Cybersecurity Shuffle: Using Card Magic to Introduce Cybersecurity Concepts

One of the main challenges in designing lessons for an introductory information security class is how to present new technical concepts in a manner comprehensible to students with widely different backgrounds. A non-traditional approach can help students engage with the material and master these unfamiliar ideas. We have devised a series of lessons that teach important information security topics, such as social engineering, side-channel attacks, and attacks on randomness using card magic. Each lesson centers around a card trick that allows the instructor to simulate the described attack in such a way that prior technical background is not required. In this work, we describe our experience using these lessons in teaching cybersecurity topics to high school students with limited computer science education. Students were assessed before and after the demonstration to gauge their mastery of the material, and their opinions on each lesson. Students indicated they enjoyed the lesson and their pre- and post-test scores improved by between 15% and 30%.