Faster Encryption Algorithm Found By 16 Year Old Girl

Jan Stette writes "This story has made the front page of the UK newspapers today. A 16 year old Irish girl has devised an encryption algorithm that is allegedly as secure as RSA but is much faster at performing the encryption. " Update: 01/15 02:24 by S : A picture of her talking to Gordon Moore.

Algorithim

Does anyone have a link to see this algorithim? Or has it not been released yet, since she hasen't patented it? (Or GPL'd it for that matter :-)

Where's the writeup?

If it as secure as the UK paper thinks, I assume she's been published. Is it 2 key or shared secret? You don't need to encrypt an entire message with RSA BTW, just a des key used for encryption/decryption and then send the mail message encrypted with the DES key.

Possibly OS too...

Towards the bottom of the article, however, they mention that she is "considering" making the code available... Let's hold thumbs.

Zak McGregor

techno-babble

Wow, how could she prove that her algorithm is just as secure as RSA? Has anyone looked at it?
"using matrices", wow...

Some Information

The award she won (The Irish Young Scientist Award) is for second level (High skool) students who have to present a project they created themselves on their own time.I suppose she got some help from her father considering he's a Maths Professor but this suggest she did it on her own time.

It will be interesting to see her algorithm and code if/when she releases them. The competition only finished in the recent weeks so it will be a while before we see it :/

wonder what are we doing when we are 16 ?

read the title...

I hope she does.

Why bother to patent it? It hasn't been inspected by cryptologists, nor has is the code available. It very unlikely to be secure or worthwhile.

sounds fishy

i dont know about anyone else, but the entire article seemed fake. if one can imagine a better scenario, i would be impressed: gifted 16 year old girl introduces a hot new algorithm in a field dominated by older males, father is a mathematics professor. and then the bit about her being sick, it just doesn't add up.

I can't believe it

> Or are all the other as great algorithms
> patented and hidden from our mortal eyes?

If it is patented, it is not hidden.

Ken

Caption of the picture

In the UK, "brilliant" means "amazing" or "incredible," not your Americanized "intelligent."

once again the bbc nails us all

There was an article in the bbc last year about a kid with some kind of fantastic encryption protocol as well. This is absolute bullsh*t. Typical, "Oi we got the nerds" kind of British Press attitude. Has to be tabloid crap. They didn't even mention the name of the "Intel Award", I'm sure if someone from Intel the computer company called them on it, they would say they were just using Intel as short for Intelligence, as in spy stuff.

_I_ can encrypt a letter faster...& 100% securely!

Take a letter, say 'Q'. I can encrypt it to 'D'.

This type of encryption is 100% secure and takes
a lot less than 1 minute to do. The problem
starts when I want to encrypt multiple letters,
and then wish to have then decryptable.

p.s.-I can make code based on matrices that would
be impossible for a prize judge to understand. And
I'm not even a programmer!

You figure it out.

Someone will be quite lucky...

To marry this young woman someday. Here in the states it's almost impossible to find a female soulmate who can show interest in anything other than how hot a guy is or the latest episode of Jerry Springer.

hmm?

You again! Once again, not necessarily!

In best Banky Chasing Amy voice:

duh...

Learn something about crypto

Well, if you had a clue you'd know that PGP only uses RSA to encrypt a session key, not the entire plain-text. This is because RSA an order of magnitude slower than block ciphers.

Hope you is was were read reading

Hope you is was were read reading?

You've made a bad batch, Homebrewer, sleep it off.

Excuse me for being skeptical...

> If some BOY can do something this ludicrous,
> certainly some GIRL can as well, you
> chauvanistic asshole. Stupidity
> isn't confined to a particular sex.

Why, you assumed that I was a man! How sexist of
you! :)

As it happens, you are right.

It just so happens that I have a simple test
that nobody has thought of to prove that Pat
Robertson does not really have a direct line to
God.

When can I expect the NY Times Journalist?

_I_ can encrypt a letter faster...& 100% securely!

But how do you know when you've solved it? There's no real information in the plain text that indicates you've solved it.

Not enough info.

You might be able to prove that certian forms of cryptanalysis would be very inefficent.

Learn something about english.

Irrelevent.

Trust? Give me a break.

I'm supposed to trust the analysis of a 16-year old girl and her father on an issue that you can't get 2 of the brightest mathmetecians to agree on? I've watched people rip algorthms apart in a few minutes that other people (who are brilliant) have spent YEARS researching, simply because they missed something.

Let her present it at EUROCRPYT '99 and see how far it flies :-) I'm betting Coppersmith or others will be happy to break it while they're sitting drinking their coffee :-)

Cryptography is nerly a black art, and as I was once told by someone: "Never trust anyone to design algorithms who hasn't spent years breaking them."

HA

"But she has also proven that her code is
as secure as RSA,"

OH PLEASE! To make any kind of proofs about RSA's security would require serious mathmatical breakthroughs. If she really did this, I say we nominate her for a nobel. but... Where is the paper?

It's probably just you

My wife has a PH.D. in math. One girl I went out with before her is now an executive of a well known software company (not Microsoft). Back in university I went out with 2 electrical engineers...

sounds fishy

She might well be sick. I don't know whether it hit
Ireland, too, but large parts of the British Isles are
being very badly affected by influenza at the moment.
Have a look at the rest of the BBC news website for
details on that. It may not be world-shattering news
but I assure you that it's pretty big news over here...

um...no.

No, not impossible. I don't watch JS. My boyfriend is not some body-builder/model, and I wouldn't want him to feel like he had to be. I love him for the foreign-film watchin', Linux-operatin' geek-guy he is. Be a little more optimistic, you'll meet her when you least expect it.

Someone will be quite lucky...

Check out this site. This young woman is a web developer for Playboy Mag, and she just got married!

Goes to show that if you seek, you shall find!

Lay off the conspiracy theoriees already!

God! The girl did some neat mathematical work. She submitted it to a contest. A mathematician thinks that it's interesting. Just because the journalist in question may be a complete numerophobe means that she is a fraud?

I can believe that she could be wrong. But there's a difference between being wrong and being a fraud. Even Einstein didn't believe in quantum theory. Heck, I don't even know enough about encryption to _be_ wrong about a new algorithm. Right or wrong, this is an incredible achievement and I at least salute her.

Daniel

Caption of the picture

Hi
What happened (according to the Irish papers) was that the judges got a maths professor to check it over, as it is a general science competition for schools, an entry like this would require specialist knowledge - which they got - to judge it.

Bill

Heheh, start the flamewar.

The orginial critique of the "oppressed" non-whites and/or non-males was that it wasn't fair for them to be treated differently just because of racial or gender status. Supposedly, equality of everyone was better. Eventually enough white males agreed with this point of view.

NOW, however, many (not all) of those non-whites and non-males aren't satisfied with equality. They want "slight" advantages and "slight" preferences. Look... either you want equality, or you want one group -- however defined -- to have more power/money/status than other groups. If one group is to have more, why shouldn't it be white males?

The attitude of many (not all) white males today is: you want equality, fine we can do equality. You want one group to have more power or whatever, fine -- but that group is going to be us. Decide, and quit lying about equality when you want power.

Excuse me for being skeptical...

> You can do this by proving that the Christian
> god does not exist:

I am not very religious myself,
but these kind of "proofs" does not hold, since they are based on the assumption that God (creator of everything, including logic) are a subject to logic himself.

I have never seen such Pure Jealousy

What a bunch of whiners you all are being....

Just about every post I've read here was filled with jealousy masked in statements like "even REAL geniuses cant agrre" or "how can she say its the same as RSA" or outright accusations that this is a scam, duplicitous at its very nature and only being told cause she's a women or becuase she's 16.

Ya there telling the story not because of her gender ( give your head a shake ) but because of her age.. There is nothing wrong with being skepitcal but the reaction her is how the hell can some 16 freaking IRISH kid develop a cryto alogrithm possible better than RSA and I cant....

Its quite simple really, some people are capable of making logical leaps where others weren't, Einstein never showed any promise along the way then bam presents ideas that fundametally shift everything, an even better example of genius coming from the least likely source....Rajuluman... Indian born man with no formal education reads a simple highschool math book while living in India, from that he develops and extrapolates theories that many of the greatest minds in mathematics have said that his theories will leave mathematicians work to do fo the next 500 years, not dissimilar to Fermat or his little theory.

While it is fine to be skeptical, since none of you have seen the code, the behaviour and comments presented are petty, shameful at best for a community supposed to be based on computing excellence etc...

Oh by the way..just for your info... age has everything to do with it in math and older isn't better its worse....Mathematics ( upon which this algoithm is founded by the sound of it ) has the lowest entry age of any science into the Royal Academy of Sciences.....

Furthermore, if this was your kid and the media ( especially british ) was decending upon your door like vultures...wouldn't you talk to them for her.... hmm I just think I might too....

I for one will be interested to see what comes out of it and while remaining skeptical until it is more thoroughly tested, wish her the best of luck...

Judges are Stupid...

When I was 16 (1992) I entered my local (Hamilton, OH) science fair with a project titled "Pseudo Random Number Genereating Algorithms". I wrote two programs, one in Turbo Pascal and one in Quick Basic, that genereated 10,000,000 random numbers between 1 and 10. I counted how many of each were generated, exported the data to Excel, and made nifty bar graphs. The product that made the most "level" graph won... and anyone can see that this project was a simple product comparison and completely bunk. However, when judges have NO IDEA what you are talking about you can generally do pretty well in the Science Fair... I got first place...

