Enabling The “Cipher” Part of Your Brain: Understand, Solve and Demand More

I’ve observed something when teaching cybersecurity — and it’s that some people have natural abilities to solve puzzles that they have not…

Enabling The “Cipher” Part of Your Brain: Understand, Solve and Demand More

So, how can you spot that someone has a natural ability to be a cybersecurity specialist?

I’ve observed something when teaching cybersecurity — and it’s that some people have natural abilities to solve puzzles that they have not come across before. These people thrive on the challenge and often can’t stop themselves from seeing a puzzle through to the end and then demanding more. And, they don’t just want more of the same, they want new puzzles to solve.

Overall, I observe different characteristics in learning when we use cipher challenges. Often, I see a few students race ahead and are well ahead of the class, and then they cannot stop solving these challenges. With our cipher challenges we make them more difficult as you progress. Some students will give up when the challenges get too difficult, but those with a natural ability will keep going, and enjoy the ever increasing challenge, and the new puzzle to solve. This is both motivation and stamina. In cybersecurity, both are key attributes, especially in areas of digital forensics, cryptographic analysis, incident response and malware analysis.

I would define this natural ability within cybersecurity with three basic traits:

  • Understand. Understand a problem and then map it out for a solution.
  • Solve. Keep going until there is a solution.
  • Demand More. When solved, the cyber brain demands more problems that differ and have the stamina to keep going.

So, what’s the one simple cipher where you can spot this ability? Well, when we do tests, it is often the simple rail fence cypher that either student can solve quickly or struggle with. Basically, a strong cyber brain-focused student has the ability to see the required pattern and then map it in their head. There is no Chat-GPT for them, and they will often use a simple pen and paper to map out their solutions. Also you’ll also typically see them getting involved in CTF (Capture The Flag) challenges, too.

To give an example, let’s say we have three rails and have a plaintext value of:

WEAREDISCOVEREDFLEEATONCE

We then draw three rails, and map out:

 gives:

W . . . E . . . C . . . R . . . L . . . T . . . E
. E . R . D . S . O . E . E . F . E . A . O . C .
. . A . . . I . . . V . . . D . . . E . . . N . .

This gives:

WECRLTEERDSOEEFEAOCAIVDEN

A key challenge is then to do the reverse of this, and where you are given the cipher, and then work out the plaintext value.

And, so, if you want to try some examples, I’ve created a CTF generator:

  • WEAREDISCOVEREDFLEEATONCE (3 rail) Try!
  • The Boy Stood on The Burning Deck (2 rail) Try!
  • The Boy Stood on The Burning Deck (3 rail) Try!
  • The Boy Stood on The Burning Deck (4 rail) Try!

and here is the reverse:

  • WECRLTEERDSOEEFEAOCAIVDEN (3 rail) Try!
  • Fac emnrneGray (2 rail) Try!

The core ability here is to understand how we map onto a differing number of rails, and then performing the decode part, too. We might learn how to encode with an example, but the challenge is to be faced with an encoded rail code, and then work backwards. This ability, too, is the key strength for a software development, and helps in developing algorithms. Basically, the cybersecurity analyst is doing the same thing, and working out the algorithm to sovle the puzzle.

And here are more ciphers to crack:

https://asecuritysite.com/encryption/ctf

Conclusion

So, dump your Chat-GPT terminal, and go and exercise your cyber brain.