Forgot your password?
typodupeerror
Encryption Security

Animated Encryption 156

Posted by timothy
from the things-to-dance-with dept.
An anonymous reader submits: "Cartoons for fun and secrecy -- A student at the University of Dayton has apparently come up with an encryption scheme using computer generated animation. Story at the Chronicle of Higher Education."
This discussion has been archived. No new comments can be posted.

Animated Encryption

Comments Filter:
  • Scant on details (Score:4, Interesting)

    by SpatchMonkey (300000) on Thursday July 04, 2002 @12:35PM (#3822505) Journal
    The article was a bit scant on details. As we've seen before, if you keep your encryption scheme unpunlished and just claim that it is 'unbreakable', usually someone comes along later when it is in use and breaks it for you.

    Actually it sounds quite similar to the 'teenage genius' story of that Irish schoolgirl who had her similarly 'unbreakable' matrix encryption scheme widely publicized without peer review, and then broken.

    It'll be interesting to see what happens in this case ..
    • by Anonymous Coward
      Is this really new? See Sherlock Holmes The Adventure of the Dancing [odysseytec.com]
      Men
    • Well, it is getting patented. Once the patent process is complete, the scheme will be published because, well, that's the point in getting a patent in the first place.

      Oh, right, Slashdot. Patents evil. Meh.
      • Huh? I never implied patents were evil.
      • Oh, right, Slashdot. Patents evil.

        Patenting a new encryption algorithm is not only evil, but also stupid. Nobody will try to break a patented algorithm, and without years and years of expert cryptographers trying to break an encryption scheme, one cannot consider it secure.

        • That would make sense if RSA hadn't patented their algorithm. True the patent has run out, but there were 6 years that I was waiting for it to happen. Since then, that patent helped them create a well respected security company.
          • That would make sense if RSA hadn't patented their algorithm.

            True, but a different situation. RSA was the first, and for years the only, (pratical) algorithm to solve a specific problem (the problem of key distribution). It's different if you patent a symmetric encryption algorithm, because there's a large number of unpatented symmetric encryption algorithms to choose from.

      • IIRC, the patent application is in the public domain too - after all, if it is secret, how can anyone check it? Patenting is a first-past-the-post system - hence people trying to modify a patent "on the fly" to include stuff originally not covered, rather than start a new one.
    • by Cryptosporidium (145269) on Thursday July 04, 2002 @01:27PM (#3822757) Homepage
      This is a direct quote from his science fair project abstract:

      The purpose of this project was to create unbreakable cryptography employing a random number generator for personal and business use on the Internet or for internal communications and data storage. A literature search found that currently used methods have computational security (DES, Public Key) and that only cryptography with "one-time pad" encryption and random keys has unconditional security. The hypothesis for this project was that unconditional cryptography is possible if the random number generator has perfect probability and is mathematically random. A wide range of random number generators (computer built-ins and from the literature) were tested for randomness, speed, range of seed numbers, simplicity, and period length. Randomness was tested for frequency patterns using the chi-square test method.

      The best random number generator (from literature) was combined with a shift cipher to produce cryptography that is simple to implement, suitable for personal or networked computers, and has unconditional security. The method uses one time, random keys and modulus arithmetic to make the cipher one-way and unbreakable. Disks containing a large array coordinates of the seed used to generate the one-time, random key can be transmitted publicly. The developed cryptography would be suitable for personal use, business sensitive messages and data, and top-secret military communications.

      • Snake Oil (Score:5, Informative)

        by Jerf (17166) on Thursday July 04, 2002 @01:49PM (#3822901) Journal
        Assuming this abstract is complete and correct, then it provides us enough information to know that his encryption technique is more snake oil [interhack.net].

        Specifically, we have the unbreakable claim [interhack.net] warning sign, and even more specifically, this is almost certainly one of the one -time pad [interhack.net] errors:
        The bits in the pad cannot be generated by an algorithm or cipher. They must be truly random, using a real random source such as specialized hardware, radioactive decay timings, etc. Some snake oil vendors will try to dance around this issue, and talk about functions they perform on the bit stream, things they do with the bit stream vs. the plaintext, or something similar. But this still doesn't change the fact that anything that doesn't use
        real random bits is not an OTP. The important part of an OTP is the source of the bits, not what one does with them.
        There's also the technobabble [interhack.net], secret algorithms [interhack.net], and revolutionary breakthrough [interhack.net] warning signs.

