Skate
newbie
Reged: 05/23/04
Posts: 39
Loc: Ohio, U.S.
|
|
I concure(sp?) completely. I thought it funny how he did the real-time hackers. That was great. It's too bad that it's really not like that, it would make things oh-so more interesting.
|
WKShadow
Beloved Angel
Reged: 06/02/04
Posts: 79
Loc: Myrtle Beach, SC
|
|
Dan brown should consult you for his next book 
|
Arras
enthusiast
Reged: 05/24/04
Posts: 263
Loc: B.C., Canada
|
|
Quote:
WKShadow said:
Dan brown should consult you for his next book
Nah, I think the trend in his writing suggests that he's found his strong points in symbology, art history, and secret societies, and is shying away from cryptography--at least in the modern sense.
As I mentioned earlier, his understanding of cryptography seems to trail off somewhere around the beginning of the age of computer-based cryptosystems. He adores the Caesar Box cipher and other basic transliteration techniques that have been around for thousands of years, but while you might find these in brain-teaser books and IQ tests, you won't find them in practical use these days.
The reason is simple--a modern computer can iterate through millions of combinations and permutations in a second, so without being particularly clever you can decode any of these cryptosystems--brute force wins. Those ancient cryptosystems were secure before computers came along only because the brute force approach was impractical. If there are a hundred million possible ways to transliterate a key, a human being would require an enormous amount of time to work it out by hand. A computer can try all of those possibilities in a few seconds.
Modern cryptographic techniques are based on "hard" mathematical problems--problems that take computers a prohibitively long time to solve. There are many operations that computers can do extremely quickly, but there are a few that still require a lot of time, like finding all of the factors of a huge number to determine whether it's prime or not. If you choose a big enough number, and you have to do this once for every possible key you want to try, you suddenly slow things down to the point where the brute force approach would take a year, ten years, or even a hundred years to work.
Since the advent of public-key cryptography in the 1970's, the real magic has been in the keys themselves, not in the algorithms. In fact, the algorithms themselves are well-known and widely published. Anyone who wants to know how an algorithm like RSA, SHA1, IDEA, or Blowfish works can download the information from the web. Knowing that information won't help you crack something encrypted with those cryptosystems. Their strength relies on the fact that they use large keys to do their encryption, and that it's extremely time-consuming for a computer to try all possible keys to find the one that works.
Brown's research in this area was sadly limited, particularly for a book whose subject matter was modern cryptography. I gather that he wasn't particularly computer-literate at that time either, which may explain part of it. He carelessly refers to a "64-bit" key as if it had 64 bytes, when in fact it would only have 8 (there are 8 bits in one byte). Tankado's "64-bit" key should have had just 8 letters to it, not 64.
I believe Brown is fascinated by cryptography, but has only studied it in the classical sense, and may lack the background in computer science to understand how machines have changed the game in recent years. He clearly understands the issues, it's the mechanics he fumbles with.
We can forgive him for the fact that this was his first book, and that he was not a computer scientist or mathematician. Viewed in that light, Digital Fortress is remarkably good  I think, though, that in his later books he migrated toward his strengths, which may explain why The DaVinci Code is the book he's best known for.
|
Pilaar39
stranger
Reged: 08/02/04
Posts: 2
Loc: Toronto, ON, Canada
|
|
Quote:
Arras said:
Brown's research in this area was sadly limited, particularly for a book whose subject matter was modern cryptography. I gather that he wasn't particularly computer-literate at that time either, which may explain part of it. He carelessly refers to a "64-bit" key as if it had 64 bytes, when in fact it would only have 8 (there are 8 bits in one byte). Tankado's "64-bit" key should have had just 8 letters to it, not 64.
Yeah, I noticed that too.
I was also amused about the supercomputer NSA was using. A 3 million cpu parallel processor? I dunno, but I somehow doubt it.
Furthermore, I question the fact that it would take 30 to 40 minutes to shut down a database. I mean, why not just cut the power? Yes, some data might get corrupted, but in the long run, isn't that better than giving it out to the whole world?
|
Dave_Howe
stranger
Reged: 12/13/04
Posts: 4
Loc: Manchester England
|
|
Joining this one late but
a)the cryptographically locked document shows a interface (ie, a "type key here" box) so is obviously an executable program. that being true, it is possible to write such a program in such a way that the decryption process generates more program code just ahead of execution - so the correct creation of the decryption code depends on having got the bit of the key used so far right...