"Fortes are my Forte" - Moe Yerca

Before dismissing, see the "full story" post above

Guys - this girl might just be for real. Try reading the posts before you dismiss the poor girl. If anyone's at fault here, its probably the bbc for not getting more facts.

She won another prize last year for cryptography and presented it to Intel. Last summer she worked for Baltimore, and that's where her initial research came from.

regardless...

i think it is rediculous when, for example, our school is automatically giving out half tuition scholarships to any entering freshman female, but my 3/4 tuition scholarship (now reduced to half) was only one of about thirty for all incoming freshmen (freshpeople?)

drew at illinois institute of technology,
who hasn't logged in in so long i've forgotten my password

The full story...?

Maybe I'm dense, but your explanation doesn't make sense to me.

The core idea in RSA cryptology is that

x == x ^ PHI(n) (modulo n)

where

PHI(n = pq) = (p-1)(q-1)

The RSA encryption keys e and d are chosen such that e * d is an integral multiple of PHI(n).

The strength of RSA encryption is in this identity, not the fact that the modulus is product of two primes. (More precisely, the strength of RSA encryption derives from the difficulty of computing PHI(n) without n's prime factorization.) An RSA modulus can have an arbitrary number of prime factors; two keys are used solely to provide the largest possible smallest prime factor to thward factorization attempts.

I'm sure that there's some equivalent identity with matrix multiplication over a finite field... but if you're eliminating exponentiation then you're not using an RSA-like algorithm and hence can't depend on it for RSA-like strength. The only exception would be if matrix inversion over a finite field is somehow equivalent to the earlier identity, beyond the trivial

inverse(x) = x ^ (PHI(n)-1) (modulo n)

If that's the case, wouldn't you have simply stated so? If that's not the case, then the strength of your algorithm derives from the difficulty of inverting a matrix, not of computing PHI(n), so even if the best known algorithm today has the same big-O running time, there's no reason to believe the same will be true tomorrow. (Or even today, considering the number of spooky mathematicians.)

Or have I totally missed something?

bgiles@coyotesong.com

You call that a proof??

I AM NOT religious. I dislike religion because I see it as a tool for public mass control.

That is the worst ad hoc so called proof I have seen in a long time. You ever see this one?

All cars are orange
An orange fruit is orange
All cars must then be orange fruits.

It doesn't follow! You started with a false premise. That means you can prove anything. Another thing is that you are trying to see through "Gods" eyes. You can't do this. If I am a bird, I think of birdly things, If I am a human, I think of humanly things, and if I am god, I think of godly things.

I am suprised that the church did not attack this "proof" (sacrasm implied, see an earlier post) by attacking the line:
> If he can, but does not want to, he is wicked.
Let's say that he can destroy evil, but that destroying evil means destroying good since they are part of the same whole (i.e. a simplistc attempt to look through gods eyes which is doomed to failure because I am a mortal, but it gets the point across). He loves good, so he *choses* not to destroy evil; hence, not destroying good. Then he provides good with protection from evil, even if we as mear "mortals" can not tell that we recieve protection. Does this make god wicked? To some maybe, To others no.

There is no proof that god exists or does not exist. This is why it is called faith!

Juan
P.S. the false premise was thinking that you can "see through gods eyes".

Heheh, start the flamewar.

This is a childish attitude. Spend the night in the Bronx and try to figure our why you're so hated. It's not just because of pure racism.
Keep in mind that racial equality has only existed for 30 years or so. Get a feel for what racism feels like. Go into an all black town and
just hang out. Try to understand the situation before you comment on it.

So it's "OK" for an all black neighborhood to harass a white man, yet it's "wrong" for an all white neighborhood to harass a black man?

Ok, I can see the logic in that.

If I were as stupid as some.

--Dan

Heheh, start the flamewar.

You won't and cannot understand it like I do and I didn't even have to deal with it directly. Think what you want, but I know you are wrong and I won't hesitate to point it out.
... because I, as an anonymous coward, can make up any example I want to get my point across. Sure, we believe you.

--Dan

Why don't you learn some English?

I wonder how anyone being a non-native speaker
is going to be ripped off...

Greetings from Germany.
Jurij

I have never seen such Pure Jealousy

It has nothing to do with Pure Jealousy(tm). It has everything to do with...

skepticism!!!

Like most of those who read /., or so I imagine, I was trained as a scientist and mathematician (well, not too much of the later... ;P ). And therefore, when someone (the following paraphrases the late, great Carl Sagan) shows me invisible dragons, I am inclined to disbelieve them. In fact, I am happy that a 16 year old can program well enough, and has enough mathematical training, to devise an encryption algorithm based upon rings (or fields) of matricies, according to an earlier post on this subject. But the security of such a process is naturally suspect. As many have pointed out, fast decryption is also not a desirable trait, as it aids brute force attacks on a system! Additionally, if you believe that it is the desire to build such a system that should be encouraged, then what does it matter if the system is "secure"? At the very least, she has learned a good deal from the attempt. It is therefore the desire to attempt these things that would should instill in the young, not so that they may succeed, but so that they can learn from the attempts.
MZ

Huh??

Right. If only the product is known however, it is difficult to find the prime factors.

Humm... /someone's/ got it right, I guess

After seeing how much time my boyfriend spent on linux, I decided to try running it myself to see what the hoop-la was all about. He's probably the best thing that happend to me and my computer. Now when one of us has a problem, we can collaborate. Computers are no longer standing BETWEEN us. We love each other because we're both nerds. (well, at least I'm trying, anyway)

16, eh?

hmm..so a 16 year old girl outdoes a multimillion dollar company...

now...let's get down to the real questions...

WHAT'S HER E-MAIL ADDRESS? *grins*

ttfn,
zardoz

BS.

I say: this is crap and we just loseing time discussing it w/o code/algo.

Open Source Patent?

Patents are by definition Open Source (at least in the US they are). By US law in order to be granted a patent, the patent is supposed to be "enabling". In other words, the patent has to explain enough to enable a person resonably "skilled in the art" to reproduce the patented item. What a patent does is stop anyone else from making money on the patent holders invention.

I think it also keeps it from being distributed (ie for free), but I am not positive on that regard. But either way anyone can read the patent and roll-thier-own, they just can't give it to anyone else without permission.

Hmm... on second thought I guess to that extent something like the GPL could be applied at that point, to give permission for non-commercial use.

Heheh, start the flamewar.

The point is that you are not going to get to a "fair" society by promoting unfairness. Switching which particular group is discriminated against will only continue the hatred.

If you want as equal a society as humans can create, I'll work with you. If you want revenge for past wrongs, I'll fight against you -- and don't waste your time with your rationalizations, because I don't care. I don't mind being "equal", but I sure will protest against being at the bottom. Just like all the "minority" groups protest against being there. You didn't take it, don't expect us to.

Reporters are Idiots!

This is another example of reporters being in completely over their head's when discussing anything more complicated than the drivel written on their Tele-Prompter.

It looks like this girl has come up with a Potential new encryption menthod. This happens all the time, although usually by people alot older than her. The next step in the process in peer review. She needs to write it up and submit it for examination by people like those at Counterpane who know how to tear apart a new algorithm.

Brian
nexus@tatoosh.com

Snake Oil. Be skeptical. Be very skeptical.

It has not been proved that breaking RSA requires factoring or is equivalent to factoring. Factoring provides a way to break RSA, but it is not known if that is the only way.

--Tim Smith

Jealous for what

Remember so called "cold fusion" ?!

I suppose no one disagrees that she probably is
very smart and talented.

But! at this moment we do not have substantial
evidence to back up these serious claims on the
alledged discovery. Let the time tell.

If she was a 50 year old man you wouldn't call us
jealous.

I have never seen such Pure Jealousy

Give me a break. It would be pure idiocy to accept an alogrithm that hasn't been tested or passed around academia as superior or even equivalent to RSA. What you are calling jealousy is really skepticism. Only a fool would accept this new method without inspection.

Wonder if I can patent x=f(y,z)

x=f(y,z) would be considered pre-existing and therefor not patentable.

I work in the defense industry, specifically in radar and infrared imaging, where we register (and have been doing so for years) algorithms, even processes, left and right. In this business, it's very cut-throat and there's no one sure market-holder, and each company needs every little edge they can get. If we spend millions on R&D on a new Scene-Based Non-Uniformity Correction algorithm, I think it's only fair we get exclusive rights to use it.

mkramer@netonecom.net

Proof

You can prove that cracking RSA is as difficult as factoring the product of two large primes.

That's a common misconception. What has been shown is that efficient factoring can crack RSA. It has NOT been shown that this is the only way to crack RSA, nor has it been shown that such a crack would yeild an efficient factoring method.

Thus, all you can actually say is that breaking RSA is no harder than factoring.

The full story...?

I'm pretty sure my supervisor would be interested by this one so :

Would you please advise me once you/she/"someone from your organisation" publishes the formal algorithm. A few grad students (including myself) here would probably like to take a look at it, if only by curiosity.

Mathias Jourdain
jourdain@cs.mcgill.ca
Crypto Quantum Information Lab
McGill University

"Newspaper" Rubish

This came up in a UK Newspaper? That's like seeing it as a headline on the National Enquirer. UK Newpapers are all rubish.

jealous old male programmers

haha this is wonderful! you guys are jealous that a 16 year-old girl can out program YOU.. YOU of all people.. Hahah what a laugh it was reading your posts.

hahah btw: im a guy and i have always believed that women are higher up the evolution ladder than men and this is just more proof.

