added/changed instructions after the event experience

ActivityInstructions.md

@@ -1,3 +1,23 @@
+# Running the expo booth
+For the different exercises, see below descriptions for different age ranges.
+## Setup
+Idea is to have 5 stations, mapping somewhat the history and complexitiy of cryptography
+
+1) Scytale
+  A standing neon tube with a paper wrapped around half of the paper not wrapped showing gibberish. On the table several rods/tubes with different diameters. This is the teaser to get people interested. Show an encrypted image by rolling it onto a tube. Give people strips of paper to roll themselves around and then wrrite a message.
+
+2) Pigpen/Masonic
+  Worksheets on the table, poster on the wall. Explain how letters become symbols and how to reverse. Make them decode the word. Make them create a secret message to be decoded by the next person. Give them the previous person's message to decode.
+
+3) Ceasar
+  Tell about Julius Caeser, roman emperor (for Kids, mention Asterix) how he coordinates the troups. Explain the encryption and that decryption goes in the other direction. Make them decode the word. Stop them decoding second word, the code/key is not known. Introduction to the concept of key. SHow how to find the key (break the code) with the cryptodrum.
+
+4) Vigenere
+  The key becomes now a word. Make visitors write a small sentence and chose a keyword (password). Then encrypt with 2 rules to help find the letters on the matrix. If there are 2 people, make them exchange the messages. Then decrypt.
+
+5) Asymmetric keys
+  Explain that sharing a password overseas is impractical. Introduce to one way function and the one way lock. Make people lock/unlock the cylinders when demonstrating.
+
 # Age Group 1 (7-9 years old)
 ## Substitution Ciphers Simplified
 *(white board/ flipchart, stick-it notes, cipher ruler prototype, cipher wheel, cardboard / paper plates, scissors, rulers and protractors, pins)*

PublicSecretCrypto/README.md

@@ -14,46 +14,58 @@ You have a public key which everyone knows and a secret key which only the recie
 The keys are generated by the reciever who then publishes the public key in a "phonebook"
 
 ## Introduction
-* show the padlocks with the 2 locks and the public keys. Take the secret key out of a pocket. "never give this anyone"
-* show that there are 2 sets of padlocks and keys. The ones for Alice, and the ones for Bob
-* IMPORTANT: show on a separate lock that there is a one-way function on the lock. It only turns one way around. This is the whole secret behind asymetric encryption systems. With one key you can only go in one direction, and never back.
+* explain that in 1977 matematicians deviced an algorithm which only goes one way. The representation for this is the one way locking cylinder. Give the cylinder to people to try. This is the whole secret behind asymetric encryption systems. With one key you can only go in one direction, and never back.
+* show the padlocks with the 2 locks. One cylinder goes one way, the other the other way.
+
 
 * Chose kids (or groups of kids) who play Alice and Bob
 * There are 3 Alice padlocks and 3 Bob padlocks
 * The exercise can be done 6 times, by sending 3 messages from Alice to Bob and 3 from Bob to Alice. But this may complicate the explanations. In the following, only the direction Alice to Bob will be detailed.
 
 ## Encryption
-* Alice wites a message and puts it in an envelope/box. close the box by using the padlock and public key.
+* Bob wants to recieve encrypted messages. He creates keys. One secret and several public. Put the public keys on the table. Glue the secret key (on a chain) to Bob's side of the table. Insiste that the secret key should never be given to anyone.
+
+* Alice wants to send Bob a secret message and puts it in an envelope. close the envelope by using the padlock and public key.
     * but which key to use? Remember, the keys are created by the reciever. So we need to use Bob's public key.
     * insist that the padlocks and public keys are accessible to anyone. Only the secret keys are... secret
 
-* Bob recieves the box, and can unlock the padlock with his secret key
+* Bob recieves the envelope, and can unlock the padlock with his secret key.
     * he is happy for the message
     * but who wrote it? It says Alice, but anyone could write that, then use Bob's public key and send it to him
 
 ## Signing
 * Alice wants to prove that the message comes from her.
-    * Show that the padlocks have a second function. If you use the secret key first
+    * She generates a secret key and public keys. The public key go on the table. The secret is chainde to her position on the table.
+    * Show that the padlocks have a second function. If you use the secret key first.
     * Alice writes her message, then attaches a padlock to it and closes it with her secret key. only she has that key.
 So she is the only one who is able to close the padlock that way.
     * Alice puts the message with the padlock-signature into a box and encrypts it with the reciever's (Bob) public key.
     * Bob recieves the box, and opens it (decrpyt) with his secret key
     * He sees the message with Alice signature
-    * He veryfies the signature by opening the lock with alice's public key. It works! So that proves that the message comes from her.
-    * One could explain that it's technically possible to sign, making the message unreadable (but easily made readable with the public key) or to sign by leaving the message in clear text.
+    * He can now verify the signature with alice's public key. But who is Alice? Who made that key? So many people are called Alice!
     * But where does this public key of Alice come from? How do we know it's Alice? Can be anyone...
+    * One could explain that it's technically possible to sign, making the message unreadable (but easily made readable with the public key) or to sign by leaving the message in clear text.
 
 ## Certification authorities
 * Transform one or two padlocks into Cert padlocks (change cylinders and stickers)
 * You can verify a signature, but for that you need a public key. Anyone in the world coud say "I am Alice, here is my key". So we are back to starting square.
     * Some higher instance needs to prove that the public key is the one of Alice. That is called a certification authority.
-    * The certification authority signs the public key. This creates a certificate. 
+    * Alice takes her passpoer and public key and goes to the certification authority. 
+    * The certification authority signs the public key. This creates a certificate. It certifies that the CA has seen Alice and that it's really her key.
     * Demonstrate by attaching the CA's padlock using the CA's secret key (signing) to alice's public key (not to her padlock) 
+    * This certificate is put into the Internet (put it on the table)
+    * Bob takes the certificate and uses the CA's public key to verify it's valid.
+    * Being sure of Alice's public key, he now verifies her signature by unlocking the lock on the message and can be sure that the signature is by the true Alice.
+    * It works! So that proves that the message comes from her.
+
+## Certificate chains
     * But who signs the certification authority's public key?
     * another certification authority, and so on... at some point you need to trust some authority. 
     * Demonstrate by attaching another padlock-signature to the CA's public key. => "keychain"
-    * Finally at the end, the top secret key is secured in a box/envelope by attaching a combination code padlock. And the code is put in your head.
     * Web browsers come with built-in certification authorities which the browser trusts. That's how the websites prove that they are who they say. Show a webbrowser's CA list.
     * Show how a website's certificate is signed by a row of CAs.
+
+## securing the secret key
+    * The secret key is secured in an envelope by attaching a combination code padlock. And the code is put in your head.