SlashNOT » Encryption

Microsoft to have DRM epiphany in three months

Matthew — Thu, 05 Dec 2002 11:26:32 +0000

Matthew writes: Microsoft executives have announced that they are about three months away from realizing that they can market Digital Rights Management technology as a security tool for consumers. Currently, DRM has not gained acceptance because consumers have no reason to accept the ability to keep them from copying data. Publishers have failed to provide any reason why consumers should pay extra for DRM technology and hardware when it doesn’t benefit the consumer.

“In three months or so, some of our technology people are going to be brainstorming over subway at lunch about DRM—you know, the old “how we can convince people that DRM is good for them” problem, when one of our guys is going to have a major Epiphany.

We expect it to go something like this:—’wait a second! We can use DRM to protect secret documents from being opened by unintended recipients and copied off of servers! Imagine permissions that travel with the document, as an e-mail attachment, or on CD-ROM or tape backup! We can rebuild the permissions architecture of Longhorn [The next version of Windows] around DRM! This is how we can get people to accept Palladium! Man, we’ll be able to integrate DRM document protection into office, and that will get corporations buying Palladium in a big way. Wait a second, the open source guys can’t do DRM, so this is a way to add value that that damned Linux can’t match! Nice!’

Microsoft plans to kick off a huge “DRM as private security” initiative within days of the realization, as soon as idea gains traction and goes viral within the company.

Scientist develops unbreakable encryption

Michael — Sat, 09 Nov 2002 00:36:13 +0000

Squid writes: A scientist at MIT claims he has developed the world’s first completely unbreakable encryption method. According to his paper, “while a long enough one-time pad provides good encryption, it can still be decrypted by anyone with a copy of the pad. This system eliminates that last vulnerability.” The new system uses a random number generator, and instead of transmitting encoded data, it transmits the random numbers themselves. The resulting message cannot be decrypted by anyone, including the recipient.

Reaction to this development has been swift, with the US government restricting export of the encryption scheme and the usual crowd trying to fit the algorithm onto a T-shirt. Meanwhile, Microsoft is claiming that the algorithm violates their software patent for a feature already included in Microsoft Word.

Navel-Gazing Crypto Researchers Unite Biometrics and Key Generation

Captain Shenanigan — Mon, 23 Sep 2002 13:07:06 +0000

Jorgen Hansensensen, a noted San Diego cryptographic researcher, has done it again. As reported earlier, Jorgen introduced to the world a new encryption algorithm actually invented by his toddler son, Hans. This time it is his own work, however, that is drawing international attention.

Submitted recently to the Cryptographic Research and Applications Publication, a peer-reviewed journal exploring advances in cryptosystems and their application in society, is his latest paper: The Belly-Button as a Temporally-Limited Biometric Means for Identifying Individuals and for Random Seed Generation in Support of Key Exchange. “Have you ever looked at your own belly-button?” Jorgen asks in the introduction to his paper. “And then have you examined the belly-buttons of others? No two are alike! Sure, there are gross physical similarities, such as innies, and outies, but the folds and contours of each are unique.”

Jorgen goes on to explain how there is sufficent ideosyncratic information in the navel, just as there is in the more-established technologies based on the iris or fingertip, to uniquely identify the belly-button’s owner.

“But it isn’t just about identification,” Jorgan says later in the paper. There are other features that make the belly-button a better fit to modern cryptosystems than fingerprints or eye-scans. One such advanage of my system is that the key is time-limited, because nobody’s belly stays the same shape over time. The user of the system will have to keep his or her belly-button image up-to-date to keep access. Also, people in office-environments typically keep their belly-buttons covered, which increases security. In your typical office it is much easier to look your co-worker in the eye and/or swipe their coffee cup than it is to get access to their tummy.”

The second part of the paper covers the difficulty of random-key generation and how the same apparatus that obtains the biometric information can also be used as a random-number source. “People have trouble keeping their stomach still while lifting their shirt for the camera,” Jorgen explains. “That reminded me of those guys generating randomness from lava-lamps and fish-tanks. I figured the same principle would work here. If you need even more randomness the security prompt could present the user a selection from a joke file or similar humor repository as a part of the authentication process.”

Noted security luminary Bruce Schneier is reported to have said, when presented with an advance copy of the paper, that Jorgen’s system had some interesting aspects to it but that only time would tell if the system is truely secure. “It solves the ‘chop off the finger’ problem that fingerprint-based systems have. The key-space is small, though, and that worries me. Also, I wonder about the physical-world security of the keys… I think you’ll find individuals with particularly important belly-buttons may be stalked and ‘imaged’ when vulnerable (such as in the shower or the restroom) and ‘wargazing’ with high-powered digital cameras at beaches and similar venues may become a common method for indiscriminate collection of private biographic keys. It’s second-order effects like these that you have to worry about when designing a cryptosystem. On the other hand, I can already think of a few things that could improve the strictly technical aspects of the system. Smearing snake-oil over the belly before imaging the button would enhance the contrast of the image, for example.”

Chromographic Encryption — Toddler Discovers Algorithm

Matthew — Sat, 24 Aug 2002 22:30:18 +0000

Looks like Math prodigies are getting younger all the time. This story tells of a 3 year old boy who encrypted his father’s work with a red marker. His father developed the decryption technology, which consists of a key made of red cellophane. They are persuing a patent right now. Can anyone think of any existing art that might cover this? The San Diego Mercurial News has an article on Math and Kids, an excerpt follows:

The record for youngest contributor to cryptographic science was broken earlier this week by Jorgen Hansensensen’s three-year-old son, Hans. The previously youngest cypherpunk prodigy, Sarah Flannery (who at 16 developed a matrix public key encoding algorithm when working with her father) said “What? I can’t hear you. And you talk funny,” when pressed for comment.

Like Sarah, young Hans was also working with his father when he made the essential breakthrough that his father calls Chromographic encryption–a methond of ‘hiding’ information in what is an otherwise unintelligable garbled mess. “I had put the tyke on the floor and sort of forgot about him,” Hansensensen said, “With some of my work papers off to the side. The next thing I knew he’d grabbed a red marker and had encrypted them all. It was amazing. It took me a while to find some red celophane so I could decrypt it. Then it hit me–we could use this characteristic of visual overlay to create a crypto-system. You’d have to translate the data into a spatial coordinate system of course, such as you find in a PDF or a JPEG file, and then ‘overlay’ it with random data… I could go on, but the details are subject to a patent we have in the works and I don’t want to jeopardize that.”

Jorgen has been approached by several firms and organizations including IBM and Siemens with proposals to commercialize the technology. The NSA will not comment on whether they had already developed the technology and have cryptanalytical techniques that can break it.

Young Hans has already enrolled at CalTech in the ‘way early head start’ program. When asked how he felt about all the hoopla surrounding his discovery, he said “Hot cheese? Daddy? Frank!”