        I hope they enjoy the $20,000 patent, 'cause it's not worth the paper it's printed on.
        • Not necessarily - I am told a *lot* of military field-crypto is basically a prng stream cypher. There were an extended series of arguments in [pgp-users] [cryptorights.org] between Larry Randall (a supporter of prng stream crypto in hardware) and pgp enthusiasts - check the archives around april.

        • The bits in the pad cannot be generated by an algorithm or cipher. They must be truly random, using a real random source such as specialized hardware, radioactive decay timings, etc

          This is one of the axioms used in proving that a one-time pad is "perfectly secure". If you don't use truly random numbers, there is no reason why your algorithm can't be secure; it just doesn't really deserve to be called "theoretically unbreakable".

          We already have ciphers which are based on algorithm-generated "one time pads." They are called stream ciphers. A stream cipher is simply a long string of pseudo-random data (derived from a shared key) which is XOR'ed with the text. It sounds like this kid has just invented a new kind of stream cipher.

          Stream ciphers are faster than block ciphers but they are less widely used because they also tend to be less secure. Block ciphers are less susceptible to attacks because the per-round encryption keys are data-dependent. Who knows -- maybe this kid has invented the best stream cipher in the world (but I doubt it).

          I hope they enjoy the $20,000 patent, 'cause it's not worth the paper it's printed on.

          You're right, but perhaps for the wrong reason. The patent is worthless because there are numerous free alternatives. Encryption inventors think a lot like open source advocates. Give away your algorithm for free and use your newfound fame to sell your books, network monitoring services, etc (e.g. Bruce Schneier).

          -a
      • I hope you getted modded up higher than 3. If he wrote that abstract then he really has no idea what he's doing.

        And presumably, his school has no idea what he's talking about.

        to make the cipher one-way and unbreakable

        This would be interesting. A one-way cipher? Cryptography actually is very easy when you remove the requirement of being able to decrypt the ciphertext.

        • Cryptography actually is very easy when you remove the requirement of being able to decrypt the ciphertext.

          Hey, thanks, I think I just figured out what my Master's thesis will be... ;-) "On Cryptographically Secure Write-Once, Read-Never Memory And Its Application To Buzzword-Compliant Technologies."

          (disclaimer: I am not specifically a cryptographic researcher as that statement may imply. Just a regular ole' comp. sci. master's student who understand math well enough to trust the crypto researchers over a poorly-prepared teenager any day, no matter how romatic it might be to think that the teen has actually come up with something valuable...)
        • The basic unit of DES is a one-way cypher...
      • The hypothesis for this project was that unconditional cryptography is possible if the random number generator has perfect probability and is mathematically random.

        If by "unconditional cryptography" he means information theoretical security, this hypothesis is provably wrong. Otherwise, I'd like to know what advantage his scheme offers with respect to (e.g.) the Blum-Blum-Schub generator.

    • encryption scheme using computer generated animation
      <Bugs Bunny> Ehhhhh, what's up Doc? </Bugs Bunny>
      <Daffy Duck> 10100101000101000111010111010010 </Daffy Duck>
  • No details? (Score:3, Interesting)

    by DaveHowe (51510) on Thursday July 04, 2002 @12:37PM (#3822510)
    There seem to be no details in the story about just What this marvelous breakthough is; it can't just be that they use encrypted data as motion data and generate a cartoon of it - that is just steganography, and a pretty obvious version too (plus of course, any movement of one character that obscured a move of another would cause data loss).
    Anyone know of a more technical piece on this?
    • They said it had something to do with the algorithms they use to generate realistic looking character movements. Maybe this has it's roots in chaos theory?
    • He simply adds numbers from a PRNG into the encryption process. AFAIK that is not new. And if you know what RPNG and the seed(s), it's also not really safe.

      The link to animation is very thin, you can use PRNG for "random movements" in computer animation. That's about it.

      • Not sure about that - crowd motion is random, but constrained; arms don't just jerk back and forth, but move smoothly (although not a constant speed) between a start and end point; both legs can't be off the ground at once without the body moving down under gravity, lifting a leg up means moving it forward (because of the hinges and so forth) its a mechanical system that can be modelled mathematically. It is possible that the encoding is in the constraints of a system, not the actual values (which can be randomly or pseudo-randomly generated.

        I still doubt anything here is practical though.

  • Pointless article. (Score:2, Insightful)

    by fogof (168191)
    This is such a pointless article. They give no insight on the technology. And one of the major points: The inventor is a teenager. Ok ... Maybe if they write about it in a couple of years when the patent passes it might not be a wast of time/bandwidth to read that article. There was no insight only saying saying that he used random numbers and cartoons. And oh yeah, they tried to sell it. If you are going to write about a tech, please .... please describe the technology, isn't that the point ?
  • Hmm ... (Score:2, Funny)

    by B3ryllium (571199)
    What happens when you need to break the encryption?

    Do you call in The Tick?

    Freakazoid?

    The Brain?

    Who knows ... ;-)
    • Ahh come on, when there's serious encryption-breaking to do, you need REAL power.
      The power of American Maid! *triumphant musical noise plays in the distance*

      If this encryption is any good though, the kid better get his lawyers on the phone now, before:
      a) Dubya labels him a terrorist mastermind (ok ok, so Dubya wouldn't use a big word like mastermind)
      b) Some software mobsters (read: Microsoft) decide to 'liscence' (read: steal) the algorithm from him.

  • by BlueWonder (130989) on Thursday July 04, 2002 @12:38PM (#3822518)
    An unlikely combination of interests -- cartoons and math -- has inspired a sophomore at the University of Dayton to develop a new, and potentially unbreakable, encryption technology.

    There already is an unbreakable encryption: the One-Time Pad. Furthermore, it is mathematically provable that no unbreakable encryption can have a shorter key than the One-Time Pad. Since the One-Time Pad algorithm is already extremely simple and fast (XORing the key with the plaintext), I don't see a need for any other unbreakable encryption.

    • OTP is a marvellous encryption system - low on cpu, unbreakable security, can be done by hand with less than ten minutes training.

      Unfortunately, the large amount of non-reusable key data that is needed (equal in size to the data to be encrypted) means it is almost unusable; a major government could afford to hand courier a cd full of pad to a embassy; I doubt Amazon could afford to do the same to protect your CC details.

      Btw, what is the mathematical proof of keylength? I would be interested to see that, as even a simple variant (compressing the plaintext then using OTP) requires less key data...

      • Btw, what is the mathematical proof of keylength?

        Very roughly, it goes like this: We define "unbreakable" as the following property: An eavesdropper cannot learn anything (except the length) by looking at the ciphertext, i.e. given a ciphertext, every plaintext of the same length is equally probable. This property can only hold if there are at least as many keys as possible plaintexts, therefore the key cannot be shorter than the plaintext.

        I would be interested to see that, as even a simple variant (compressing the plaintext then using OTP) requires less key data...

        This case, the compressed plaintext counts as the plaintext. :)

        • That's nice enough in theory; however, it is possible to imagine systems that don't require a 1:1 correspondence between key and data length to acquire this property. The simplest example would be to exploit the entropy within data already encoded to generate additional keydata. Given (say) a 2K block of compressed data, you could hash the first K of data to give a single byte; adding this to the keydata for the second K would allow you to reliably and unbreakably encode the second K with 1023 bytes of truely random keydata.
          • I would suggest you find a book on Information Theory. It's an interesting subject, and very relevant to cryptographic theory. The proof of minimum key length relies exactly on the relationship between the entropy of the plaintext and the entropy of the key.

            The simplest example would be to exploit the entropy within data already encoded to generate additional keydata.

            Once you do this, your scheme is now breakable.

            Keep in mind that a legitimate attack is an exhaustive search of the key space. If there are fewer possible keys than possible plaintexts, then for a given ciphertext the attacker can figure out a range of candidate plaintexts that is smaller than all possible plaintexts. That means the attacker has gained information.

            • Keep in mind that a legitimate attack is an exhaustive search of the key space. If there are fewer possible keys than possible plaintexts, then for a given ciphertext the attacker can figure out a range of candidate plaintexts that is smaller than all possible plaintexts. That means the attacker has gained information.
              This is true - I should have thought it though more. I will surrender on this one before I look a bigger fool than I do now :)
          • Such a scheme may well be good enough in pratice, however you can no longer prove mathematically that it is unbreakable.

            An attacker with enough resources could encrypt all possible 2048 byte paintexts with all possible 2047 byte keys. For some of the 2^2048 plaintexts, it will not be possbile to generate the given ciphertext with any of the 2^2047 keys. The attacker can rule these out as possible plaintexts. No longer are all possible plaintexts equally probable -- therefore, it's not unbreakable in the sense defined in my previous posting.