b) the initial description sounds much like a composite cypher - ie, multistages, some of which are weaker than others, but are merely there to disguise the plaintext. One viable approach is to zip the file (disguises length, hides repeating patterns,t hat sort of thing) then xor the first byte with the second byte, the second with the third, the third.. well, you get the idea. without knowing what this obscuring step is, you have to guess if you have found valid plaintext or not. XOR is a surprisingly common tool for this sort of thing - a much, much more secure form of DES is called DESX - this is the crypto used by the MS EFS, and consists merely of xoring the plaintext with a 64 bit key, applying des, then xoring the cryptotext with another 64 bit key to make classical DES brute force analysis impossible.
c) I *do* have a question though. is the bit about the hungarian made up of whole cloth? I have been websearching for a while, and could find no mention of him or his method.
|
txtjunkie
stranger
Reged: 02/19/05
Posts: 1
|
|
Okay, beyond the possibility if you can develop a rotating clear-text I saw one other plothole.
1. If Strathmore wanted to make additions to the original code he would likely never get a chance. If everything was to go as planned the corporation that made the highest bid would win the key and enter it into their existing download of the source code. Plus the size of the download file would change and that might throw up a flag. Granted, the situation had changed since Tankado died and it was to be released as free source but the key would still have to be given. If the key didn't work on some downloads that might definatly raise some eyebrows.
Maybe I missed something but I don't see how. Let me know please.
|
Lightstar
stranger
Reged: 03/28/05
Posts: 4
Loc: Florida
|
|
At the time Strathmore killed Chartrukian you have to remember, he was still unaware that Digital Fortress was a virus, he thought it was the rotating cleartext encryption.
Hulohot knew the names of the victims (most likely) because strathmore uploaded their profiles to his monocle computer.
--------------------
-Lightstar
You've just been blinded by the starlight.
|
8549176320abc
enthusiast
Reged: 05/02/05
Posts: 219
Loc: UK
|
|
The ever so fond Bergorfsky principal simply does not work and I will tell you why: say you have an algorithem with a huge key and you try to solve it with every posible key - each atempt will give off a stream of values in the form of letters (perhaps numbers also) if there are enough combinations you are mathematicaly garanteed to find not only the pain text result but a completly diferent statement also in perfect English- this is why the one time pad cypher is inpenetrable (the idea being that the vigenere cypher is used with a random key with the same lenght as the plaintext)
An example: suppose I send the message "ROCKISBAD" (rock is bad) with a random key (say "asdfghjkl") and get "RGFPOZKKO" I could have also sent the message "IAMNOTDAN" (I am not Dan) using the key "JGTCAGHKB" and got the same result so how does the TRANSLTR know which I have sent - it can't without knowing my key which it doesn't!
--------------------
Governments offer us safety for our freedom. It is by seeing this safety as false that we are freed.
Edited by 8549176320abc (05/02/05 08:16 AM)
|
MathInYUL
stranger
Reged: 05/02/05
Posts: 1
|
|
First off, the "Bergorfsky principal" dosen't exist. It's never clearly stated in the book, and has no basis in reality. However, the idea that he's getting at (that any contemporary non-quantum cipher can theoretically be brute-forced in a certain time period by a certain number of machines) is widely accepted. The "game" of cryptosystems is to make the "certain time" and "certain number of machines" so large as to make them (physically) not possible.
I'll give you an example. The fastest supercomputer in the world (BlueGene/L) is current rated at 70 TFlops - which means it can perform 70 trillion operations per second. When it's fully on-line, it should be able to hit somewhere around 100 TFlops (note that both these numbers are for problems specifically optimized and designed for that machine). To be conservative, if we got BlueGene/L running at 150 TFlops (which should be possible in a few years), and assuming it could run at that speed to decode an AES message (AES being the newest government standard encryption) forever, it would have to run for about 14000 times the current age of the universe to guarentee a message decryption. So while it's possible, it's a bit too long to be practical.
Besides, no cryptographer would make a law about messahe decrypts like that - that's someone else's job, Cryptography is about breaking the code mathematically. Deciding if an outcome is an answer ("ROCKISBAD" vs. "NGFDCJBAD") is a totally different problem. That would require a whole new understanding of language processing.
|
AAnnAArchy
Gifted Procrastinator
Reged: 10/20/03
Posts: 643
Loc: Las Vegas
|
|
I mostly have no idea what you said, Math, but you said it well. I was going to ask why anyone would name anything "Tflops", but then I decided not to be lazy and look it up. trillion floating point operations per second
|
Previous
Index
Next
Threaded
Edit
Reply
Quote
[Re: