Turbulent times.
A Coordinated Bitcoin Selloff
It appears that it was a coordinated action planned many days in advance. Without doubt also related to coronovirus.
We looked at the crypto index CMC200 and CMC200 without bitcoin which are volume weighted average price synthetic indices, now present in the mainstream with Nasdaq, Bloomberg, Reuters, Yahoo etc. Both indices culminated on 14 February 2020. In comparison, Nasdaq and S+P 500 CAC 40 DAX etc have all peaked on 19 Feb 2020.
Can the Internet become Unstoppable?
There is a chance the the Internet will be completely transformed. One wind of change blows from blockchain tech community. Another from Communist China. Essentially all the technology we know, could disappear completely,
and could be replaced by something completely different, a different set of protocols and systems.
For decades the so called “Internet” was some sort of virus which has infected the telecom industry and the whole economy, with the creation of electronic commerce. We have been brainwashed to believe in a dream. The dream that there could be some free independent medium of communication out there. Dream of more freedom of expression and more competition in business, benefiting consumers. However, there is no such thing such a free space. It is always going to be owned by someone, it is going to be prostituted to benefit the famous 0.1 %, the tech giants or/and similar centers of power. Or it will be owned by someone coming from China, like bitcoin already is and as many businesses worldwide already are. The invisible hand has a new visible center of power.
In reality a free independent medium of communication has never yet existed. Let us stop being stupid and naive. In theory it could have been created, for example in the form of peer to peer software radio driven networking, but it simply has not been created yet (or not at scale). In reality we have been told lies. All this was rather or primarily just a game which many governments and national telecom monopolists and Internet businesses and even academics, have been playing for a long time. Game where some naive people work for free, for example be being open source developers, or producing free content for YouTube, or selling their technical capacity at a loss to other companies more able to make use of it, or giving away for free their research expertise, etc. Or opening all sorts of businesses sectors to competition.
Naive actors work more or less for free, while other become super rich. The telecom markets and the media markets worldwide have been transformed. National telecom companies have been disrupted by fierce international competition. Jobs have been moving to countries which have been able to profit from this situation. Long time ago, it was Finland. This time is over. Competition has destroyed many industries and millions of jobs have been displaced.
Then came new monopolistic vertically integrated omni-scient Internet and media and electronics giants, which are now looking at AI as the logical next step. Now is China making Internet telecoms and 5G their exclusive playground with a new Internet standard proposal. All these things are children of naive and stupid telecom deregulation, based on the illusion that telecom services can be free, that they have no price tag. This is an illusion which appears if you are short-sighted and you consider the cost of was needed yesterday, with the technical means of tomorrow. France, United States, UK Germany alike, have let telecom industry go East. Finland was just one stop on the way. Glorious country Finland, this is an example to imitate, but we lost it, or lost it again.
Here is one very timid way how a new and major game change could happen and disrupt the Internet. It is unstoppable decentralized Internet underpinned and disrupted by Ethereum. The main idea is that with this sort of system, to take down a web site, an attacker needs to attack the whole network. A radical change in technology and critical infrastructure. Ethereum network is needed, but the price of optical fiber networks goes down. This could in fact become a tipping point, where the status quo could be changed for many other things, like how electronic commerce works, for example. It could make things such as TLS and packet switched networks and credit cards and even banks totally obsolete.
At this moment Google can blacklist this Chrome extension and kill this innovation. This sort of blacklisting of apps, is how Google runs the world. Google has done this before in all impunity, you go from from “hero to zero” overnight. Or was it an accident? Not only web sites are subject to hostile take-downs. Businesses also. Recently CCN was in the dark, a major crypto currency news outlet, because Google searches stopped showing them. Interestingly, during this period CCN have received several offers to buy and take over their company…
We come here what is certainly the worst ACHILLES FEET of most crypto currency businesses. Blacklisting threat. First some sort of creepy suspicion of money laundering, so badly treated or blacklisted by certain banks. Then maybe facilitating sex or drugs-related criminal activity on the Internet. Finally, I forgot, Vitalik is Russian and he met with Putin. So these innovators can and will be blacklisted at any moment. The same type of blacklisting is also applied to Chinese telecom business.
