I was a panellist at 2 Day Event in London, Mon-Tue 15-16 JUNE, Millennium Hotel, Mayfair, London, cf. here.
My favourite talk was a talk by Aral Balkan about the 85, human-enslaving ideology emanating from Silicon Valley, design vs. decoration, the institutional corruption, human rights, democracy, and how can we cope to regain some of our lost freedoms through decentralisation and how we need to reform our past approach to open source projects.
An unprecedented milestone result in cryptography was achieved by researchers at University of Birmingham.
They have build a TIME release encryption system based on the bitcoin network. In their protocol it is possible to release a certain document in the future in such a way that it CANNOT be read earlier.
The new protocol relies on the fact the the bitcoin network has ENORMOUS computing power which no one can match (not even the NSA). The secret simply cannot be released earlier.
The timing of release of the secret can be set quite precisely and the release can be programmed in advance.
The White House has appointed a well known crypto currency expert Ed Felten from Princeton University Computer Science department.
This is a good sign, this means that an informed scientific debate, intellectual honesty and common sense have a chance to survive in the crypto currency world. I have started to doubt about it.
Felten has many times taken positions (in public and in private) against false news, false claims and other straightforward lunacy about bitcoin being circulated, which is quite common in the press, media and even on the margin of some scientific research works. He has politely explained that bitcoin is very far from being broken and exposed many fallacies in work by game theorists about bitcoin. He told people some basic truths about bitcoin governance and has pioneered a more careful approach to reflect about the relative powers of different players in bitcoin ecosystem to change the way in which bitcoin works, see also Sirer vs. Felten debate in Section 13.7 of this paper and on the pages that follow.
On the V-Day and the 70th anniversary of defeating the Nazi Germany, we need to remember how much this victory was owed to code breakers at Bletchley Park and elsewhere.
On this day it is my pleasure to announce the winners of the 2015 UCL Code Breaking competition.
The winners are:
UCL code breaking competition is our code breaking competition.
It is run as a part of Cryptanalysis COMPGA18/COMPM068 module which was in 2015 taught by Nicolas Courtois, Christophe Petit, Jonathan Bootle and Lucky Onwuzurike. There is no written exam in this course, the code breaking competition is really the key component of how the students are evaluated. It is graded formally according to strict rules and UCL practices. This module is part of UCL specialist M.Sc. in Information Security.
UCL has a strong tradition of experimental research and we have been running many student competitions and hacking events in the past. In March 2013 a team directed by Dr. Courtois has won the UK University Cipher Champion 2013 award.
This year the competition has been about finding cryptographically significant events in a real-life financial system. The competition effort has involved the study of random number generators, elliptic curve cryptography, hash functions, exploration of large datasets, programming and experimentation, visualisation and statistics. Main achievements were formulating a general theorem which characterizes in terms of cycles in a certain graph which private keys can be computed and how, and practical operational achievements such as efficient discovery of interesting events in large datasets and recovering endless cryptographic keys of thousands of actual users of this system.
The details cannot be disclosed at this moment, however a research paper which summarized the findings and a database of what we have found will be published soon.
UCL competition is open to participants from other London universities.
For further information contact Dr Nicolas Courtois.
New paper in a series of how to solve Elliptic Curve Discrete Log Problem (ECDLP) in characteristic 2 with sub-exponential complexity. More results on this topic are expected.
Remark: it seems to me that the main assumption about degree falls and solvability which is at the heart of this paper, is simply entirely wrong.
Recent developments:
See this paper (negative result) and this survey paper (a bit more optimistic).
The final report can be found here.
The report identifies 4 major vulnerabilities, 2 of them are judged of high severity and are as follows:
Recent revelations report how NSA and GCHQ have illegally obtained billions of encryption keys for cellular networks. In particular keys have been stolen from Gemalto through implants and by intercepting emails. The market cap of Gemalto have suffered a serious drop.
Gemalto denies that cryptographic keys could have been stolen. If so, this was many years ago and does not compromise the security of today’s smart cards.
In fact Gemalto is a worldwide leader in security, one of the extremely few companies worldwide, in the strict top 1%, who are able to build state of the art secure systems, able defend businesses… even against NSA and GCHQ. This is of course not always easy and not always possible, but if there are companies able to achieve this Gemalto is one of these companies. In contrast most companies do not take security seriously ever and rarely employ proper security specialists.
Another theft in a series: nearly 2 millions of dollars are missing from the BTER exchange. A specific transaction created by the thief can be found here. The theft took place on 14 Feb 2015.
[added later] Another theft of some 250,000 USD has occurred at another Chinese exchange on 27 Jan 2015. Here some Internet posts claim that the thief has transferred money to this address. However questions remain: how is it possible that one given thief has managed to steal exactly 1000 BTC?
Possibly bitcoins could have been stolen using one of advanced private key recovery attacks described in our recent paper. However this is far from being certain. There are many much simpler methods to steal bitcoins. There will be a seminar about this at UCL on 26 February 2015 at 16h-17h, room MPEB1.03, see here and here are some slides about this and about bitcoin wallets and here are a list of known repeated random events.
In the BTER case the victim company has offered a bounty of 720 BTC or some 170000 USD for anyone who would help in the retrieval of stolen bitcoins.
Bruce Schneier has discovered that machines could break the law and this will break our legal system which will be totally unable to stop the crime from happening.
Many years ago when teaching computer security at UCL, I made another prediction: A Turing machine could be made illegal in the future. The modern version of this question is: will Ethereum be made illegal in the future?
More than 100,000 individuals who have dissimulated their money have been reported to the competent authorities. This is responsible, selective disclosure. Not everything is disclosed. A small glimpse can be found here
Can technology help? YES. Potentially blockchain technology and fancy cryptography could propose some solutions. Basically they may render regulation, transparency and accounting rules possible to enforce in practice.