryption and Decryption
Students may not understand the difference between encoding/decoding and encryption/decryption. The main thing for students to understand is that the intentions between the two are very different.
Encoding is used to change the form of data, not to hide its meaning from others. For example, ASCII is used to encode characters into binary, but the intention is that everyone should be able to decode the information. The purpose is to make it easier to store and process information. Encryption is used to ensure that only the intended recipient of the information can read it. It is used for security and privacy.
The next binary string uses the same emoji code you saw earlier, but the sender didn't want other people to read it. With your partner, try to decode the message.
Allow students to try to decode the message. They may note that the binary codes are not in the encoding system that they have been given.
This message has been encrypted. That means that someone changed it so that we cannot read it. In order to read the message, we'll first need to decrypt it.
Vocabulary: Introduce the following terms.
- Encrypt: to change information so that its meaning is hidden
- Someone has encrypted the message, so we cannot understand it.
- Decrypt: to change information so that its hidden meaning is shown
- We need to decrypt the message before we can read it.
Model the decryption of the first message.
- Copy the rest of the binary string into the first row of the chart.
- Continue to repeat the key until you have reached the end of the chart. (The last repetition will only have two bits.)
- For each bit on the third row of the chart, color in the square if and only if the two bits above it are the same. For example, if the two bits above it are both white OR both black, color in the square. Do not color in the square if the two bits are different.
Once the message has been decrypted, allow students to decode it and discuss what they think it means.
Circulate: Support students as they decrypt the message on the second page.
Encrypt Your Own Message
In this encryption system, the method of encryption and decryption are identical and use the same key. In most encryption systems, that is not the case. This once has been chosen for the same of simplicity.
Partners create their own emoji message and key, then encode and encrypt it.
To share the message online, students can type "B" for every black square and "W" for every white square in the row.
Students should post their encrypted messages publicly, while keeping their unencrypted messages and keys a secret. Allow students time to look at their classmate's messages and try to decrypt them without a key.
The goal of this discussion is to highlight the value of encryption, and that even with knowledge of the algorithm, it's difficult to crack a code without the key. Allow students the opportunity to share their ideas for how to crack this code and try them out, then have students dicuss what makes it difficult.
Prompt Everyone has shared their encrypted data. Do you think that you could decrypt anyone's data without the key? How? What makes it difficult?
Pair up different groups and ask them to secretly trade keys. They should then be able to decrypt the other group's message.
Allow each of the groups to share out the emoji message they decrypted and what they think it means.
The goal of the first discussion is to introduce the idea of physical security, which includes everything we do in the physical world, such as preventing physical access to computers and passwords.
Students should understand that physical security is as important as digital security when safeguarding information. Some things students may do to keep their information safe might be to keep passwords in a safe place (or avoid writing them down entirely) and to keep devices locked away when they aren't in use.
Prompt How did you you keep your key safe when giving it to your partner?
Student should share out how they ensured that no one else could see the key they used to encrypt their data.
You used physical security to keep your key safe, by making sure that no one could physically access it.
Prompt What is one way that you use physical security to keep your online data safe?
Allow students to discuss the questions with their partners before sharing out to the class.
To keep our data safe, we need to pay attention to digital and physical security. Digital security includes using encryption or protecting things with passwords. Physical security is keeping our devices and passwords physically safe.
Wrap Up (5 mins)
The goal is not for students to come up with a viable solution, but for them to brainstorm different ways that they might try to solve the problem.
Prompt: When people communicate on the Internet, they cannot rely on physical security to keep their keys safe. Try to think of a way that they could still communicate securely, even if someone could read everything that they sent.
Allow students to brainstorm on their own, then share their ideas with a classmate.
The message itself is a doughnut, thumbs down, and angry face. Students may have fun coming up with their own interpretations of the emojis. One possible interpretation is that the sender expected a doughnut, didn't get one and became angry, but there is no "right" answer to what the emojis mean.
(Hide this message by going to your teacher panel on the right and choosing to view as a student.)
CSTA K-12 Computer Science Standards (2017)
NI - Networks & the Internet
- 2-NI-05 - Explain how physical and digital security measures protect electronic information.
- 2-NI-06 - Apply multiple methods of encryption to model the secure transmission of information.