:)

Reporters are Idiots!

envy! haha

30 minutes for RSA?????

If you're just going to say ``Hi, I just finished eating and thought I'd write to you! Bye'', I'm not entirely sure why you would want to encrypt it anyway, but hey.

AndyBxx

And they say she's not a prodigy

Maybe because a prodigy doesn't get any better. And maybe because she doesn't want to be separated as "special".

Reporters are Idiots!

I disagree. Part of being a reporter is knowing the limitations of your knowledge and working to fill in those gaps before you shoot off your mouth. If a reporter fails to do this then that makes them an idiot in my mind.

Their job is communication and by failing to clearly and fully communicate the issues involved with the subject they are reporting on they have in essence misinformed more people than they have informed. Most of their readers know just as little as they do, and do not have the resources (including time) to research the subject themselves. The reader is relying on the reporter to do this for them, and trusts their article.

Having failed to succeed on this fundamental level makes the reporter an idiot.

Brian
nexus@tatoosh.com

They just KILLED that girl!!!

Or they will real soon. She'll never live long enough to release the source code for that kind of encryption. You better believe she's taken up residence somewhere between the 4th and 5th rows in dodger stadium by now. :)

Easy, I invented a matrix based encryption system

I actually did invent a matrix-based encryption system. (I think I was somewhere around 14-16 at the time) The idea was that the secret key was a (non-singular) matrix, and you multiplied data to be sent modulo 2^k+1.. It was 'unbreakable'.

Ah, the fondness and naivity of youth. Not long later, I realized that it was actually trivialy breakable, you could use standard linear algebra techniques to easily compute the encryption matrix.

Who knows, maybe she had this same idea, or an obsuficated version of this idea.

Scott Crosby crosby@qwes.math.cmu.edu

You call that a proof??

a) Lack of any evidence is not a proof that god does not exist, all it means is that no-one has found the proof yet. In reality a bit like the encryption algorithms. Just because ee haven't found out a way to break it
doesn't mean that one doesn't exist.
b) Good cannot exist without evil. Remove the evil from the world, and leave the good, then the good will subdivide again into good and evil. Like a magnet. A north pole cannot exist wthout a south and if you chop off the south pole, the resultant north will divide again.
If god were to remove all the evil, then mankind would become god.

Good for her!!

I am so glad to see an article that is as positive as this. When I was her age I wanted to be a discoverer myself. Instead of being jealous I am going to support her. THis shows that anyone who wants to can be a genius. Too bad she is so young. She sounds like the perfect ultra inteligent girl I would like to date. I just hope I will be lucky as well. :-)

Wait a bloody second!

What makes RSA secure is the exponentiation! If you remove that, you end up with something that is not-RSA. RSA's usefulness relies on the fact that the exponentiation is 'difficult' to undo without knowing the factors of the modulus.

Correspondingly, it is easy to use linear algebra techniques to compute the matrix if you have known plaintext or known cyphertext.

Sounds very similar to the idea I had (using matrix multiplications) when I was 14, which I later realized was easily crackable.

Scott Crosby crosby@qwes.math.cmu.edu

*SPITS OUT HIS COFFEE*

Oh my god. Can you say "Kiss ass"? This dude's the biggest Uncle Tom since Clarence Thomas! "Women are higher up the evolution ladder than men and this is just more proof." Oh god I thought I'd go all day without a good laugh and what do you know, the best always comes to those who wait. Women ain't lower but they ain't higher than man, either. Ada invented programming but who built the first supercomputer?

lamers trying to get laid

see what i mean.... haha okay guy

The full story...?

Cute.

I assume that the redundant information in the matrix allows you to distinguish roots. For two coprime factors, you should have 4 possible roots and four simultaneous equations.

Very cute.

I can think of a several open questions, but I'll agree that this approach appears to be as strong as RSA.

Correction on earlier post

After I got some caffeine into me I had the horrible realization that I wrote

x == x ^ PHI(n) (modulo n)

instead of

1 == x ^ PHI(n) (modulo n)

and miscellaneous errors in the rest of the equations followed since I always rederive those equations as required. Apologies to anyone confused by that error!

bgiles@coyotesong.com

Heheh, start the bullshit...

Alright, do you want to be judged on your merits as a productive, intelligent human being, or do you want to have a "preference" given to you since you were part of a previously disadvantaged group?

I personally don't feel like I should apologize for years of opression because I WASN'T ALIVE BACK THEN. Simply because I am a white male doesn't mean that I have to apologize.

Giving a preference to someone because of anything else than their merit is immoral.

Note that this post is not a direct attack at any person or comment in this thread, it's just my personal view on equality of opportunity.

---
Yet another Anonymous Cow-ard.

I have never seen such Pure Ignorance

Anyone can design a crypto algorithm, if one shows it to the ignorant masses they will be proclaimed as genius. I know, last year as a research project in high school I worked with someone who wrote a program that implememnted a pseduo one time pad. It worked like this, expand the password (ie 8 char) to the length of the message(ie letter) and then 'pad' it. I on the other hand researched different methods of factoring numbers.

My friends project won an award in the science fair in Baltimore as well as made local papers. But yet his algorithm could be cracked using brute force in less then one minute because lots of text would expand to the same thing.

Moral: The masses can be fooled easily with cryptography (and buzzwords)

jealous old male programmers

dude... that's not the way evolution works.

i can't see how you can measure "how evolved" one sex is to another.

doesn't evolution only really apply to a race or breed? the differences between men and women are just differences between men and women duh

...and if men are less "evolved" than women, being a man you're probably not evolved enough to discover that.

evolution works on the idea that only the strong shall survive i.e. darwinism. We're not chasing antelopes down hills anymore... we're not getting eaten or beaten as much as we were thousands of years ago... so I don't believe evolution really enters into it at all

I'm not saying your "theory" is wrong, I'm just saying that you're stupid.

AndyM

p.s. I'm glad to hear this young lady has done something really cool. I can't comment on the validity, but whatever she _has_ done, she's quite a remarkable person.

Depends what f() is

Plenty of binary (two-argument) functions are patentable; encryption functions that take a key and plaintext as arguments and return ciphertext would be as patentable as any other algorithm.

What bout the ICE encryption algo?

Yeah, the ICE encrpytion algo is quite tight
and fast too and 64bit private key

http://www.darkside.com.au/ice/

ICE stands for Information Concealment Engine. It is a 64-bit private key block cipher, in the tradition of DES. However, unlike DES, it was
designed to be secure against differential and linear cryptanalysis, and has no key complementation weaknesses or weak keys. In addition,
its key size can be any multiple of 64 bits, whereas the DES key is limited to 56 bits.

The ICE algorithm is public domain, and source code can be downloaded from this page. There are no patents or copyrights, so its use is
unrestricted. Naturally, if you do decide to use it, the author would love to hear about it.

wonder what were we doing when we are 16 ?

Throwing rocks at the neighbor's yard.

Heheh, start the flamewar.

... and unless he was a land owner, a white male could not vote either until about 300 years ago.

Anyway, I don't expect payback and I won't tolerate it. No amount of PC bend-over-and-take-it babble you spew can change that. Fuck you.

No Subject Given

"It is a public-key algorithm and is based on matrices...
Her code is called Cayley-Purser after Arthur Cayley, a
19th century Cambridge expert on matrices..." Well. I know
enough math for this to set off my bullshit detector. These
statements are like saying you invented a new algorithm
based on addition, and you named it after Pythagoras because
he was an expert on addition.

teleprompter drivers....

are you saying that reporters actually can explain the drivers written for their teleprompters?

You call that a proof??

And incidentally:

How the @#$ is this a counterexample?

Here is a simple counterexample (somewhat hypothetical). I don't like people who yell really loud in Sproul plaza. I can kill people who yell really loud in Sproul plaza (in principle). And yet there are people who yell really loud in Sproul plaza. Those three facts are completely compatible.

You are not omnipotent. The reason you don't kill people is that you would end up in the gas chamber. You only think there might be a possible reason maybe why god might not get rid of evil. Your faith that there is a reason isn't a reason.

Would you say this is a proof?

Christian Premise 1: god hates evil
Christian Premise 2: god is omnipotent
Christian Premise 3: god is good

* If god cannot abolish evil he's not omnipotent
* There is some reason god doesn't do away with evil but the margin didn't have enough room for the full explanation.
* There is some good in allowing evil to exist, because otherwise the bible is a poorly written mythology.

Therefore, God is good, hates evil, and is good.

not in CANADA -- get serious

Ever heard of the federal Patent Act (http://canada.justice.gc.ca/cgi-bin/folioisa.dll/ estats.nfo/query=*/doc/{t68470}? ). Canada has copyright, trade-marks (yes, that's how they are spelled here) and patent protection. Go swill some more High Test!

Wait a bloody second!

Yeah, I am as guilty of saying things on insufficient information as everyone else, but without good information, I can't do anything else, and seem to be making a fool of myself.

It is true that a lot of problems do not have a known effecient solution, or didn't at one time. (Remember the knapsack encryption algorithm? It was the first assymetric algorithm, but shown to be highly weak.)

