How to Backdoor a Block Cipher

I have written an elementary tutorial and a first proof of concept
about how to backdoor a block cipher in a quite general setting.
Potentially it applies to any block cipher.
Success is not guaranteed though, see the paper.

ADDED 2 JAN 2019:
a new paper shows that invariants of higher degree are substantially more powerful. Instead of a progression, we have a qualitative leap in what can be now achieved: see new paper.

ADDED 4 April 2019: here are slides presented at WCC 2019.

ADDED 18 October 2019. Here are slides presented at NSA Crypto History Conference on 18 Oct 2019.

The Low Cost of 51% Attacks

A web page shows that many crypto currencies lack protection against 51% attacks. For example to double spend in Dash, one needs to pay only 14K$ per hour. To double spend in bitcoin private, 1000$ will suffice. And course benefits of double spending can easily outweigh the costs.

In addition some of the higher numbers are questionable. There is almost certainly an easier way to command 51% of bitcoin hash rate for one hour than paying 650K$. It is sufficient to hack some pool servers, or directly the software run by miners. Luckily for bitcoin, there exist vaste privately-owned mining farms where the software and the hardware are also proprietary.

ADDED: This is how Bitcoin Gold has lost all credibility.

ADDED LATER: And this is how ETC has lost credibility also.

Who Can Stand Up Against Abusive Internet Giants? And the Original Sin of the Internet

These companies (Facebook, Google, etc) known as Internet Giants violate our privacy everyday and they have corrupted our minds and our economy worldwide. They have built a totalitarian dystopian future which is here already, where humans and business alike are enslaved by a digital mafia which aims at controlling and taxing the whole global economy through mass surveillance and stalker economy. Our consent is fake and forced, we actually click on 50 Yes I Agree pop-ups or security alerts daily without ever reading them. We buy a device and instead of owning it, it owns us. We let it do what it likes, like recording our private conversations 24/7, our emails, our clicks, etc, and in order to sell these “data” to other companies, and to use it against our will, against our values and against our laws. In the modern economy, companies spend increasingly large amounts of money in an effort to acquire a customer; and once they have him, captive, they treat him like a piece of shit. When we contribute to the digital economy we contribute for free through open source software and our YouTube videos and tutorials. We are not customers, we are not individuals, we are now rather slaves (or sheep, or pigs maybe).

The Internet Giants has transformed the human race into obedient apathetic animals which are easily manipulated and which work for the benefit of some clever yet abusive corporations (or totalitarian regimes). And there is only one guy worldwide – Max Schrems – who dares to fight Facebook and Google in courts for violating the laws. And another one who is trying to educate us about cybersecurity. And also few more. And that’s it.

An interesting historical insight about WHY we have all this, is the sort of original sin question, also more recently  explained here: “When the internet was built, free and open, it meant that advertising was the only obvious way to make money and that turned into surveillance.”

Another question is, if Google and Facebook do all the mass surveillance at a global scale, what is now the job to do for the GCHQ,NSA etc? Many experts say that police forces are by far more helpful defending us against terrorists than modern cyberspace intelligence capabilities. Max Schrems is also defending us against some ‘particularly large terrorists’ :-). But again, if Google knows everything, now a country in order to get all the intelligence they will ever need, should just blackmail the Internet Giants for access to the data. The answer is probably that these agencies in modern time are NOT that much about intelligence gathering. They are about staying ahead of the game. They are here to develop even more sophisticated technology for, well, what? Either future cyber-crime to be committed. Or to improve defensive security engineering in order to defend us against future crimes. This ambiguity is here to stay.


My Position on UCL Strike

A large number of UCL academics have yesterday started a large scale strike lasting for many weeks. These people are sacrificing their salary [UCL will cut their pay down] and there is a strong support for the strike. The strike is organised on the premises that our employer, UCL, are? cutting down their pension contributions or ending guaranteed income schemes and replacing by those which are more like investments, without guaranteed returns. How interesting.

So why I am not on strike?

I definitely do not support UCL cutting down their contributions, and do I do not think that UCL management are our friends and have good intentions or that they do ever care about people who work here. Or I do not wish to see UCL giving money back to disappointed students.

However I am against this strike in particular, on ideological grounds.

I do NOT support the main idea in this strike. In fact I do not support our pension schemes at all. It is quite naive to believe that generous pensions are our friend. I believe that employers and governments should spend money on creating new positions for senior people (e.g. emeritus professor positions) rather than on pensions. Offering employees generous pension benefits is nice isn’t it? Or is it about trying to get rid of them? I believe that most current pension systems are perverse, stupid and need reform. They are about ejecting people from social and economic niches or positions which they occupy, under the pretext that they are old. We are offered some income or compensation, if we retire. Is it a gift, a bribe or a trap? Retirement is not necessarily a good thing: people who retire early seem to live shorter lives. I am against spending lots of money on pensions which redistribute money between generations. I think that  we need to give older people more than just money: dignity, freedom, power, and ability to remain active contributors to the economy and the society.