DAY 86 Alice and Bob and the NSA

April 2nd, 2014 § 0 comments § permalink

I was gravely disappointed that I failed to make it to the Palestine Marathon on April 11th – like Olympian Nader al-Masri from Gaza. 140409-palestinian-runner-mn-846_4111fc29afd0adb96126dc54f1386723.nbcnews-ux-560-400In my case it was extreme unfitness which prevented me from making the cut, not obstruction on the part of the Israeli authorities.I did manage the three-mile wet hike to Lindisfarne in Northumberland around the same time, without checkpoints and without being washed away by the tide. (Will there be a checkpoint at Berwick-upon-Tweed if the Scots vote ‘Aye’ in September?)

Anyway, you’ve certainly been waiting to hear from me about how the NSA gets to hack your emails, texts, tweets, skypes and all your other pointless messages. Luckily for you, I’ve found out; as you might expect, it has to do with some pretty hard mathematics and a couple called Alice and Bob.bobalice The mathematics naturally comes down to elliptic curves over finite fields of huge prime characteristic, see below. The social setup is that Alice wants to fix a rendezvous with Bob without an evil acquaintance called Nick (or the NSA) knowing. Alice wants to send Bob a text saying ‘How bout we meet Nandos 2nite 4 sum ribs xx?’ which in binary is (check if you don’t believe me): 01001000 01101111 01110111 00100000 01100010 01101111 01110101 01110100 00100000 01110111 01100101 00100000 01101101 01100101 01100101 01110100 00100000 01001110 01100001 01101110 01100100 01101111 01110011 00100000 00110010 01101110 01101001 01110100 01100101 00100000 00110100 00100000 01110011 01110101 01101101 00100000 01110010 01101001 01100010 01110011 00100000 01111000 01111000 00111111. Bob and Alice have been hanging out for some time and are used to open key cryptography. They, or rather their mail servers, use the National Institute of Standards in Technology (NIST)’s rules for encryption, which specify a curve – you know, points (x, y) whose coordinates satisfy a cubic equation:

y^2 = x^3 + ax + b

(mod p) where p = 115792089210356248762697446949407573530086143415290314195533631308867097853951, and so on.

[Here I'm beginning to get bored, and I expect you are. So here are some queries from the postbag:

1. Q. I always thought it was Gramsci who coined the phrase 'Pessimism of the intellect, optimism of the will', but when I quoted it down at the Rat and Ferret the other night my friend said it was Romain Rolland. We got thrown out of the pub and still can't settle it. Who was right?

A. Who cares, it's out of copyright in any case.

gramsciGramsci

2. Q. Why are most Uzbek books only available in hard-cover editions (asks Nick Walmsley via Facebook)?

A. I've heard it blamed on Russian publication policies, but this is probably a U.S. slander. It may be the intoxicating smell of that old Russian glue which creates addicts. Get a Kindle - you can download Abdulhamid Ismail's 'Jinlar Bazmi', though Amazon are coy about the price.

3. Q. Do you go to hell if you aren't baptized, e.g. a virtuous pagan or a stillborn child?

A. According to the Washington Post, things are moving:  'after three years of study, a Vatican-appointed panel of theologians has declared that limbo is a "problematic" concept that Catholics are free to reject. The 30-member International Theological Commission said there are good reasons to believe instead that unbaptized babies go to heaven, because God is merciful and "wants all human beings to be saved"'. This may open the door to my own personal view i.e. that hell is not an eternity of torment, but more like community service - a place where you learn how mistaken violence, treachery, fraud and so on are in some sort of twelve-step discussion groups.]

Back to the encryption.They (the NIST) also specify – watch me closely – two points on the ‘curve’  - remember the curve? – called P and Q; and it’s then up to Alice and Bob to encrypt and decrypt their emails using the curve and the points P and Q. Alice picks a point, say S. (Or a prime number, say 17 or 982451653, same thing.) Bob picks T, and so on. Theses choices give them a common ‘secret’ which they figure Nick doesn’t know.

. As pointed out in that notorious radical publication the ‘Notices of the American Mathematical Society’, this totally gives the game away. In the rather patronizing words of Thomas C. Hales:

“The algorithm [to create a 'back door' to the encryption process] could be explained to undergraduate math majors or sufficiently advanced high school students. The story also has the spy agency intrigue to make a good math club talk or a special lecture in an elementary abstract algebra course. We essentially just need to understand that an elliptic curve is an abelian group whose elements (other than the identity element) are determined by two numbers x and y, that y is the root of a quadratic when x is given, and that every nonidentity element of a cyclic group of prime order is a generator. Easy stuff.”

Elliptic

Picture of a completely different elliptic curve.

Easy stuff, indeed. Plus, the NSA was intimately involved in formulating the NIST standard. And this explains one of the many reasons why – with an army of mathematicians at their disposal – they have no trouble in reading what you write.

I suppose I could go on to explain how you mount phishing attacks  on your friends’ emails, or break WEP encryption on the neighbour’s wi-fi (easy stuff again). But I don’t want t be thought irresponsible.

Poetry

I was looking for Catullus’ well-known imitation of Sappho, having dealt with her lately; and I found a site which offers translations into a vast collection of languages.(Not Uzbek, bad luck to the Chicago mafia.)

Ille mi par esse deo videtur,
ille, si fas est, superare divos,
qui sedens adversus identidem te
spectat et audit
dulce ridentem, misero quod omnis
eripit sensus mihi: nam simul te,
Lesbia, aspexi, nihil est super mi
vocis in ore,
lingua sed torpet, tenuis sub artus
flamma demanat, sonitu suopte
tintinant aures, gemina teguntur
lumina nocte.
Otium, Catulle, tibi molestum est:
otio exsultas nimiumque gestis:
otium et reges prius et beatas
perdidit urbes.

But here it is in Albanian, looking suspiciously short. Has it been cut?

Vertete si nje perendi me ngjan ai,
dhe mbi perendite, po te qe e mundur,
kur perballe qendron dhe parreshtur
te veshtron,te degjon buzeqeshur;
ajme,te ben te ndjehesh krejt e vdekur.Sapo te pashe Lesbia, zeri c’me iku,
gjuha papritmas m’u mpi ne goje
nje zjarr me rrodhi nder gjymtyre
dhe veshet me ushtuan krejt vetiu
drite e nates m’i mbuloi te dy syte.

Music

How come I haven’t thought of introducing some Esperanto hip-hop into the mix before now? There’s clearly some out there (and for that matter, Esperanto metal, and Esperanto madrigals for all I know). Here is a catchy number ‘Lunatiko vs Rima‘ to show the possibilities of the genre – and, of course, its limitations.