Anyways, these things should never be announced in the popular press first. They should be released in full in a scientific (and verifiable) format initially. Otherwise they get prejudiced and treated abnormally.

Scott Crosby crosby@qwes.math.cmu.edu

Heheh, start the flamewar.

Have I lost a scholarship... how the hell do I know? I do know that the college I went to gave a full scholarship to a female from my high school graduating class, while it only gave me a one-half year scholarship that didn't even cover the cost of books. She was way behind me in the class standings, and even did less than my slacker ass as far as extracurricular activities went. But did she get that scholarship because she was female, or was it because her family's finacial situation was far worse... I honestly do not know.

I do know, though, that I worked under a female supervisor for 3 years who was so anti-men that even the women who worked under her were aghast at her. The women under her got more money and promotions; the men got poor reviews and no promotions. She never came right out and said that she had it out for the men, but she said quite often that she felt SHE had been discriminated against by men in her career. She was so obviously out for revenge that it got to be funny.

So, have I lost a scholarship? I don't know -- maybe she deserved it. Have I lost a job -- how do I know why I wasn't hired? Have I lost promotions -- yes, I have. I can't say I've specifically lost opportunities except for that single case, because it's difficult to say why you DON'T get something. I HAVE been affected by it.

(Oh, about my crazy boss... she was finally let go by the company because all the people under her kept quitting the company.)

Snake Oil. Be skeptical. Be very skeptical.

Quote:
News reporters are famous for getting the facts
wrong, misquoting, and bullshitting. Remember
"Never attribute to malice that which can adequetly be explained by stupidity"

News reporters are also famous for having to gear our articles to an audience majority that has, if we are lucky, the vocabulary and grammer knowledge of the average 8th grader. Not saying that many of us don't get facts wrong or misquote, but in my experience those situaitons arise from trying to spit out text that is understandable to most readers.

Have you ever tried to clearly relate the results of an interview with a distracted subject talking about things you never heard of until you were assigned the story that morning so that people with the vocab of 12 year olds can understand it? Under deadline? Didn't think so.

I'm not trying to make reporters into saints -- there are bad apples in any bunch. I'm just asking that you not be so quick to judge my trade. Thanks.

KimBoolina, at home, without her password

"Cold"?

Would anybody be surprised if the "cold" that's keeping her from deciding the disposition of the algorithm turns out to be fatal?

Not that the NSA/CIA/MI5/KGB/Mossad/MJ-12 would do such a thing, of course...

Sarah's photos @ Intel

http://www.intel.com/pressroom/archive/BACKGRND/CO 51198A.HTM

You call that a proof??

Oh geesh. Pick up a book on logic. I'm not going to argue about the validity of a 2000 year old logic riddle that's never been solved anymore with somebody that doesn't understand basic rules.

Since you are obviously correct (or at least convinced of this): I suggest that you run, not walk, to the nearest university and get published right away, oh hoary genius makes Nietzsche look like a numbskull! Run! HURRY! GO GO GO! :P

Think before you speak out of your ass

This method is amazingly vulnerable to frequency analysis (assume the most often occuring letter is 'e', move on from there, if it doesn't work use other educated guesses) for anthing but the shortest of messages.

Sarah... will you marry me?

I'd like to be the first to offer a proposition of marriage to Sarah.

yeah, college doesn't help

That's what I used to think to... the operative word being USED to. Three semesters of college as a CS major have just made me more confident that i'll never find a girl that's as pretty and intelligent as that.

I guess she won't need to go to college

And go directly to the grad school!

Snake Oil. Be skeptical. Be very skeptical.

From what I could understand of the article, she
basically invented a new way to do the RSA
calculations that are much faster than the
exponentiation mechanisms. This new way is to
use matrix math. I've seen similar done for
convolving polynomials or some such, which cuts
down many redundant operations. Hence, it makes
sense to say it cuts down 97% of the math and is
exactly as secure as RSA, since it *is* RSA with
a different calculation to arrive at the same answer.

/The Bell Curve/

Ever read The Bell Curve?

In general, the opressed (optimistically, the formerly opressed) minorities have many problems, from lower incomes to lower levels of education.

All of which result from their generations of opression.

The right way to deal with this problem is to give the formerly-opressed an advantage for a couple (or couple dozen) generations, so that they can return to a balanced state.

Say you need to make sure two plants get watered, and one's inside and one's outside, and it's raining. You give water to the one inside, you ignore the one outside; it's preferential treatment in the name of equality. And it's not a bad thing.

I am, btw, a white male. But I'm not an angry white male. So there

--
An ye harm none, do as ye will.

Wrong wrong wrong!

It's supposedly the "word of god" so it cannot be inspected and it is heresy to do so, the real reason it's heresy to do so is than anybody with a 6th grade reading level can pick the damn thing apart page by page and that would kill this lucrative money maker called religion

Not so. It would kill only the religion founded on said Bible, that being Christianity. Islam, Wicca and the Church of Bob would all live on in a gloriously Christ-free world.

If good and evil start to attract iron, then I'll accept it as a resonable analogy - but just drop the stupid analogies please?

As you pointed out in your post, they do a damn fine job of attracting coin.

I do understand these terms -- every human being does.

I would beg to differ with this statement as well; good and evil are just societal constructs which make it more convenient to threaten people. When your cat pees on your couch, you punish it; eventually it learns that it will be punished for peeing in the wrong spot and stops doing so. Unfortunately, there's no way to tell your cat that, say, scratching your upholstered chair is in the same category as peeing on your couch -- you have to re-instruct it for each behaviour it needs to avoid. By telling a human something is evil, you're just lumping it into the bigger 'I'll be punished if I do this' category, saving you and the one you threaten from redundancy.

--
An ye harm none, do as ye will.

Excuse me for being skeptical...

"Either God wants to abolish evil, and cannot;
Or he can, but does not want to;
Or he cannot and does not want to.
If he wants to, but cannot, he is impotent.
If he can, but does not want to, he is wicked.
But, if God both can and wants to abolish evil,
Then how come evil in the world?"

What if god can abolish and wants to abolish evil, but the timing is not quite right yet?

A short example:
I want to buy a TV. I find one that I like and can afford. So, I both can and want to buy a TV. According to your logic (or should I say Epicurus' logic) I should run right out and buy that TV (or, in the case of God, run right out and abolish evil).

But, if I look in the papers and I see there is going to be a sale on TV sets next week, guess what I am going to do? I am going to wait a week and get a better TV with the same money.

Maybe this is what God has in mind, maybe he is going to wait a week and get a bigger and better TV :).

I don't pretend to know God's Divine Will, have a direct line (or even an indirect line :) to God or anything like that. (Although if anyone happens to have God's email handy I sure would like to ask him a few questions...). This is just what I think the answer to your question might be, there is evil in the world because the time is not yet right for God to abolish it, and we wouldn't want to rush the creator of the universe, now would we?

You call that a proof??

> BS. Explain why. The good will "subdivide"?

Take away the evil that there is. Then there'll just be good, but then there'll be varying amounts of good. That "lesser" good will then get classified as evil.

So called proof of no Christian GOD

>But, if God both can and wants to abolish evil,
>Then how come evil is in the world?"

Assuming I had a wife of course, and assuming I could truthfully say the next statements,I could say:

I want to have sex with my wife, and can have sex with my wife.

But why am I not having sex with my wife?

1.I do not want to RIGHT NOW, but I want to do it later.
2.I cannot do it RIGHT NOW, but of course I can later.
3.I do not want to Right now and I cannot do it right now, but a do want to and can do it later.

All statements are perfectly valid assuming I told you the truth about having sex with my hypothetical wife.

Also, I don't think the argument that:

>If he can, but does not want to, he is wicked.

Is of any importance. Because, frankly, the god of the bible IS wicked. He does cause harm, and wars and murder and all that. He also does good things (for a certain people anyway).

So therefore, If you take that stance, you do believe in a god, but a god that lets wicked things occur. Just because you don't want to believe god is wicked doesn't mean he does not exist!

However, you can use evidence like the fact that "God Hates Evil" and that "God is perfect?" (God hates evil, but hate is in many people's mind a kind of evil, so how can he be perfect?) to lead you to believe that the religion is flawed, and that you probably don't want any part of it, never mind proving whether or not their god exists.

There is to be no patent

According to a report on BBC World this morning, she has decided not to patent it so that it is available to everyone. I haven't found a mention of this online anywhere though.

magnificent achievement deserves to be recognised

The facts are:
- the young scientist's competition is for secondary school (highschool) students
- it is intended to foster interest in science
- it is not intended to be "real" science (but if it is, then so much the better)
- this was a magnificent achievement by a 16 year girl

I'll admit to a certain amount of cynicism about the standard of reporting etc
But what I'm really amazed by is the number of idiotic, childish comments
on this forum by people who really should know better.

The real story is that Sarah is a very bright young woman,
obviously with great initiative, who will hopefully have an excellent future.
We could do with a lot more like her.

Hands up who thinks the technological landscape
will look the same in 5 years as it does now?
What counts is the ability to change it.

You'll find information about the young scientist's competition,
and about Sarah's project, by searching for
"young scientist" in the Irish Times archive:

http://www.irish-times.com/cgi-bin/search/search .html

RSA slow - beware of snakeoil !

