Numbers

               It’s all numbers. I could be reading them matrix style – not left to right. It wouldn’t matter. I’m actually having fun reading absurd things, they break the symmetry in such a way it’s making me burst into laughter. Erevan Radio jokes are great for this. Ever hear this one?

– Q: Is it true that half of the members of the Central Committee are idiots?

– A: Rubbish. Half of the Central Committee are not idiots.

               I’ve seen something similar on occasion – genius acting stupid. And yea, takes an average like me to fix it, and to get the short end of the stick, like the blame. I’ve seen somebody absolutely secure in his knowledge – and he was secure, his theory was right but his input was crap. An absurd situation of epic proportions. Like having the latest security system known to man, the best firewall, the best antivirus, the best heuristic detection – and then turning it off because it keeps you from running a program you received by e-mail from “somebody you trust”. I even made a theorem of it, it says “shit goes in, crap comes out”. It’s the one D ten T theorem, you only get it if you write it down.

– Q: Which four factors inhibit the agricultural development?

– A: Spring, Summer, Autumn and Winter.

               Ever think of encryption as math? I know, you think you take letters, you switch them around and so on. You got easy things, like switching the order of the letters. You got medium things like making each letter a number then shuffling those. You got advanced things, so advanced they can’t figure out what makes them safe. You’re wrong. You can do encryption in Excel, for instance. Yes, the one from Microsoft. Yes, I know it’s not free. Use your bloody imagination, darn it! I love Excel, even if there’s plenty of free alternatives – I wouldn’t switch from it. Even if I got royally … inconvenienced .. by the change of user interface when they switched from Office 2003 to Office 2007 and onwards. Let’s get back to our sheep then. You can actually even solve basic encryption in Excel – with Solver and Data Analysis.

               Math is life. Literally. A function describing cause and effect. If we call X the event, then f(X) is the effect, the consequence of that event happening. F(X) can describe almost anything if you put your mind to it. Of course you can have more variables, you can have a whole alphabet of variables. And more. Add more languages, more alphabets, like from alpha to omega. There are variables that matter a whole lot and variables that matter less. You can say they have different weights. They can also have greater importance or less importance if one of the variables meets certain conditions. Let’s see how I can explain this better – the importance of a specific variable (here I called it an event) depends on other variables (events, specific time, and so on). For instance, let’s have an equation like f(X)= 100*((X^2) modulo 2)+x+15. If X is divisible by 2, the result drops severely. Same thing with importance. Depending on certain conditions are met, events look (or are) more or less catastrophic. Everything can be described as a function. Even letters – so why are we so surprised when we learn cryptography is math? Because we’re reluctant to use something we’re not familiar with. We’d be afraid of using the toilet if we’re told it has a nuclear generator built in it.

               If you have the letters A to Z and convert them to a number – the actual position of the letter in the alphabet, depending on the length of the alphabet, you can write them down as a series of numbers. You can build a matrix out of them. If you want. You can have a password written the same way. Then use this formula, for instance, F(X,Y)= ((2*X*X) + (3*Y*X) + 15), where X = number(text_to_encrypt(I)) and Y = number(password(I)) and I is the position number of the letter, from 1 to the length of the text to encrypt. We don’t put it back as a letter, we keep it as a number. When we do the decryption thing we convert it back, but only then. Maybe you will use I instead of 15, or instead of 2 or 3. Now imagine you get to see the graph result of the above:

 cypher

               It’s a 3D representation of a cypher. You won’t know what hit you, unless you know the formula of the equation AND the password. Now imagine a 26 digit password and more than 2 variables. Hell, few can, that’s why only 1 in 1000 know what a tesseract is and even fewer can draw one. Math is hard. That’s why it’s what makes algorithms like RSA or Diffie-Hellman tick. And we’re on a race against time to make math harder and harder – too bad complexity isn’t the biggest weakness.. We think hard equals safe. Bullshit.

               No, the simplest unbreakable encryption algorithm doesn’t rely on quantum computations or huge clusters of chips – it relies on a one-time key. A one-time password. Something you’ll never ever use again. See, we’re beating up a dead horse. The complexity of encryption is irrelevant if you use a one-time key. And a one-time key is just as insecure if you use crap to create it.

– Q: What is the most permanent feature of socialist economy?

– A: Temporary shortages.

               We’re creating algorithms more and more complex – and those in the business of crypto don’t bother solving them. They insert a rootkit into our computer to weaken our random number generator. So when we create a key, temporary or whatever, they can solve it faster – because the random number generator ain’t exactly random. It just looks random. They put their code into the firmware of the hard disks or graphics cards. Or USB sticks. They don’t bother with quantum computing to crack anything – they steal you blind before you encrypt your data. We’re watching magic, and as usual, magic happens where we’re not looking.

– Q: Is there a difference between capitalism and communism?

– A: In principle, yes. In capitalism, man exploits man. In communism it’s the other way round.

               We can protect ourselves with the most complex passwords and encryption systems – but we are the actual weakness. All it takes is a nice e-mail from our boss telling me to change my password to something 10 characters long and containing 5 digits and one space – I don’t have to actually tell him what it is, I’ve just blown away more half of its complexity. The digits are usually years that are significant to us, but anyway there’s just 10 digits (from 0 to 9) instead of 26 letters in the English language and the space usually comes at the middle or separating the characters from the digits (because we’re human and as such, idiots). How much time would be required to crack such a password? Take a wild guess.

               We can also receive a call from the newly hired IT tech saying he’ll get fired if he doesn’t finish the new software installation on time and would you be so kind as to open up the remote assistance tool in Windows – or maybe just install this little piece of software he just emailed – he has to finish in half an hour and there’s 50 more computers to install it on. And he’s so sweet and afraid, he’s new at it so that explains it, maybe he’ll let us install a game on the network now that he owes us.

               It’s also something I don’t like when it comes to cloud computing – not that my math and physics models are worth much – but the principle of it. Let’s say I put my data or even photos on a cloud storage thing. I rely on their encryption, I rely on them for access – but in reality I’ve just shifted my blame target to them. I know I can use encryption on my hard disks. I know exactly what I use and what kind of encryption I use. But what do they use? Do they even encrypt files? Says who? The bible is right because it’s written in the bible – typical circular argument. The files are encrypted because they say they encrypt them. They even might – but have weak encryption or backdoors. If my internet connection is down – how do I access my photos? What if my router breaks when I need something the most, something my job is depending on – and others can’t wait for me. Would I lose my job? Probably. How can they guarantee anything? Access? Your ISP is to blame, not them. Safety? They say they’re not hacked but unless your documents show up on the internet you’ll never know. You give up certainty for an illusion.

Advertisements

Well? Post a comment:

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s