We see a pattern, how incumbents can control censor and bend the innovation, in order to benefit them, with help of naive governments and legislators and regulators. Also with help of largely corrupted mass media, which companies such as Google largely control, well indirectly, through incredibly large advertising budgets.
Possibly Google and other incumbent players will develop some sort sort of clone, or imitation of this technology. In general, you can expect very nice things from Google technology-wise and security-wise. They are not a new Microsoft, they have always done extremely well in my opinion, and gave been a good example for others, not a bad example. However, they are likely to be nasty with the independent anarchist crypto startups. This is life. Though Google do understand technology, they are likely to distort the reality to fit their narrow-minded business agenda. They are likely to commit serious mistakes motivated short term business interests.
Recall that France has invented the electronic commerce, literally everythin, like buying your train ticket on MiniTel, or enrolling at a university. But they FORGOT to develop an even more important invention, of email or maybe text messages. Text messages came from Finland, and email was invented by some silly academics who did not like paying for communicating blissfully ignoring the fact that their universities and government have paid a lot for these systems to exist. Why the French did not invent text messaging or it remained marginal? Maybe because it would make their national monopolist telecom champion business lose billions (cynically made from silly local phone calls, to an answering machine for example). Most telecom CEOs have missed exactly this: like for about a decade they have underestimated by a factor of at least 10x, the amount of income they would themselves make from silly “text messaging”.
Likewise, Google is likely to miss the train here. For sure Google can and will work to influence how Internet and electronic commerce is done, protocols, standards, business etc. But they will miss in many ways in which and how disruptive, more decentralized blockchain-based and crypto-rich and Internet could be. They will fail to grasp the possibilities offered by a new crypto financial industry. They will just look at fewer disruptive things which will benefit them. Likewise they do not get it about telecoms and 5G. So many things which are not their business. Google is likely to fall below expectations. Elsewhere, opportunities increase faster. They could actually literally explode, see how Bitcoin got out of leash and out of control since 2009, and could became equal to Google on market cap question tomorrow say in 2021. Likewise 5G is coming massively and Google also thinks, we simply do not care. They think: we do our job and dominate electronic commerce anyway, whatever it is. However they do not get the following think: incumbent almost always fail or weaken (see Microsoft) when the technology changes. And so really Google does not want any big change, probably. And they are wrong.
For Google Ethereum is small fish. They will first fail to disrupt Internet not only because because Google Facebook and Amazon can afford to ignore them. Also because Google Facebook and Amazon actually ignore a bigger picture. Tehir mortal sin is that they are not at all trying to disrupt the Internet, and this is not OK in mu opinion.
If so there is only one real disruptor left. Remember that China have their own crypto currency projects. Be scared of Chinese clones of the players in our game where David (Ethereum) is playing his naive stunt against Goliath (Google). These are not just about hiding money of rich Chinese who would like to live in Europe or the US. We have a crypto belt and road, and we have a digital silk road. These are the real forces which seem unstoppable today. The new Internet protocol proposed by China Huawei has more tracking, is more centralized and allows more censorship. Ethereum is a joke compared to telecom and Internet giants and their games. We are completely unprepared and people in China are a lot smarter than people in the hypocritical divided West on the verge of a new financial and public health crisis and depression.
Going back to the dream. We have been brainwashed for decades to believe that Internet is permission free, and tried to build crypto currency to be permission free and decentralized and democratic. In reality all these are just power games where huge business monopolist empires emerge. Now we think that Internet is going to become even more decentralized with Ethereum. It is stupid dream. In reality it will become more centralized and even more monopolistic, and yet more centered around an authoritarian China, the ultimate winner of decades old worldwide telecom industry consolidation. This dream could works backward, my friends, especially when the whole planet has its eyes at one short term virus, but have been ignoring another virus, of stupidity and naivety typical in the West from 1968 and today’s millennials, with their super naive ideas.
We regret the inability of our power centers to truly embrace new technology in a positive way. Except when pursuing very narrow and sometimes toxic business interests. We regret our stupid delusions which come from the fact that we believe too much our own propaganda, about freedom and better life. Christianity promised better life tomorrow. Internet promised better life today, but it is not real, it is like a computer game. On this planet business with AI and authoritarian empires are working hard to enslave people and control our lives and resources of this planet. Good things do not come for free. Nations who are not trying to be strong players in the technology space, are being colonized by other (smarter) nations.