It is claimed in the article that this algorith is much faster than RSA, wich would use half an hour to encrypt a long email in a secure way (i.e. large key)

This is probably true, RSA _is_ very slow, as are most public key algorithms. Yet, the point is completely moot for you do not use a public key algorithm to encrypt a large message. What you do is using the pk algorithm to encrypt a random "session-key" and then you encrypt the message using symmetric cryptography with this key.

This is what PGP and all other serious public-key cryptosystems do, and if you read Schneiers Applied Cryptography you'll see there's other good reasons for doing it this way _beside_ the speed issue.

The author of the article doesn't know this. if the girl doesn't know it, then it speaks volumes about her understanding of cryptography.

It's still possible to design a secure algorithm without knowledge of cryptography, by pure luck, but I'd say the chanses are _very_ slim

She will not patent it!

According to todays Irish independant (14 Jan) She will not patent it. The article on the front page says that she will put it on "the internet" - whatever that means (I assume it means publish it on the web).

The Article is full of how she could be a millionare , ie. it is a sensationalist article.

Bill

Heheh, start the flamewar.

...imagine it institutionalized across all of America and it being completely accepted as well as legal.

That's precisely what affirmitive action IS. When instituationalized discrimination affected you, you didn't like it and complained. Now it's affecting us -- well, we don't like it and we're complaining. If you have the right to complain, surely we do too.

And save the "it's not fair, but too bad" argument, because the same thing could be said for the situation in the 50s. Instead of deciding that things aren't going to be fair, and switching which group is on top every couple of decades, let try to MAKE IT FAIR and judge people as individuals instead of which group they happen to belong to. No, that won't happen overnight -- but it will NEVER happen using the affirmitive action approach, which just spreads the hate and misery around.

Non-native speakers and English

Right, but I am not the Anonymous Coward two
postings ago.

And I am not hiding my name: Jurij :-)

Algorithim

From what I can tell from the news snippets, this is NOT a new algorithm, but is simply an alternative way of encoding the key and data, in order to speed up encryption/decryption at the expense of space and the time taken to pre-compute some values. This sort of thing is not new, and is covered by terms such as "exponent recoding" and suchlike.

However, Sarah's pre-compouted values may well be new and may have something to offer in certain scenarios, especially when performance is critical (e.g. smart card applications).

(I can be contacted on gary@cucumber.com if journos need any more info)

More mangling by the press

Read the following link:
http://www.usatoday.com/life/cyber/tech/cte151.h tm

So called proof of no Christian GOD

But god WANTS to abolish evil. It is the PRIMARY PREMISE of Christianity. But YOU don't want to have SEX. Is there a connection between your stupid analogy and a 2000 year old logic proof? No! Case solved, you twit.

The Bible says that God will abolish evil later. If you want to try to disprove the Bible then at least know what you are talking about. You obviously haven't read the parable of the "Wheat and the Tares." It basically says if God removes evil now he would end up removing good also so he will wait until some later date to remove evil.

More mangling by the press

Sends e-mails faster? (Okay, maybe by implication) RSA written by students at MIT in 1977? (Okay, may be Ron Rivest et al were there at that time).

That story seriously didn't want to introduce anything (gasp) new to its target audience - I felt insulted simply by reading it. ;-)

Excuse me for being skeptical...

OK, so if there is no god, how do you explain your own consciousness? If it "comes from the brain", and there are x atoms in the brain, and each one has 0 consciousness, then x * 0 = 0. I know this is kind of unrelated, but since the only thing that can be directly experienced is your own consciousness, and it is a complete mystery to "logic", then it makes beliefs not completely "logical" more sound to me. If I was not aware of myself typing this, I would be much more prone to agree with you.

And she says she's not a prodigy

She's the one who says she isn't a genius.

You know, there's a social stain put upon girls who are genii. I've met an awful lot who were very definitely eligeable for Mensa membership, but didn't want that reputation, because then no boys would want to date them.

And they say she's not a prodigy

Some people, like myself, don't want the label of 'genius' or 'special' simply because it sets them apart. People put you on a pedestal. Although the status is gratifying at first, soon you realize that people think of you as different. Whether for fame or infamy, it can be very disconcerting to lose your place as a member of the group. Humans tend to want to conform, even though we applaud individualism.

How come I never meet girls like this?

Yeah, well, I've met a few. They like the same dumb jocks that the other women do.

Face it: Women complain about guys only being interested in their bodies, but most of them turn around and do the same thing in return. I've met a few who didn't, but they'd all already found someone... (I guess the fact that 98% of the women aren't looking in the market they looked in meant that they could find a good specimen without the long search...)

Caption of the picture

The prize judges could not completely understand the "brilliant" code

Did anybody else notice that caption under the article? The algorithm might be completely unsecure, and it probably is. How can anybody say it is secure if the code isn't understood, much less the algorithm?

Also, the word brilliant shouldn't be in quotes, unless they actually meant to imply sarcasm. This smells of the infamous 'UBE98' code.

Excuse me for being skeptical...

If this is indeed true and the hype is actually
representative of reality, my hat is off to her.

But I cannot help being skeptical, given the current penchant of the media to do whatever it
takes to "improve girls' self esteem".

A few months back, there was an article in the cover page of the NY Times, complete with picture, about a `brilliant' 12 year old girl who had done `something wonderful'.
On reading the article, however, it turned out that her contribution to the sum total of human
knowledge was exposing a few psychics as frauds using some simple tricks.

Duhhh.... great. Now we know that psychics cannot really foresee things to come. I would never have guessed.

If it had been a 12-year old boy instead, he would not even have been mentioned.
For a man to get on the cover of the NY times, he would have to win the Nobel prize, run riot and slay six or something like that.

Don't get me wrong, I am all for attracting women to computing and all that, but playing up insignificant contributions just because they were made by women is not the way to do it.

Anyway... my two cents.

Salute brillance, encourage curiosity, defy...

[Ludvig+A.+Norin]

...ignorance, cynism and general bull.

This girl is worthy of all encourage she can get, just for being curious; not only learing but also giving ideas to others. And, she's young - a long life is ahead. Regardless of the potential use of her work today, such a person (male or female) is a gift to humanity. Not that she's the only one; but the fact that she got some attention (or, rather, plenty) is still very positive. It tells us that creativity is a good thing. Remember the Apple campaign "Think different"?

It bothers me reading so many comments here about the potential un-usefulness of the actual algorithm that she allegedly developed; and not a single word about the exciting fact that she actually tried to develop one in the first place. I'm not saying a bit of skepticism and cynism isn't healthy, it's just that the algorithm itself is not as important as the potential of her future works, whatever that may be; not to mention the other kids that she'll inspire to try something of the like!


My sincere salutations, Ludvig A. Norin

RSA proofs

[Gleef]

Zachary Kessin wrote:

No one has ever proved that RSA is secure.

Depends on how you define "secure". I define secure encryption as being more costly for an unauthorized person to decrypt the information than:
A) the information is worth; and
B) gathering the information through other means

RSA can be applied in such a way that it meets both of these requirements. Most, although not all, of this is mathematically provable.


It has not been proven (as of last I looked) that you need to factor the number to break RSA.

Of course it hasn't been proven that you need to factor the number to break RSA. It's been proven that you need to either factor n or compute the eth roots mod m. For more details, you can go here. I understand the formal proof is given in Applied Cryptography, by Bruce Schneier, but I have not personally examined this.


nor that there is not a fast way to factor a large number. Its just that no one has found a good method for doing it.

There is, of course, no proof that we have the fastest method possible to factor a large number. To quote RSA, "Factoring is widely believed to be a hard problem, but this has not yet been proven." We do have some pretty good factoring methods (see What are the best factoring methods in use today?, from RSA's FAQ), but who knows if someone will come up with a better way next year or even next week. In fact it has been proven that a hypothetical quantum computer could be able to do the factoring problem in polynomial time, one just hasn't been built yet.

okay..

[drwiii]

Is this like the Aussie guy who was going to re-invent the internet with his compression algorithm or is this really something useful?

P.S. - Slashdot was in PC Magazine

NEW!

[drwiii]

I have a great new encryption algorithm too! I call it, "ROT26"! I better hurry and get a patent...

encryption=email :)

[irishmex]

I like USA Today's take on the subject.

"A 16-year-old Irish schoolgirl may have made e-mail even faster."

Speed

[voidptr]

How much faster/slower is the decryption though? If it takes 1/2 the time to decrypt the same key length than with another algorithm, you could brute-force decrypt it FASTER than the algorithm and would need as longer key length to be as secure. (Though only one bit for each twofold increase in speed.)

HA

[gavinhall]

Posted by Ed Carter:

It's the other way around. If I can break RSA, I certainly can break a simple xor scheme. Does that mean the xor scheme is as secure as RSA? Of course not. What she needed to do to back up that claim is prove that any algorithm that can break her encryption scheme can also be used to break RSA in a polynomially related amount of time.

More like

[shaldannon]

you'd send a message that says "I got the goods. Meet me at 34th and Green."


# find /dev/brain
find: cannot open /dev/brain: No such file or directory

Mormons

[shaldannon]

Of course, if you want to argue logically against Mormons (or any other particular religion), you might make sure you have all your facts in hand before you start hurling accusations and diatribes. Any "Mormon" can tell you that there is no such thing as a "seerer stone". A "seer stone" yes, a "seerer stone" never. And that's just one of your "arguements". I have a feeling that you're disillusioned with religion and so have decided to knock all religions. More to the point, such ferocity usually results from a 180 degree reverse in belief.