      • even a simple variant (compressing the plaintext then using OTP) requires less key data

        Yes, but then you have some information on what the original text could have been, as it should be a valid [insert compression program] file. The reason why OTP is unbreakable is that if you try to attack it by brute force you'll have all of the possible messages of the same lenght, and you'll have no clue about which one is the real one. On the other side, if you compress the text and then apply brute force, you'll have all of the possible files of that lenght, but only a small part of them will be valid compressed files and this may help finding the real message.

        I think that the actual proof works more or less in the same way: if the key is random, and exactly the same size of the text you get every possible message, even with bruteforce, if the key is shorter there are more chances that you'll be able to find some pattern in the cryptogram that will help you to decifrate it, and anyway with bruteforce you'll get only a subset of the possible messages, so that you may have a clue on what the real message was.

        Of course this is required to have a really unbreakable system, mathematically proof: ohter systems may be statistically unbreakable, either because you need lots of time to decipher the messages, or because with brute force you may not get all of the messages of the same lenght, but you'll get enough to have really small chanches to find out the real one. Those will work just fine for most needs, like Amazon etc.

        • Yes, but then you have some information on what the original text could have been, as it should be a valid [insert compression program] file
          True enough; however, this won't give you any sort of a handle on what the original data was (although it will give you an idea of how much entropy was in the data, if you have any idea how big it should be decompressed). It will give you a good chance of a little keydata (particlarly if the file has a fixed-text header after compression) but as keydata is never reused, that isn't a vunerability.
          • If it gives you any sort of information on the original message, other than its lenght, the system is no longer mathematically secure. Still reasonabily secure, but then there are lots of reasonabily secure encryption systems that are easier to use (expecially for key transmission).

            • By definition, it no longer gives you any info at all about the original message - not even its length :)
    • Two problems with one-time pads:
      1) Generating the pad initially, and
      2) exchanging the pad.

      Why not look at other possibilities, since this method has clear limitations?

      No reason to limit research...
      • Since any truly unbreakable encryption scheme has to use keys at least as long as the One-Time-Pad, I do in fact consider the problem of unbreakable encryption solved. No need for further research.

        Of course, there's a lot of need for research into ciphers which are not mathematically provable to be unbreakable, but are more practical than the One-Time Pad. :)

      • Two problems with one-time pads:
        1) Generating the pad initially, and
        2) exchanging the pad.

        1) Generating the one-time pad is easy with a hardware noise generator such as an avalanche diode. Marx [marx.com] makes a USB dongle that has a true white noise generator. Just pump the noise into a file, walla!

        2) Exchanging pads is not needed, as the one-time pad can be used in a symetric scheme, just a simple XOR will do fine. You only have to transfer the pad one way. Unfortunately, that is a problem that has no good solution.

    • What about a One Time Pad that is one less than the length of the ciphertext? It seems to me like having the first and last number the same doesn't compromise the security of the message one bit!
      • "It seems to me"

        Famous last words in the field of cryptography.
      • I won't discuss if it compromises security, since I'm too lazy to define mathematically what compromised security means. :) But one thing is for sure: such a scheme is not information theoretically unbreakable. Please see my posting elsewhere in this thread [slashdot.org] for a more elaborate explanation.

      • It would be no longer mathematically unbreakable. Of course, if the message is a few TB long your method won't compromise much, but it won't help you transmitting the key, either; on the other side if your message is 8 bit long a 7 bit keys will compromise almost everything.

      • It seems to me like having the first and last number the same doesn't compromise the security of the message one bit!

        It compromises the security of the message exactly one bit (assuming that it's binary OTP). If the first and last bits of the ciphertext are the same, then you know that the first and last bits of the plaintext are the same, and vice versa. You gain one bit of information about it, and cut the number of possible plaintexts in half.

        Cryptanalysis is based on statistical data. The attacker presumably can make reasonable guesses about the contents. So if they can guess the first bit with 70% probability, they also know the last bit with 70% certainty.
    • One time pads are useful for small amounts of data/one time transmissions, but for huge data it becomes quite useless. Another thing with one time pad is that both sides need to have the key (symmetric cryptography) and the pads have to really be random, or secure pseudo-random.
      I'll agree that one time pads are the only true secure form of cryptography, but that is still not reason enough not to develop more/better algorithms which are more effective in other areas.
      • I'll agree that one time pads are the only true secure form of cryptography, but that is still not reason enough not to develop more/better algorithms which are more effective in other areas.

        Any truly unbreakable cipher (in the information theoretical sense) needs a random key at least as long as the plaintext. This is provable. Therefore, no information theoretically unbreakable cipher can exist which is more effective than the One-Time Pad.