Technology and coronavirus are the real unstoppable forces: they are both “viral”. One however is a slow exponential, the other a super fast exponential like coronavirus infections worldwide. Always fight the fast exponential, and embrace the slow exponential. Both are very strong if not unstoppable, but the second can be our friend tomorrow.
If we want to survive, we need to stop being naive about science and technology: they can disrupt and transform, but not everything which shines is gold. All of telcos Internet bitcoin Ethereum governments and academics have lied to us a lot about the new technology. I guess life will always be like this: the more money and power is at stake, the more naive young people get badly informed, if not brainwashed. Freedom has a price, and a good way to be free is to embrace the new technology and science. We get a chance to survive, and more difficult, maybe to make life on this planet better.
Never Again Banning Crypto Currency
Private money has arrived. Crypto winter is over. At least for India.
The supreme court of India has overthrown their 2018 ban on crypto currency.
What is the Purpose of REF?
Today, Jo Grady, general secretary of my university trade Union (UCU) wrote these words to all academic staff who are members of the union:
“we are asking you to withdraw, where possible,
from activities relating to the REF […] […]
These activities are important to employers but they damage our sector.
They rely on inappropriate metrics of quality; that create
perverse incentives and prevent us from doing the front line
teaching, research and professional services work that really matters.
Exercises like the REF tend to increase our workloads,
waste money that could be invested in staff, and exacerbate
our anxiety and insecurity by subjecting us to unfair,
unhelpful performance management procedures. “
No comments for now.
30 Years Ago
Exactly 30 years ago, Stasi was dissolved. 13 January 1990. 91,000 full time employees and 189,000 unofficial collaborators and informants lost their jobs and privileges.
The German government has done a lot to preserve anything which Stasi has ever done. Some links:
- At this moment in Brussels, inside the EU Parliament there is an exposition on this topic.
- Here is a paper about Stasi from 2017 published in Wired.
- Putin had close ties with Stasi.
- Here is some art work about a Stasi prison by Karolina Spolniewski.
- And here is a video interview by Bernd Lippmann, a teacher who was thrown into a prison at one time and one of some 34,000 political prisoners, later evicted, and for whom a huge amount of money (a ransom) was paid by West Germany, in order to free these prisoners.
- And here is a paper on cryptography developed by Stasi and used to protect all sort of communications for the German government during the Cold War.
Remark added later: 13 January 2020 was the first case of Coronavirus outside of China. An old lady from Wuhan… Conspiracy theories will thrive!
A New Documentary about WW2 Cryptanalysis of Enigma
A new documentary tells the story of the discovery of one of the most important cryptography papers of all times. We are talking about an extensive technical report written in German language and entitled “Kurzgefasste Darstellung der Auflösungsmethoden”. For some 80 years it has remained classified, part of the so called Gustave Bertrand WW2 archives.
It was written presumably in France, in early second half of 1940, by Marian Rejewski and Henryk Zygalski, though the author names are in fact, not at all specified(!). Possibly Alan Turing, or other UK authors were also involved in producing this report. This is because, instead of a list of authors, this report is written as a summary, or a survey, and very much like a manual, summarizing what was known to the whole group of people. It contains in fact a very clearly marked list of named contributions, many of which are made by UK cryptologists. For example Jeffreys, Herivel and Knox are named inside as contributors, see Fig. 1 here. If the authors are not specified, and in absence of further factual discoveries, this report could also be considered as joint work contributed, directly or indirectly, by all people named inside(!).
It is a concise and very detailed summary of all known attacks on Enigma. A monumental document which shows how cryptography and cryptanalysis have developed in 1932-1940, with a summary of presumably everything which was known to the allies [Poland,France and Britain] about breaking Enigma codes, at the time.