That said, if you wish to believe that all religious people are nuts, or fanatics, or whatever, you are certainly welcome to that (erroneous) belief. I might point out that your reasoning and beliefs in this regard are about as well founded as those of Microserfs regarding linux in particular and alternative OSes in general.

As for the God vs. evil issue, consider the following train of thought. It may not appeal to you, but it does have some merit, and explains things a little better than the previously quoted Greek philosopher:

1. God is good.
2. God cannot tolerate evil.
3. God creates people.

Now comes the jump. We all know that struggle makes us stronger (ask any athlete).

4. We are God's children (however you want to interpret that statement).
5. God wants us to become strong.
6. God allows us to confront evil, thereby making those of us who resist stronger (much the way you can be stronger if you exercise hard or become weaker if you don't).
7. Those of us who resist evil (and are thereby made stronger) are worthy to enter God's presence. Those who don't are out of luck because they didn't make the most of their opportunities.

Now, one other comment. Why would God let us go through all this? God is omnipotent and omniscient. We are not. Assume that shortly after forming us, God went ahead and appointed us to heaven or hell by saying "I know you're going to be good" or "I know you're going to be evil." Human nature being what it is, we would complain long and loudly that we hadn't been given the opportunity to prove this for ourselves. So, God, in his infinite wisdom, allowed us just enough rope to either roam freely or to hang ourselves, at our inclination.

Slashdot isn't really a place for religious discussions, anyhow. If you really feel the urge to spread your beliefs, quit school, or work, or whatever, and go proselyte for a couple years. It might instill in you a new respect for what people like the "Mormons" do. In fact, you might even discover that it takes a good deal more conviction to do that than it does for you to log into Slashdot and post a flame.

Oh, and given your reference to Neitzsche, consider the following quotes seen on a wall in Germany during and after his lifetime (respectively):

• "God is Dead"
  --Neitzsche
  
  "Neitzsche is Dead"
  --God

shaldannon


# find /dev/brain
find: cannot open /dev/brain: No such file or directory

Not enough info.

[joss]

Is it a public key algorithm ? if not then comparing the speed to RSA is ridiculous.
I've got some code that can add two large matrices
faster than the best commerical implementations can invert one....

"She's proved..." wow, I'm impressed. I thought proof of encryption security was impossible except for one-time keypad, the best you can do is expose it to the experts, and if after several years nobody has broken it then its pretty secure.

Anyway, good luck to her. Especially if she goes public with it.

Excuse me for being skeptical...

[ptomblin]

The case you're thinking of, the girl in question actually reproduced one of James Randi's experiements, and somehow got the write-up in a pretigous medical journal (Lancet?). God knows why a repeat of a previous experiment gets into a medical journal, even if it was done by a 12 year old girl.

um...no.

[jnik]

Right on. My gf basically did the "sneak up behind him and whop him over the head--I WANT THIS ONE!" thing. She's intelligent and although she doesn't want to hack kernels with me, she understands that I do it and enjoy it.

They're out there, I swear!

Get a life...

[krady]

You surely aren't going to get laid thinking like that. It can't be the case that all the cute, smart, American women are here in Europe.

Asymmetric NOT symmetric

[krady]

This is not twofish or loki or any of the other AES candidates because it isn't a symmetric block cipher. It's asymmetric. Incidentally, Sarah is well aware of the issues in the general area. Everyone knows that an algorithm needs peer review etc, even if it doesn't have any other disadvantages etc.

I refer everyone (as usual) to Bruce Schneier's excellent Crypto-gram in October edition/episode of which he talks about the number of new algorithms proposed each day (this generations Fermat's Last Theorem?)

Enjoy,

Keith
--
Keith Brady,
Baltimore Technologies,
IFSC House, Custom House Quay,
Dublin 1, Ireland

same story again on i-times

[caolan]

This stories also on the last sats irish times. I wouldnt get too carried away with it all just yet :-), im probably doing her wrong, but i never heard anything that won the young scientist of the year thingy actually being of any worth

C.

Correction: Point about PGP and RSA

[David+Jao]

Sigh. I made a mistake. What I meant to say above was: "[the article] implied very strongly that popular e-mail encryption programs use RSA to encrypt the whole e-mail."

The article didn't actually name PGP. Instead, it claimed RSA was widely used to encrypt letters. It's not such a stretch to extend that to e-mails.

Snake Oil. Be skeptical. Be very skeptical.

[David+Jao]

This article just screams "snake oil" all over. The claims made in the article are completely unjustified. In the field of cryptography, no algorithm or idea is considered worthy unless it has been publicly scrutinized and tested with time.

Consider the following points:

• "her code can encrypt a letter in just one minute - a widely used encryption standard called RSA would take 30 minutes." No justification is given, and indeed we all know that PGP does not take 30 minutes to encrypt e-mail.
• "She has also proven that her code is as secure as RSA." Again, no justification is given. Proofs of correctness are rare in computer science. Moreover, there are many different levels and definitions of security in the field (known plaintext, chosen ciphertext, complete break, etc.) and this quote does not cite any of them.
• Consider the source: Most of the material is quoted from her father.

I urge everyone to first read the Snake Oil FAQ before taking this and other similar articles at face value.

Hope you is was were read reading

[homebrewer]

This was a joke!

...making fun on the guy who uses his complier as a grammar checker....

Incidentally, I have a 20 gal batch of Mild Ale that turned out really well.

Part of a 20 Gal batch is still leftover from a great batch of Pale Ale.

I eagerly anticipate February when I can tap into a 20 gal batch of Pils.

I'm glad malt is cheaper than silicon :)

Caption of the picture

[homebrewer]

So what does "bright" mean in the UK?

I know "fag" has a significantly different meaning depending on which side of the pond you are on.


BTW.... I remember a UK journalist covering the Kobe earthquake. He kept calling the town "ko bee" which in Japanese is the verb for animals in the act of conceiving young. My Japanese friend almost wet his pants laughing so hard.

Snake Oil. Be skeptical. Be very skeptical.

[Troy]

Keep an open mind......as long as the source is released, time will tell whether or not the code is secure. Whether it is or not though, this is a large accomplishment, and she should be allowed that accomplishment. Loosen up a little bit...it's almost like some people don't want her (and people like her) to succeed. If she tries selling anything, then it's time to pull out the criticism, esp. if the algorithm hasn't been published. But right now, she just wrote it an entered it into the contest. Go easy on her for a little while.

To address your points:

1. RSA is a very slow cipher. It would probably take 30 minutes to encrypt an e-mail with RSA. Most encryption packages that use RSA end up encrypting the actual message data with a conventional cipher and a randomly generated key, and then use RSA to encrypt just the key. So, the statement in the news article is accurate, though the reporter probably didn't have the background to put that statement in its proper context.

2. Don't forget the math underpinnings of cryptography. It is very posssible to make proofs about the mathematics of an encryption algorithm... especially proofs about how secure an algorithm is IN COMPARISON to other algorithms. Chances are, she proved that a mathematical attack on her algorithm is as difficult as a mathematical attack on RSA (which is factoring the modulus). Of course, the question remains (as with every algorithm including RSA) as to whether or not there is an easier mathematical attack that the author has not yet considered...and only time will tell that for this (and all other) algorithms

3. The article mentioned her as being ill. Maybe she couldn't interview.

While this isn't love line

[Troy]

Never forget that, in the end, a computer is just a dumb piece of plastic, and while snuggling with it may keep you warm at night, somehow, it's just not the same :-)

No one will probably ever read this

[Troy]

But do not forget that logic is a human creation, designed by people trying to understand the world around us. Appropriately, it is subject to all appropriate pitfalls (problems with infinity, timelessness, etc).

Looks like I'm first

[jacoby]

Anyway, since (in Merka, anyway) you can now patent algos, my concern for my fellow hacker tells me that she should patent this, but I do think that it'd be way cool if she opened the
idea.

I hope she does.

[Prothonotar]

Actually, if she didn't patent it, it work would be pre-existing technology and no one else could patent it.

The primary danger in patents is in those patents which are made intentionally broad in order to gain control of other future technologies which the original inventor did not in fact invent (or discover, whatever). Other than that, patents can be a nuisance (such as MP3-encoding), but little more.
--
Aaron Gaudio
"The fool finds ignorance all around him.

Well, not exactly...

[Little+Italy]

No, sorry. Just an older brother, but that doesn't help much. If you wanna meet a geek-girl, try Borders, and computer science courses offered at any local universities. There's one that I just saw the other day--Beginning/Advanced Red Hat--I was impressed that the school was even offering it. But hey--it just goes to show what a bunch of nerds can do! woo-hoo! In the mean time, I'll try and convert as many women as I can. okay?

30 minutes for RSA?????

[GrimJack]

Is it just me, or do the father's comments
seem a little wacked?

1 minute to encrypt an email? That's got to be
one of the slowest email encryption systems I've
every heard of.

And 30 minutes for RSA??? Common.

Heheh, start the flamewar.

[Dr.+Evil]

I wonder if men qualify for all the scholarships which she is being offered?

Heheh, start the flamewar.

[Dr.+Evil]

In my humble opinion, while sexist grants and benefits may go a long way to help top performers, they also go a long way to promote sexism.

If you're so unaffected by all this, why did such a simple, albeit speculative question receive such a vicious response?

Heheh, start the flamewar.

