August 2019

The Hyve team, who were runners-up at Startup Bus 2019. From left to right: Tracy Ingram, David Castañeda, Joey deVilla, Rina Bane, and Justin Linn.

My recent Startup Bus success with Hyve has had some interesting side effects, not the least of which is people asking me all sorts of questions about email and cybersecurity. I’m more than happy to answer these questions!

I’m often asked about how public-key cryptography (a.k.a. asymmetric cryptography) works. The concept of private keys and public keys isn’t an intuitive one. A couple of years back, I spent some time trying to come up with an analogy that was layperson-friendly and memorable.

After doing a little searching online, I found a good analogy, and with the help of a couple of people — including my computer science professor from Crazy Go Nuts University, Dr. Robin Dawes — improved on it. Here’s my revised analogy; feel free to use it whenever you need to explain public-key crypto!

The special box

Imagine a box with a special lock, as pictured below:

The lock has three positions:

  1. When the lock is turned to the “9:00” position, the box is locked, and its contents are inaccessible.
  2. When the lock is turned to the “12:00” position, the box is unlocked, which means you can open it and view its contents.
  3. When the lock is turned to the “3:00” position, the box is locked, and its contents are inaccessible.

The lock’s position can be changed by two kinds of keys. The first type of key belongs to the owner of the box, and is thus called the private key:

The private key fits the lock, but it has a special limitation: it can only turn the lock clockwise — from 9:00 to 12:00, or from 12:00 to 3:00. It doesn’t turn counter-clockwise.

There’s only one copy of the private key, and as the owner of the box, you hold onto it.

There’s a second kind of key. You may have already guessed that it’s called the public key:

Like the private key, the public key also fits the lock, and it also has a special limitation — but a different one: it can only turn the lock counter-clockwise — from 3:00 to 12:00, or from 12:00 to 9:00. It doesn’t turn clockwise.

Unlike the private key, you give copies of the public key freely to other people. This lets them communicate with you.

Using the box and keys, two different things are possible:

  1. People can send you secret messages. This is done with encryption.
  2. You can send messages to people with proof that it was you who sent the message. This is done with digital signatures.

Sending secret messages with encryption

The idea behind sending secret messages is straightforward: you take the message and encrypt it (that is, scramble it so that it’s incomprehensible to other people), and then send it. The receiver gets the message, decrypts it (that is, performs the inverse of the operation that scrambled the message), restoring it to its original form and making it readable.

Think of encrypting the message as putting it in the special box and locking it. Think of decrypting the message as unlocking the box.

If you wanted to send a message to me, you’d use one of my boxes. Since it’s one of my boxes, I would have the private key for it, and I would have given you one of my public keys.

To send me the message so that only I would be able to read it, you’d put the message into the box and then lock it with my public key. Remember, the unlocked position is at 12:00, and public keys only turn counter-clockwise. When you lock it, you change the lock to the 9:00 position:

Once the box is locked, you’d ship it to me.

In order to read your secret message, I’d unlock the box using my private key. Remember, the lock is currently at the 9:00 position (locked), the unlocked position is at 12:00, and private keys only turn clockwise. When I unlock it, I return the lock to the 12:00 position:

With the box unlocked, I can now read the message you sent me.

Proving that I was the one who sent the message using a digital signature

I can also use one of my boxes to sign my messages in such a way that you know that they’re definitely from me and not some troll pretending to be me.

If I wanted to send you a message that was guaranteed to be from me, I’d use one of my boxes.

To send you a message in a way that proved that only I could have sent it, I’d put the message into the box and lock it with my private key. Remember, the unlocked position is at 12:00, and private keys only turn clockwise. When I lock it, you change the lock to the 3:00 position:

Once the box is locked, I’d ship it to you.

In order to confirm that the message was sent by me, you’d unlock the box using the public key I gave you. Remember, the  lock is currently at the 3:00 position (locked), the unlocked position is at 12:00, and public keys only turn counter-clockwise. When you unlock it, you return the lock to the 12:00 position:

You can rest assured that I sent the message, because in the digital signature scenario, only my private key could’ve locked the box that you unlocked with my public key.

It’s all math

You may have to remind people that the box isn’t actually a box, the things that we call the private key and public key are just really large numbers, and that encryption and digital signing are just some fancy math operations that are performed on your message (which is really just a bunch of numbers) using the private and public keys.

I’ll write up a layperson-friendly description of how the math in public-key crypto works, but in the meantime, if someone’s asking you to explain it, send them to the EFF’s article, A Deep Dive on End-to-End Encryption: How Do Public Key Encryption Systems Work?

Credit where credit is due

I found the original “special box” analogy put together by Panayotis Vryonis (pictured to the right), in his article titled Public-key cryptography for non-geeks. He came up with an analogy that treated asymmetric crypto as a box with a special lock and special keys, and it seemed to do the job nicely, and I wrote about it in this post back in June 2017.

Analogies often have limits, and it wasn’t long before my computer science prof, Dr. Robin Dawes (pictured to the right), pointed out a flaw in Vryonis’ analogy. With his help, combined with a suggestion from Matthew Ernest, I came up with a tweak, resulting in the analogy shown above. Thanks to all of them for their invaluable help!