        If it is more effective, it is not unbreakable. Of course, this says nothing about usefulness. In fact, effective but breakable ciphers are more useful than unbreakable ciphers in almost all cases.

    • We can come immensly close to it, but if data was to move from human readable to encrypted and back to human readable, than at some point it had to be decrypted, and if it can be decrypted it can be broken. It doesn't mean that the chances of it being broken are immensely small, but the chance is still there. Espesialy if the randomness is generated by computer, I have yet to see a random generator scheme for a computer that doesn't have some sort of formula to it. True randomness is very hard to come by.
      • I should probably have been more specific in my original posting. By unbreakable I mean information theoretically secure, a mathematically well-defined property which is in fact achievable and achieved by the One-Time Pad. I have given a rough definition here. [slashdot.org]

  • How does he generate his randow numbers?

    A computer can do pseudo randomness... but since it's not truly random there are ways to detect periodic repetitions and thus find the missing key to decrypt the message...

    The only way to be truly random would be to have an outside source (like a camera pointing to lava lamps, or a tree in the wind, backgroud noise, etc...).

    This article is not very detailed, but I understand this invention is in the process of being patented, so we'll have to wait...
    • How does he generate his randow numbers?

      A computer can do pseudo randomness... but since it's not truly random there are ways to detect periodic repetitions and thus find the missing key to decrypt the message...

      What you mean is probably: "Computers cannot generate true random numbers in software".

      Germanium diodes are said to generate real random, chaotic electron flows if used in blocking direction.

      One usually uses a Germanium diode, places an A/D converter past it and calls it "hardware random number generator".

      That said, scientists still aren't sure whether there is such a thing like "true random numbers" at all. Create your own universe and maybe you will be able to predict any "random" number that beings within this universe try to create.

      • You are correct, but I must say that the Germanium diode you are talking about must be considered as an external source of randomness, since it's not something normally found in a computer.

        What I meant to say is that in today's personal computers, there is nothing truely random.

        Video poker machines have been exploited because the random numbers they generates tend to repeat. When you sample those numbers over a couple of weeks, you can see patterns emerging from those numbers. If you can find a formula or method that duplicates theses patterns, you have a way to predict the "random" numbers that the machine will generate.
      • Even hardware random generators are prone to bias. For example, the germanium diode might generate more 1's than 0's. That knowledge alone may be enough to break messages. Thus it is not trivial to even create one time pads... they source of THAT data must also be random.

        Another example... use the time between radioactive decay detects. This is theoretically random from quantum physics.... BUT.... there may be artifacts. For example, there will be a minimum time resolution of your detector. It may have hysteresis or dead times after a particle is detected.

        As has been shown many times, cryptography isn't for the faint of heart. It also isn't for the foolish, like this kid's father.

      • Correct. Also don't forget that Linux et. al constantly gather entropy from your mouse movements, network traffic, HD seek times (influenced by turbulence inside the drive, providing "true" randomness).

        Try writing a program that takes several hundred MB from /dev/random. You'll find its runtime depends on how much mouse movement and other user input is going on. I once ran a random acess file system simulation for class. I went to dinenr and came back and the stupid thing was stuck. I later emailed the prof to let him know he should use /dev/urandom instead of /dev/random if he's not hyper sensitive about the entropy content and needs time-critical random data.

        Off hand, what PRNG does the Linux /dev/urandom use when it exhausts the entropy pool? My best bet is that OpenBSD uses Yarrow, but all bets are off with Linux.

    • .. once http://lavarand.sgi.com/, now: http://www.lavarnd.org/ [lavarnd.org]
    • Timing keyboard interrupts and similar and generating an entropy pool of pseudo-random numbers and using them (like the Linux-kernel does (/dev/random)) generates supposely strong pseudo-random numbers.
  • ...means you bit-reverse that byte. Glorious. And this message is double ROT-13 encoded, so anyone reading it is in violation of the DMCA. *shakeshead*
  • by nairnr (314138) on Thursday July 04, 2002 @12:40PM (#3822536)
    Maybe it is just me, but I think the poster is a little bit confused. It is not that animation is being used in encryption, but rather he was inspired by the crowd scene in Hunchback, where the characters movements were essential being controlled by random numbers to create a lively and chaotic look to it.

    The article then states that the thought was to use random data in an encryption algorythm to make it unbreakable. So I don't think that we will be seeing messages passed around the the next Disney flick...
    • Sure, why not? It's neither encryption nor stego, but it's a great way to leave general instructions.