[Dr.+Evil]

Beacause my sister is an engineer and my brother is a nurse. You do noy have any compehension of the scope that sexism is destructive. It is worthwhile to do away with it, permanently, even if I have to give up some piddling amount to do it, even if you do as well.

If I interpret you correctly, we are in agreement. Sexist grants should not exist. Even if one should "Give up some piddling amount to do it (eliminate sexism)."

In institutes of higher learning, financial grants based on academic success should be awarded based on academic success. No consideration should be given for minority representation.

The same applies for the workplace. Equal pay for equal work. Equal grants for equal achievement.

Unless you mean that people should take paycuts or loose grants -- whether or not they personally recognise sex or race as a factor in their workplace or institution. This, in my opinion is the worst and most sickening kind of discrimination.

Are you actually suggesting cutting up the population and dolling out benefits or penalties in order to 'justifiably' adjust the workforce or institution so that it perfectly reflects the demographics of the local population?

It's been done and I know people who have been laid off because of it. If this is what you are saying, and I find it hard to believe that it is, explain to me how firing people and cutting their pay does not create sexism and resentment in the workforce.

Now I think I understand what you are saying.

[Dr.+Evil]

I don't exactly live in a upper-middle-class white suburb either. Certianly not so extreme as the descriptions of the Bronx. But people have been knifed to death in my neighbourhood, gangs of crack dealers hang out every night unharassed on my street corner, and prostitutes walk up and down my street. And I ignore the ones who sneak into our lobby to warm up from the cold... I know they have little choice.

I've lost more than a few dollars to people who have held a knife to me.

It's not a very racist area, but it sits adjacent to a poor area, and I will say that the poorest of the poor are all visible minorities, and I accept that they are doing what they have to do to get by. Or doing what they can to earn some power or freedom.

But it certainly does not mean that lowering entry requirements for them at the expense of their peers will earn them any respect. It will only make things look good "on paper."

Besides, that's using discrimination as a justification to discriminate. Which if you believe in that... ok, I won't be voting for you if you run for mayor.

It might still be "as secure as RSA"

[pirkka]

Even though we do not know how secure RSA is we might be able to prove something else to be as secure.

Not that I know anything of this particular subject but in general it's possible.

--
Pirkka

Excuse me for being skeptical...

[morbid]

As a humble British person (where we don't have TV Bible-bashers), who doesn't even own a TV set (becasue they're obsolete and one must pay a license fee to fund public TV+radio if you own a TV, but not a radio (-go figure, I can't))

can someone point me to a website where I can experience this "Pat Robertson" I keep hearing about at first hand?

I enjoy a good bit of comedy.

Thanks.

Hope you is was were read reading

[madprof]

'Algorhythms', huh?
Looks like someone else needs to use 'Preview' ;-)

okay.. AND We'll see what math thinks of this.

[Uruk]

There are some DAMN good cryptanalysts out there. Coming up with a code that looks like total gibberish to everyone, and coming up with a code that withstands the most complex cryptanalytic attacks is something different altogether. It reminds me of Dr. Weil's proof of Fermat's last theorem: We'll see if the math crunching that inevitably follows such a "discovery" holds it up to be what she says it is.

Proof

[drig]

You can prove that cracking RSA is as difficult as factoring the product of two large primes. It is entirely possible that this algorithm is also based on that problem. Thus, you could prove this is as tough as RSA.

Has she patented it yet? :-)

[edgy]

I hope she doesn't patent it. Really.

Ask her to opensource it

[Julian+Morrison]

I wonder if there's any way to contact her and persuade her to opensource it, before the corporate vultures snap this algorithm up and make it proprietary?

warning: dangerous pun content

[hobbit]

You mean a one-time Paddy?

Snake Oil. Be skeptical. Be very skeptical.

[MikeCamel]

30 minutes - she's using NT, right?

It won the Irish Young Scientist's Compo

[Quark]

The algorithm in question won first prize at the Irish Young Scientist's Exhibition, which is an annual contest in which secondary school students (12-18 years old) exhibit science projects. Last year, the same student came second with another crypto project, and represented Ireland at the Intel Science Competition in the US. The part about the judges not being able to understand the project is true. The judges had to get in a crypto expert to validate the project.

I don't know any details about the algorithm itself, cos I never got a chance to attend. Bugger....

Quark
--

_I_ can encrypt a letter faster...& 100% securely!

[Andreas+Bombe]

It's not when he meant one time pads. And OTPs are secure.

Excuse me for being skeptical...

[Sariel]

Well, there are many ways at looking at this. Here are a few.

Perhaps it is evil to abolish evil, since doing so would effectively remove free will.

Perhaps, as has been said in previous postings, good cannot exist without evil. Perhaps the more Taoist way of looking at these things holds true, and there isn't really good and evil but rather positive and negative, and these things are (or should be) always in equality.

Perhaps the Zen Buddhists are right, and this whole human perception of reality is fundamentally flawed.

Then again, it's pretty clear that the Greek dualistic/logical view and the Hebrew God don't mix well. The pathetic God view of the Hebrews accepted such things as emotion and morality as being as true as logic and reason. They really didn't much separate them from a theological point of view. The dualistic body/soul emotion/reason view of Plato and his fellow philosophers viewed pure reason as Truth and God, free from emotion. Obviously, when the two mix, as they often do in Christianity, there is going to be some sort of confusion. There's got to be a compromise somewhere. It's pretty obvious that the Hebrew God is not logical if much of the Bible is anywhere near accurate, as it is full of his fatherly love and jealous wrath. Logic, after all, is a human invention. It's not necissarily true when applied to God, or even to reality.

However it works out, you can't really prove something like whether God exists or not using logic, even if the attempted proof is logically sound.

For what it matters, I'm an atheist existentialist. But I hold that my belief is just that, a belief. It's arguably not truth, if there even is one absolute thing we call truth. So I guess I border somewhat on agnosticism.

Yes, I know my spelling and editting sucks, and my opinion may not agree with yours. Surprise.

Excuse me for being skeptical...

[Sariel]

Back to Plato's idea of the Good. There is one Good, one Truth, one Sun, one God, whatever you want to call it. Anything less is tainted by that which is not good, effectively evil. So if evil is eliminated, there is only one path that is pure good, so there is only one path that can be taken. In other words, no free choice and no free will.

Or at least I think that'll work. I'm not much into arguments for or against God, and I don't think much of Plato so I may have gotten his ideas confused in my reluctance to get them straight.

Excuse me for being skeptical...

[Sariel]

Well, the worst part of Plato's system wasn't entirely his fault. Parmenides, I believe, was the first Greek philosopher to come up with the idea of the single, passive God who is not emotional but pure logic. No doubt his ideas influenced the Stoics or vice versa.

I personally entertain the idea that if there is a single God, he is probably (hopefully) the pathetic God of the Hebrews instead of the cold, emotionless God of the Eleatic school. The ones that believed in a God that matched their world view, anyway.

BTW, anyone who's interested in reading more on this should check out the two-volume series by Abraham J. Heschel called "The Prophets," particularly the second book. It's fun, well-written, and easy to understand.

At any rate, no matter how misguided Plato was, those thoughts are still pretty much dominant in conventional Western thought. Pure order (reason) is thought of as being the ultimate good, and people as being unable to fit that. Therefore, according to that view, people are inheritantly evil. Needless to say, I disagree with that. I also technically disagree with the Hebrew pathetic God, but I would be much more willing to believe in it than the Platonic God.

Excuse me for being skeptical...

[Sariel]

Why would god (the creator of everything) design all the logic and reasoning on this planet and then lead our reasoning to conclude that he's nuts?

God doesn't have to be the creator of everything. God made the world and humans, among other things, according to the Judaeo-Christian tradition, but nowhere, to my knowledge, is it said in any particularly authoritative scipture that the makings of humans are the makings of God. Quite the contrary, in fact. In the Bible, humankind was punished for building the Tower of Babel, for instance, and I think it gave the reason that humankind was trying to rival God's creation.

Flame: confused young female programmers

[nosilA]

(sorry for the flame, but...)
Women are more evolved? What planet are you from? I'm female, I'm 19, and I'm an ECE major (and I have a boyfriend) but it is very rare to find females (even at CMU) who a ren't complete idiots when it comes to computers and engineering... Most of the female CS majors are not CS majors by their sophomore year. I don't think that's a mark of being more or less evolved, just fewer interested females.
Any woman who'd be impressed by your "more evolved" comment is probably less evolved and more of a ditz... sorry...

What about Twofish?

[Baggio]

Ok, what am I missing? This new encryption/decryption system devised by this 16 year old is unique how? That it uses matrices to encrypt and decrypt? Twofish, Shark, Square, and Manta are encryption/decryption algorithms that use matrices. Twofish was first brought to my attention through slashdot, Dec 22, 1998, to recap that article, the "TwoFish encryption algorithm, a possible DES-replacement." The algorithm is already being subjected to hacker assults, and is holding up very well. And the algorithm is fast. I was impressed with what I read about Twofish, and I'm not holding my breath about what this 16 year old has created. Not being able to examine her source, it is difficult to see how her algorithum is would be any better.
Time flies like an arrow;

Go with Twofish

[Baggio]

That is my point exactly.
Time flies like an arrow;

Skeptical

[Elessar]

Hmm.... I'm very skeptical of this. I certainly wouldn't trust any new encryption algorithm until it has been hammered at for a good few years by some cryptanalysis experts. Some pretty intelligent people have proposed new algorithms over the years only to have them exposed as totally vulnerable shortly afterwards.

