Last year I gave a talk on magic and cryptography at CypherCon, a regional hacker conference in Milwaukee, WI. I’d been wanting to give this talk for quite some time, so I’m especially delighted that the video has gone up on CypherCon’s YouTube page. Click below to watch, and read past the video for the presentation abstract!
Long before it became an infosec capture-the-flag staple, steganography had its birth in the Steganographia of Johannes Trithemius, an early 16th century book of magic and secret writing. Though it remains perhaps the most widely known, this is but one among countless examples of cryptography from the Renaissance and early modern eras used by alchemists, magicians, and dissidents to conceal their hidden knowledge from the prying eyes of the uninitiated. By applying the lens of cyber threat intelligence to the Steganographia and other examples of Renaissance and early modern cryptography, we can give ourselves greater insight into the motivations and threat models that drove subversive actors centuries before PGP was a gleam in Phil Zimmerman’s eyes. As we explore these historical examples through a threat intel lens, I will show how modern-day incident responders and other infosec practitioners can enrich their investigations by applying this same approach to their daily work.