      "In the scene where the guy on stilts kicks some guards in the crotch, count how many guards get kicked. ONE guard means attack on Monday. TWO means attack on Tuesday. THREE means attack on Thursday. FOUR means attack on Friday. FIVE or MORE means attack at your own discretion."

      Once you've got an innocuous set of actions and indicators listed, you can throw up a 'student project' with something specific in the title, and live secure in the knowledge that your agents can safely view it, and act upon it.

      This is similar to the telltales used by intelligence officers everywhere to send and recieve messages to and from their agents. "If I'm carrying the newspaper folded up in a certain way, the meet is on. If I drop it, it means the meet is off. If I'm carrying it folded a different way, it means get to your bolt hole and leave the country."

  • " He hopes to sell the technology to computer companies, banks, government agencies, and other organizations that could use a secure code."

    Am i the only one who can't see many / any real world applications for this.
  • Working with stick men in animation, Mr. Kauffman wanted to improve upon those techniques, assigning more numbers to more body parts and actions.

    While studying number generators for the cartoon project, he found references to mathematicians and computer scientists who had theorized that the technique could be used in encryption technology [...]

    "Since you don't know what any of the values are mathematically, [a hacker] can't solve it," says Robert E. Kauffman, who is a senior research chemist at Dayton and Jason Kauffman's father.

    If I understand it correctly, Alice sends a cartoon to Bob. Bob knows which features to looks for (for example the head and feets) -- that's the secret key -- and can then reconstruct the message by analysing the movements of these features.

    Not too dumb, but it looks more like steganography than cryptography.

    GFK's

  • by KillerCow (213458) on Thursday July 04, 2002 @12:44PM (#3822570)
    new, and potentially unbreakable, encryption technology

    Unbreakable? Sounds like snake oil already...

    An idea dawned on him for a unique way to use random numbers in a math equation to encrypt data.
    "Since you don't know what any of the values are mathematically, [a hacker] can't solve it,"


    This is ridiculous. Some stream ciphers use random number generators for their encryptions. The problem is, that since the "random" numbers come from a random number generation algorithm, they are not random -- they just appear to be. When they are subject to analysis, patterns are found, and the whole system is compromised. The security lies in how hard it is to predict the "random" numbers.

    Jason Kauffman is going to continue plugging away at his mechanical-engineering degree.

    That's a good idea, since this sounds like the junk "unbreakable" encryption that comes around every few years. If he's interested in encryption, he should take some advanced math classes to get a better foundation to work from. And pick up a copy of Applied Crytography.

    Sorry about the rant... but this kind of thing gets me going.
    • "Unbreakable" probably just means it's a one-time pad variation, that being the only known system that can support that claim. Off hand, I'd suspect he's just working on some way to use animation to convey key information. I don't know how that would work, though.

      But it's hard to criticize or admire whatever technique this guy is looking at, because there are no details in the article. (zero-knowledge reporting?)

  • Random numbers are used extensively within encryption techniques, particularly for generation of keys. As the key is primarily the guardian of your data, it is vital that it is truly random to ensure it can't be guessed or determined by frequency analysis (or other methods).

    This is particularly important for block cipher algorithms which use the same key over and over again on successive blocks of data!
  • Now its clear to me: they were sending coded instructions to operatives in the field.

    When they all leap onto the sofa at the start of the episode it truly means something.

    Now if only I could get a look at the decode manual . . .
    • When they all leap onto the sofa at the start of the episode it truly means something.

      Now if only I could get a look at the decode manual . . .

      Homer's hair. Nuff said.

      And whenever they need to send a burst of data, there always is some reason to show Homer in the 60s in the storyline, right? ;-)

  • by mborland (209597) on Thursday July 04, 2002 @12:51PM (#3822604)
    I can't disclose the details of my new patented idea for what I know is an unbreakable encryption algorithm, but I will describe my research.

    I was sitting outside and saw all the blades of grass swaying in the wind before me. I noticed how some were shorter than others, and that they actually didn't all have the exact same color. I thought if I assigned a number to each of these and several other characteristics, I'd be well on my way to unbreakable encryption.

    My dad used to be a pretty famous rodeo clown in the 60s and an alumnus of the college I'm attending, so when I approached the board of trustees for approval for my research, they were ecstatic! They gave me $20,000 to conduct my research. Now I will be busy all summer observing the grass swaying in the wind. I plan to have a prototype ready at some point, I hope.

