Unencrypted communication over the Internet works a lot like sending a postcard: it can be read by anybody along the delivery route. Communication is routed through intermediary computers and systems, which are connected to many more computers and systems. Encryption, or encoding information so it appears scrambled to anyone who doesn’t know the key, is a way to wrap a postcard in an envelope. While it can never be 100% secure, stronger encryption makes it harder for people to get to the contents.
The lesson elements in this module teach students about the privacy principle “Communication over a network, unless strongly encrypted, is never just between two parties”. They are designed to be independent and flexible, so you can incorporate them into any size lesson plan. Student resources are available at https://teachingprivacy.org/someone-could-listen/.
Summary of Learning Objectives: Students can articulate how the multi-step, multi-party pathways of networked communication affect users’ privacy; students can identify and use more secure communication options.
Target Age: High school, college undergraduate.
Encryption is used to keep data secret. In its simplest form, a file or data transmission is garbled so that only authorized people with a secret "key" can unlock the original text. If you're using digital devices then you'll be using systems based on encryption all the time: when you use online banking, when you access data through WiFi, when you pay for something with a credit card (either by swiping, inserting or tapping), in fact, nearly every activity will involve layers of encryption. Without encryption, your information would be wide open to the world – anyone could pull up outside a house and read all the data going over your WiFi, and stolen laptops, hard disks, and SIM cards would yield all sorts of information about you – so encryption is critical to make computer systems usable.
An encryption system often consists of two computer programs: one to encrypt some data (referred to as plaintext) into a form that looks like nonsense (the ciphertext), and a second program that can decrypt the ciphertext back into the plaintext form. The encryption and decryption are carried out using some very clever math on the text with a chosen key. You will learn more about these concepts shortly.
Of course, we wouldn't need encryption if we lived in a world where everyone was honest and could be trusted, and it was okay for anyone to have access to all your personal information such as health records, online discussions, bank accounts and so on, and if you knew that no one would interfere with things like aircraft control systems and computer controlled weapons. However, information is worth money, people value their privacy, and safety is important, so encryption has become fundamental to the design of computer systems. Even breaking the security on a traffic light system could be used to personal advantage.
In the game, players work for a start-up social network company that is the target of increasingly sophisticated cyber attacks. Working alongside their friend and colleague—a brilliant, business-savvy entrepreneur—their goal is to grow their tiny company into a global empire. To do this, players must complete challenges to strengthen their cyber defenses and thwart their attackers. There are four major gameplay components: a coding challenge, a password challenge, a social engineering challenge, and a series of cyber battles.
The Lab also features stories of real-world cyber attacks, a glossary of cyber terms, short animated videos, and video quizzes. The videos explain the need for cybersecurity; privacy versus security; cryptography (cyber codes); and what exactly hackers are.
This alignment results from the ALEX Resource Development Summit.
Students learn about various types of cybercrimes and the cybersecurity measures that can help prevent them. Then students perform a Rapid Research project investigating a particular cybercrime event with a focus on the data that was lost or stolen and the concerns that arise as a result. The Rapid Research activity features vocabulary, concepts, and skills that should help prepare them for the AP Explore PT, and also serves as a capstone for the sequence of lessons on encryption and security.
Students will be able to:- explain the characteristics of a phishing attack.- explain how a DDoS attack works.- describe how one computer virus works.- research and describe a cyber attack found in the news.- reason about the threats posed by, and methods of recourse for, various types of cyber attacks.- describe plausible storage, security, or privacy concerns for particular pieces of data.
Note: You will need to create a free account on code.org before you can view this resource.
To conclude their study of big data and cryptography, students will complete a small research project related to a dilemma presented by Big Data or Cybersecurity, in the form of a Practice Performance Task. Students will pick one of two issues to research more deeply - either an issue related to big data, or one related to cybersecurity. Students will need to identify appropriate online resources to learn about the functionality, context, and impact of the technological innovation that gave rise to the dilemma they are investigating. After completing their research, students will present their findings both in a written summary and with an audio/visual artifact they found online. The written components students must complete are similar to those students will see in the AP Performance Tasks.
This project is an opportunity to practice many of the skills students will use when completing the Explore Performance Task on the AP® Exam at the end of the year. While an open-ended research project might be intimidating, students have built all the skills they need to complete this task.
Note: This is NOT the official AP® Performance Task that will be submitted as part of the Advanced Placement exam; it is a practice activity intended to prepare students for some portions of their individual performance at a later time.
Students will be able to:- identify reliable and authoritative sources of information about computing information.- synthesize information taken from multiple online sources to create a cohesive description of a computing innovation.- identify an artifact that clarifies an aspect of a computing topic not easily captured in writing.- explain both the beneficial and harmful effects related to a modern social dilemma in computing.