In fact not quite so or not yet. The title “Kurzgefasste…” suggests that a longer even more detailed document may have existed, which question is also discussed inside this documentary. In fact we know for sure, that some additional cryptographic and signals intelligence knowledge and expertise, and numerous additional concrete decrypts of WW2 messages, have existed at the time, and were known only to yet fewer people. It is believed that these things were however shared with Bletchley park, or/and countries more directly concerned such as Switzerland, more on the need-to-know more ad-hoc basis. It was estimated [as reported by Jean Medrala who has spent a lot of time studying French military archives] that about 50% of decrypts done by Polish code breakers working on the French soil were dissimulated, and not communicated to Bertrand, for some time, and at least until the late 1970s, when Bertrand has written his memoirs. In particular we should consider that knowledge and expertise concerning the decryption of Russian messages was considered as even more sensitive than anything concerning Enigma. It was known to a yet smaller circle of people and almost certainly this part was also not known at Bletchley Park either, and was shared with the UK on a different basis. Private correspondence of WW2 code breakers, preserved by their surviving family members, suggests that they did not in general trust Bertrand, who officially worked for the Vichy government(!). We expect that additional facts will brought to light, and will be published in the near future.
Observation: We should note that the method of Sillies, described by Welchman in The Hut Six Story, will be the first one, not known or not shared with the Polish and French side. This even though very clearly the report shows how the attack method of Herivel, from exactly the same period became operational, with contributions made on both sides of the Channel. These methods were operational in second half of 1940, after France was overrun, and was based very clearly on observations and data gathered in Bletchley Park for a longer (earlier) period, but maybe not shared anymore or not in full. This is a significant observation, and this is maybe how the report can be dated to be closer to June than September 1940. Or this is how the XYZ or Polish-French-English cooperation has slowly ended, and a new era of code breaking run and dominated by Britain alone has started.
Here is the documentary to watch:
- English version “Enigma. We have got news (EN 2019)” is here,
- French version “Enigma. Il y a du nouveau (FR 2019)” is here,
- Polish version “Enigma. Mamy nowiny (PL 2019)” is here.
On a picture: an original French-Polish made Enigma machine with ABCD keyboard from the collection of Pilsudski Institute in London. Only 2 such machines exist.
P.S. This report could be cited as follows:
Marian Rejewski, Henryk Zygalski and other undisclosed authors:
Kurzgefasste Darstellung der Auflösungsmethoden. Bertrand archives, Service Historique de la Défense, Vincennes, France, DE 2016 ZB 25/6, Dossiers Nos. 281 and 282, ca. 1940.
Added March 2020: Here are the exercises UCL students need to solve about breaking Enigma.
A Linear Annihilator Property and Strong Biases with Original DES S-boxes
In 2004 I have published a paper [Crypto 2004, Santa Barbara] in which I explain the concept of the so called Bi-Linear attack on DES. The old attack was not extremely strong. It is possible to see that two conditions would be necessary for such an attack to somewhat work well in cryptanalysis of DES:
- There must a strong connection inside the P-box so that a pair of bits goes from one S-box to another and back. Unhappily there are extremely few such cases in DES, for example the pair 3,17, and the attack is prevented by a strong P-box.
- The P-box must have super strong LINEAR annihilators such as for example two Boolean functions inside DES would have to satisfy a condition like:
Z*(a+d)=0
Needless to say they don’t, and this attack is just unthinkable (a detailed description of one attack of this type can be found in section 11.2 of this paper). There are extremely few cases where point 1. would work and in fact the situation is far worse for point 2.. It is possible to see that the probability that Z*(a+d)=0 for a random Boolean function is
(2^-9.5)^2.
3. Moreover it is easy to show mathematically that such a Boolean function cannot be non-linear and balanced at the same time [a little theorem which we leave as an exercise for a reader, solution will be published soon].
So we have an extremely weak attack on DES which does not and cannot work due to points 1. 2. and 3. However:
Reality is More Interesting than Fiction
The idea is that we need to relax this attack a little bit and eventually the obstacles 1. 2. 3. can be removed or circumvented.
It will come as a shock to anyone who has ever studied DES but linear annihilators DO EXIST for the original DES S-boxes. For example we have these two examples:
(1+R14+R16)*(W4+X4+Y4+Z4+1+R12+R14) = 0
(1+R16+R17+R20)*(W5+X5+Y5+Z5+1+R17) = 0
Specialists of Boolean functions would say that “some output linear combinations of DES S-boxes are 1-weakly-normal” see this paper. This is actually a very strong property. Extremely few Boolean functions have this property (actually also about 2^-9.5 of all Boolean functions on 6 variables).
New Attacks
So obstacles 2. and 3. are removed. Where do we get from there?