    • by Anonymous Coward
      That happens to be a crackerjack idea. I have a small suggestion to make it truly brillant.

      Have you noticed that the vertical measure of the individual blades of grass change with respect to time?

      You should ask for another $20,000 to watch that change.
    • I used to know Kauffman (not very well), he was on my swim team a few years back. In addition my father also used to work in UDRI (University of Dayton Research Institute). UDRI is not composed of rodeo clowns and this is not the first time Kauffman has received large scale recognition for one of his projects:

      http://www.udayton.edu/news/nr/062397.html
    • Anyways, since you don't want to become bored while watching the grass, i've got some green "equipment" you might find handy. My pager number is .... oh fuck, the Feds........
  • unimpressive (Score:5, Interesting)

    by frovingslosh (582462) on Thursday July 04, 2002 @12:52PM (#3822608)
    Too many times someone without a good background in this area thinks they have done something impressive, when they have really left wide open holes. Clearly we are not being given enough information here to prove this is the case, but the important thing is that we are not being given enough information to evaluate it either way. The article makes some vague claims but they are pretty lame:

    "Since you don't know what any of the values are mathematically, [a hacker] can't solve it," says Robert E. Kauffman, who is a senior research chemist at Dayton and Jason Kauffman's father. Robert Kauffman formed a partnership with his son and the university to patent the idea. The Kauffmans are reluctant to go into more detail about the idea because it's in the patenting process.

    Cryptography based on a hacker "not knowing" something can be in for quite a surprise. And there is not even a hint here that this technique is based on a mathematically sound formula that is "hard" to solve. Perhaps this guy is on to something, but this attempt to talk about it but at the same time claim they can't talk about it yet leads me to believe this is more of an exercise in hype or ego than anything scientific. Cartoon cryptography might turn out to be a fitting term for it.

    • Cryptography based on a hacker "not knowing" something can be in for quite a surprise.

      All cryptography is based on an attacker "not knowing" something. This 'something' is conventionally referred to as the 'key'.

      If you are alluding to Kerkhoff's Principle, then it is really about defining what makes a good key and what makes a bad key.


      Too many times someone without a good background in this area thinks they have done something impressive

      This is true, and I have small doubt this guy's idea will amount to nothing. I would add that many times people with good backgrounds in this area think they have done something impressive and later find a flaw. Good cryptography is really really hard.

      Of course, occasionally you get your Diffies, Hellmans, and Merckles who come up with relatively straightforward ideas that really are good, and really are significant. Even Rivest, Shamir and Adleman weren't experts in cryptography; they were number theorists who realized integer factorization would make a good trap-door one-way function.

      • Diffies, Hellmans, and Merckles...

        First, it's Ralph Merkle. Second, the scheme he invented with Martin Hellman was broken. It looked cool at the time, but someone came up with a neat way to break it. So things come to naught even with the best prepartions and reputation.
  • Cool... (Score:2, Funny)

    by parad0x01 (549533)
    So now I can encrypt animated pr0n in japanese anime...oh wait...
  • Like his encryption technology, his studies have been inspired by Disneyland; he wants to use his degree to design roller coasters and other amusement-park rides.

    A few points here:

    It looks like he's already working on taking people for rides.

    At my next development meeting should I recommend we watch the Little Mermaid for inspiration on database design?

  • "Since you don't know what any of the values are mathematically, [a hacker] can't solve it," says Robert E. Kauffman, who is a senior research chemist at Dayton and Jason Kauffman's father.

    A senior research chemist, well holy smokes! This is the only freakin guy you could get for a quote on this new "unbreakable" cryptography system. What was the janitor at lunch!? Not only that, but its his father to boot, not to knock his extensive work in engine/oil products but come on!

    Hey while we're at it...My 4 year old sister says that my newly developed RDBMS is 120 times more efficent than Oracle's, so now can I have the $20,000 to patent it, thanks.
  • I made an encryption alg which is completely unbreakable. It uses numbers. I got the idea from mathmaticians while studying numbers. Holy FUCK ain't that keen?! Let's make a news story about it. Nah, just use what I just told ya.
  • .... Ren n Stimpy password :D
  • From the article reporter: "An unlikely combination of interests -- cartoons and math"

    Um. Has this guy never met a math or science student before?!
  • Google? (Score:3, Informative)

    by DaveHowe (51510) on Thursday July 04, 2002 @01:41PM (#3822832)
    A quick websearch threw up the occasional highlight:

    Jason finds way to recycle used oil [udayton.edu]
    gives a more technical view [udayton.edu] of the current discovery (its a prng by the way)

    • I'm glad that his dad supports him in his scientific endeavors...but...his dad is in every article posted about him...interesting.