{ 0 comments }

Every week, I compile a list of events for developers, technologists, tech entrepreneurs, and nerds in and around the Tampa Bay area. We’ve got a lot of events going on this week, and here they are!

This weekly list is posted as a voluntary service to the Tampa tech community. With the notable exceptions of Tampa iOS Meetup and Coders, Creatives and Craft Beer — both of which I run — most of this information comes from Meetup.com, EventBrite, and other local event announcement sites. I can’t guarantee the accuracy of the dates and times listed here; if you want to be absolutely sure that the event you’re interested in is actually taking place, please contact the organizers!

Monday, August 19

Tuesday, August 20

Wednesday, August 21

Thursday, August 22

Friday, August 23

Saturday, August 24

Sunday, August 25

{ 0 comments }

Every week, I compile a list of events for developers, technologists, tech entrepreneurs, and nerds in and around the Tampa Bay area. We’ve got a lot of events going on this week, and here they are!

This weekly list is posted as a voluntary service to the Tampa tech community. With the notable exceptions of Tampa iOS Meetup and Coders, Creatives and Craft Beer — both of which I run — most of this information comes from Meetup.com, EventBrite, and other local event announcement sites. I can’t guarantee the accuracy of the dates and times listed here; if you want to be absolutely sure that the event you’re interested in is actually taking place, please contact the organizers!

Monday, August 12

Tuesday, August 13

Wednesday, August 14

Thursday, August 15

Friday, August 16

Saturday, August 17

Sunday, August 17

{ 0 comments }

Yet another UX lesson from “Star Trek”

by Joey deVilla on August 6, 2019

Remember this, mobile and IoT user experience designers and developers.

{ 0 comments }

Password reset

by Joey deVilla on August 5, 2019

Click the comic to see it at full size.

File this under “funny because it’s true.”

{ 1 comment }

Tampa Bay technology, entrepreneur, and nerd events - Monday, August 5 — Sunday, August 11, 2019 - #MakeItTampaBay

Every week, I compile a list of events for developers, technologists, tech entrepreneurs, and nerds in and around the Tampa Bay area. We’ve got a lot of events going on this week, and here they are!

This weekly list is posted as a voluntary service to the Tampa tech community. With the notable exceptions of Tampa iOS Meetup and Coders, Creatives and Craft Beer — both of which I run — most of this information comes from Meetup.com, EventBrite, and other local event announcement sites. I can’t guarantee the accuracy of the dates and times listed here; if you want to be absolutely sure that the event you’re interested in is actually taking place, please contact the organizers!

Monday, August 5

Tuesday, August 6

Wednesday, August 7

Thursday, August 8

Friday, August 9

Saturday, August 10

Sunday, August 11

…and don’t forget what’s up next week:

Augtoberfest, the August edition of the Coders, Creatives, and Craft Beer meetup, which happens next Wednesday, August 14th at 6:30 p.m. at 7venth Sun Brewery in Tampa.

{ 0 comments }

Hyve’s videos from Startup Bus 2019

by Joey deVilla on August 2, 2019

I had the privilege of participating in Startup Bus 2019 on the Florida Bus — and the team I was on, Hyve, made the top three! Here are Hyve’s official videos from our adventure…

Meet Team Hyve!

In addition to the pitch competition that took place in clear view, there was also a behind-the-scenes game in which all the Startup Bus teams could partake. The game was made up of activities that teams would perform for points, and the bus that earned the most points would receive special mention at the finals. The activities were effectively a checklist for teams to follow as they created their startups and applications on their buses.

One of the activities was to make a team video, where team members would introduce themselves and explain why they’re participating in Startup Bus. We recorded this on Wednesday night at NC State in Raleigh.

Pitching Hyve to a stranger

Another action item in the behind-the-scenes game was to pitch our idea to a stranger in one of the towns where we stopped. We pitched the Hyve concept to the Lyft driver who took us from NC State to our hotel. Here’s how it went…

Practicing our pitch

In addition to building the business and the app on the bus, we practiced out pitches at regular intervals. Here’s Tracy practicing his pitch as the bus raced towards New Orleans:

The qualifying round

The qualifying rounds took place on Saturday, July 27th at New Orleans’ Propeller Incubator, where all the teams from all the buses — the Advancing Black Entrepreneurs, Florida, Mexico, New York, Ohio, Silicon Valley, and Washington DC teams — made their pitches.

Every member of every team had to be ready to pitch, because in the qualifying round, the judges chose two people from each team to make their pitch, one at a time. They tend to choose the least confident-looking team members, and a couple of them already knew me. We did well, though, with Rina doing the “set ’em up” pitch and Tracy doing the “finish ’em off” one:

The finals

We’d have to wait until the next day to find out who made it to the semifinals, but we were among them! Even better, we made it to the finals. We re-worked our pitch for the finals judges with the help of the Florida Bus Conductors — Akira Mitchell, Nick Price, and Shane Needham — and here’s the result:

The winners

Once all the finalists made their pitches, the judges sequestered themselves, and shortly afterwards, they made their announcements, which included Hyve!

Just the bit about Hyve

Just because I love that bit about walking the line between good and evil, here’s just the part about Hyve:

{ 0 comments }