The question really is how to remove obstacle 1. as we are NOT allowed to change the wiring of DES in order to make the job easier for us. The answer is that we need an attack able to exploit properties such as above. The existence of such an attack has been an open problem since 1985, the famous mystery paper by Adi Shamir. This attack is no here, is now public.
More Observations
For now, let us look at the underlying DES facts.
Why is our property related to the one observed by Shamir? Shamir observes that for many DES S-boxes the sum of 4 outputs such as (W1+X1+Y1+Z1) for the 1-st S-box is trongly biased. If so either (W1+X1+Y1+Z1) or (1+W1+X1+Y1+Z1) will have a large number of annihilators (it is easy to see that the number of annihilators depends on the Hamming weight or the number of 1’s in the truth table of a Boolean function and nothing else, see Thm C.2. in Appendix of this paper.) Then we will not be surprised to see that for example:
R01*(R04+1)*(W1+X1+Y1+Z1)=0
Now our new properties are yet stronger, we have only one affine factor:
(1+R16+R17+R20)*(W5+X5+Y5+Z5+1+R17) = 0
Moreover the connection between the size of annihilator space and the biases works both ways. We have also accidentally discovered that not only sums of 4 outputs but also things such as
(W5+X5+Y5+Z5+1+R17)
are strongly biased with the actual original DES S-boxes.
This is new, and was not observed before and not contained in properties presented by Shamir, or cannot be a consequence of these previously observed properties, as we added an affine function. It extends the properties discovered by Shamir with new correlations not studied before, and more importantly with linear annihilations and their applications in cryptanalysis. An actual attack which exploits this type of properties will be presented at ICISC 2019.
Walsh Spectrum Connection
More generally we observe that a sum of all 4 outputs of some DES S-boxes can have more than one very strong correlation with linear functions. Is there are bigger picture we can see here? Yes, the set of all such correlations have been studied since 1970 [yes! in 1976 was already a routine tool, a proof can be found in slide 33 here] and today it is known under the name of Walsh spectrum. Here are the Walsh spectra for the sum of 4 outputs for the three DES S-boxes studied above:
W1+X1+Y1+Z1 {0: 19, 4: 27, 8: 11, 12: 3, 16: 1, 20: 1, 24: 1, 36: 1}
W4+X4+Y4+Z4 {0: 54, 16: 8, 32: 2}
W5+X5+Y5+Z5 {0: 32, 8: 30, 24: 1, 40: 1}
Extremely bad, yes? Well not quite.
We need to observe that this sort of things happen frequently even for Boolean functions chosen at random. It is clear that from the point of view of diffusion or the P-box, attacks which involve all the 4 outputs of each S-box are going to be the hardest to make, or will involve larger numbers of simultaneously active S-boxes. The fact that it happens here when all the 4 outputs are used and not with say W1+Y1, should possibly be considered as evidence that DES was designed to be particularly strong against our attacks. An attack able to exploit such properties was presented at ICISC 2019.
ADDED LATER:
Some versions of DES are substantially wekaer, other are stronger. For example S5DES has a lot more 1-weak normal annihilations. In contrast, in more recent versions of DES, with DESL and in S*DES, there are zero such events whatsoever.
A Serial Scandalist Claims Ownership of the Mythical Bitcoin Paper
A shameful provocation and sad day for scientific research: 11 years after the original publication Craig Wright has managed to re-publish Satoshi’s original paper with his name on it.
A New Attack on Data Encryption Standard (DES)
There is abundant literature on the security of Data Encryption Standard (DES or 3DES). Today we have released a new way to attack this cipher, see Section 11 in here. Anyone who reads this paper should immediately see that the high confidence which have developed over decades in research community about our ability to design secure block ciphers was never justified in any way and an incredibly rich space of attacks with unique powerful features is now available to study.
Added Jun. 2019: here are slides presented at CECC 2019 (invited talk).
Added Oct. 2019: here are slides presented at the 2019 Symposium on Cryptologic History, 17-19 October 2019, Kossiakoff Centre, Laurel, MD, USA. Here is the program.
Added December 2019: Here are the slides presented at ICISC conference in Seoul Korea, “Systematic Construction of Nonlinear Product Attacks on Block Ciphers”, on 4 December 2019.