      His dad is most likely very intelligent, but a bit of a spin-meister:

      "Jason is so far outside of the box with his thinking that he can't find the box..."

      Puleeze!

      Good luck with the research...but there are a number of PRNGs out there already. Sounds like Jr. has learned a thing or two about how to spin a story from his dad...

  • by Dr. Awktagon (233360) on Thursday July 04, 2002 @01:45PM (#3822860) Homepage

    Yup, all the tell-tale signs are there:

    • claims that it's potentially "unbreakable"
    • hasn't spent much of his academic career breaking other people's cryptography
    • uses the clout of his dad to get funding
    • and of course, he's patenting it, which means it won't be of any use to anyone.

    My guess is, he found some "smooth noise" generator and thought that it would make a good source of "random numbers", used, e.g., as a key schedule algorithm, and as soon as the patent is published (which it will be, thanks to the dumb patent office), it will be broken (it probably has a short "key" to set initial conditions, which will be easy to break) and this guy will be forgotten.

    Though the cartoon connection is kinda cute and might get some press attention.

    Next?

    • Yup, that's it. It isn't even a original bad idea.

      There's lots of work to be done on encryption algorithms. A system based on an algorithm with a provable lower bound on solution time would be helpful. Some popular algorithms have "bad keys" that are easier to crack than the average key. A reliable way to detect man-in-the-middle attacks automatically would be useful. Systems that synch up fast on noisy channels would help.

      But another scheme based on a psuedorandom number generator isn't useful.

      "No new encryption algorithm is worth looking at unless it comes from someone who has already broken a very hard one" - Friedman

  • I wondered about the article -- being so scanty on info needed to evaluate Kauffman's claim -- and then sent searching online for the patent application. The cos site was a pay site, offering searches for US$250/yr for individuals. Screw that. I went to uspto.gov and then here [uspto.gov] within it. I did an "advanced" query [uspto.gov] for Kauffman's name on published patent applications; the query string was "in/Kauffman or in/Jason", the years were "2001-2002". I got 411 results -- too many. Dunno why I used "or" -- so I reduced the query to just "in/Kauffman", which got me 15 results. I went through any that even remotely could have to do with numerical processes, but none were from Jason Kauffman.

    Hmm.
  • Check out One Time Deck: the world's most wasteful encryption scheme [boswa.com]. The key size (in expressible values) grows with the factorial of the message size (also in expressible values, not bits).

    Basically, your key is the equivalent of a randomly shuffled deck of cards with each possible messages written on a card. Your ciphertext tells where to cut the deck to find the card with your message on it. Each deck is used for only one message, then destroyed. Hence the name.

    It has the interesting property that if you don't have the deck, even if you know the plaintext exactly, any changes to the ciphertext will result in a completely random plaintext (except that it's not the same).

  • I have this vision of an FBI agent watching tons and tons of porn in his cubicle. The boss comes by and starts scolding him. He then says:

    "Please calm down. It is possible to hide secret messages in images now. Here is a printout of a slashdot article about it. I am just looking for hidden terrorist messages in this porn found on Al-Quida PC's. I think her breasts are jiggling to a descernable pattern, so I am trying to plot the jiggle pattern here."

    Boss: "Then why are you sweating like that?"
  • And I heard if you watch the Lion King with special "bin Ladin" glasses you can see the Twin Towers falling as soon as Simba watches his father die.

    Snow White was used to plan the attacks....

    Sheesh

  • This kid could really use a copy of "RSA Laboratories' Frequently Asked Questions About Today's Cryptography" or "Applied Cryptography" or even "PGP DH vs. RSA FAQ". At the University of Dayton page on this discovery (https://alumni.udayton.edu/np_story.asp?storyID=7 84 [udayton.edu]), he says that Triple-DES could be easily broken.

    That is complete B.S.

    Triple-DES is a 112-bit algorithm, and perhaps even stronger that Rjindael (AES), since it's been subjected to rigorous cryptanalysis for many, many years.

    It seems as if the encryption technology might be secure, but without any information on it, I am very skeptical.

It is the quality rather than the quantity that matters. - Lucius Annaeus Seneca (4 B.C. - A.D. 65)

Working...