In short - don't trust it (yet).

okay..

[whydna]

I think this is genuine. I met this girl last year at Intel's International Science and Engineering Fair...As I recall, she had a 700 bit encryption method (or something) that was based on matrices. She won some of the bigger awards (the awards get large (i.e. $10,000+)).

If you search for the 1998 ISEF on intel's press release web page, you can see a couple pictures of her. I think she said her dad works for intel (I wonder if that played a role in her winning so much at intel's science fair).

Not enough info.

[cpeikert]

You can prove relative strength of algorithms by using a reduction argument, i.e. "If I can crack RSA quickly, then by a very simple extension I can factor big numbers quickly. And since nobody seems to be able to factor big numbers quickly, it seems that nobody will be able to break RSA quickly." Note that this doesn't prove that RSA is secure - it just means that there's effectively been thousands of years of the brightest minds attempting to crack it, without success.

The same can be said for the girl's algorithm - if her proof is correct, then it shows that cracking her algorithm quickly means you can also crack RSA quickly. Again, no proof of absolute security, but not bad either. This is far from UBE or some kid devising a "modification" of RC4 and claiming it's the greatest thing under the sun.

Done before?

[cpeikert]

Well, this reminds me A LOT of a problem I was given this past term in MIT 6.857 (Computer and Network Security, professor Ron Rivest). If I remember it right, the description of the girl's algorithm, and the solution to the problem are very similar - the matrix solution involved matrix multiplication rather than exponentiation. I can't comment any more on the similarities because I don't know her algorithm in detail and I don't remember the problem in detail. But I also remember that the problem asked us to decide if the algorithm was as secure as RSA. There were some subtle problems with the proof and I'm not sure if in fact it was as secure.

Also, stating "all the matrix entries are modulo n, therefore it's as strong as RSA" is not even close to an acceptable proof. But I'd give the benefit of the doubt that her proof contains a little more detail.

And they say she's not a prodigy

[Communa]

"otherwise the Government would have &c"

Remember, we're talking about the Irish government here. Despite their origins, they're not noted for shady dealings on quite the same scale as the US (or even the UK) governments.

(Besides, they've just discontinued their currency. They may have other things to worry about right now. ;> )

Missing the point

[smashie]

The whole point of a slow algorythm is that someone can't churn through all the possible key combinations in a short space of time.

I guess some people never stop optimising :)

Hmmmmmmmmm

[PureFiction]

I would still prefer my 448 bit Blowfish cypher.

Has she patented it yet? :-)

[Eltintalle]

she has i think??

Wonder if I can patent x=f(y,z)

[The+Dodger]

You get pissed on five pints of Guinness? Lightweight.

An bhfuil aon duine in ann e seo a dtigmheail?

Wonder what the Gaeilge for "decrypt" is.

The Dodger

PS: Doesn't anyone else find this concept of patenting algorithms just slightly abhorrent? Or are my extreme hacker tendecies ("INFORMATION WANTS TO BE FREE!!!") coming to the fore again?

Wonder if I can patent x=f(y,z)

[The+Dodger]

> x=f(y,z) would be considered pre-existing and therefor not patentable.

I would posit that _all_ mathematical functions pre-exist. Christ, imagine if Einstein had worked for some money-grabbing corp and they patented E-mc^2? Or if patent laws had existed in ancient Greece or Rome. "Sorry, everyone, you can't do long division, because Maths, Inc. has the patent on the algorithm."

Fuck that, my friends. I have no problem with copyright - i.e. if you publish some software, people shouldn't copy it and use it without paying for it - but if someone manages to come up with the same idea by themselves, I don't think they should be prevented from exploiting their idea just because someone else came up with it as well.

Dodge

How come I never meet girls like this?

[Ex+Machina]

Dammit! I never meet cool girls like this. I'm lucky if I can find a girl who can use AOL and knows basic HTML. Oh well... maybe in college I'll find lots of highly attractive girls who would find me more attractive than the rest of the 90% male population. Wait. Maybe I should goto a liberal arts school.


Ex Machina "From the Machine"
xm@GeekMafia.dynip.com [http://GeekMafia.dynip.com/]

Caption of the picture

[K.]

The competition she won was a general science one, and one with a strong emphasis on observational sciences, so I wouldn't be surprised if the judges weren't able to understand her code.[1] It's still a very impressive achievement, especially considering the pretty weak amount of CS taught in our secondary schools.

But of course, it doesn't amount to much in the real world until hardcore crypto people have hammered at it for a while.

K.
-
[1]The cynical view is that since the sponsorship for the competition was recently taken over by a telecom company, there may be an element of "Anything But Biology" in their choice of winner.

30 minutes for RSA?????

[dmz]

They were talking about "strong" encryption. Not the standard pgp type stuff. But where you HAVE to have it encrypted, new seeds for every character and all type stuff...

You call that a proof??

[Artemisia]

Where is the false premise?

The above poster was right that there is a false premise. Or at least an unproven premise, which is enough to disqualify this as a logical proof. And he said what it was, although he didn't explain it as well as he might have. It is that...

If he can, but does not want to, he is wicked.

Here is a simple counterexample (somewhat hypothetical). I don't like people who yell really loud in Sproul plaza. I can kill people who yell really loud in Sproul plaza (in principle). And yet there are people who yell really loud in Sproul plaza. Those three facts are completely compatible. It may be true that God is omnipotent and hates evil, and yet has some other reason for allowing it to exist. I could speculate as to God's reason for allowing evil to exist, but my point is that this is not a logical argument for the nonexistence of an omnipotent evil-hating God.

The other problem with your proof is that you never bother to define evil. I'm sure Epicurus did, but I'm not sure his definition is the same as that of most people today, or the same as that of Christians. In fact, sadly a lot of Christians I know have not thought very deeply about what evil is, and as a result are very shocked when they read the Old Testament and find out that God did a lot of things they would consider evil. But that is an entirely different discussion...

You call that a proof??

[Artemisia]

Unless you find an actual reason for evil to exist (instead of saying there MIGHT be one), the reasoning still stands.

I don't need to prove the opposite of what you have shown in order to show that you have not proven what you claim. Showing your proof to be wrong is a different (and much easier) task from showing your claim to be wrong. I did not show that a good God exists, I merely pointed out that you did not show that a good God does not exist. A proof that might be wrong is wrong. This is inherent in the definition of a proof.

You are saying that god is the ultimate wildcard.

Precisely! Here is my attempt at a guess at God's reason for allowing evil.

You claim that a good god (I won't keep repeating omnipotent, just understand that I mean an omnipotent god) could not have made this world because it is bad. I believe free will is good. I cannot concieve of free will without evil. If we don't have a choice between good and evil, then we aren't given any significant choices, so that doesn't count as free will. So free will is good, but we can't have free will without evil (I don't think I can prove this, by the way), so perhaps God allows evil in order to provide a greater good.

You could claim that this god is not omnipotent, because he can't give free will without evil. I concede that it may be possible to have free will without evil, even though I cannot conceive of it. However, if this is not possible, that doesn't make God unomnipotent any more than the fact that he can't make two odd does.

Plato was certainly not insane.

[Artemisia]

Plato was insane, just read about his Republic. Nobody knows if he was being serious or making a parody, but I'm inclined to think he was serious and one serious nutcase.

Maybe if you had bothered reading some of his writings you would have a different opinion. Plato's writings are full of joking bits, especially the Republic. And Plato never gives any hints that he is joking. Most of his jokes (at least, those that aren't puns) involve pretending to be dead serious about something that is ridiculous.

(Some of the more memorable examples of Plato's humor include the bit about the Lacedaemonians in Protagoras, the bit about dogs in the Republic, and just about all of Parmenides and Euthydemus.)

Excuse me for being skeptical...

[Artemisia]

I'm not about to conceede that suddenly you (and a couple other idiots) have found a flaw in a logical riddle that is 2 millenia old. It still exists because it's NOT wrong. You'll have to accept that.

I'm afraid I won't have to accept that. Two thousand years does not make anything correct. You seem to have no respect for Plato, and his writings have been around for longer than those of Epicurus.

Notice the Epicurus lived BEFORE the Christian god existed. He never HEARD of Jesus, or Christ. He lived during a time when Greek and Roman mythology were still bonafide religions. And if you've read any of that mythology, none of the gods were omnipotent or good, and many of them practiced EVIL.

However, it you have also read Plato's work (which came before Epicurus), you will know that there was a lot of revisionism going on. Plato did believe that god was good, and on that basis rejected much of the old mythology. He also believed that god was omnipotent. I don't think that he said that explicitely, but he did say that he didn't believe that anything bad (remember, he had a different understanding of bad than most people) could happen to good people, since the gods wouldn't allow it. Presumably it was works like those of Plato which Epicurus was responding to.

I guess I should mention as a caveat that I obviously don't know what Plato believed, since he only wrote dialogues. However, if I remember right, most of what I have refered to here can be found in Euthyphro, in case you're interested.

Time will tell.

[FireReaper]

Personally, I can't understand why there is such
a strong sense of distrust and antagonism against
this person who obviously has worked hard to both
learn the material and work on the code. At least
for that, she deserves credit.

Call me cynical if you will, but if the NSA or RSA
announced that they had a new algorithm, the
opinions would not have been this biased, bigoted,
and enflamed. There have been posts in this thread
that denounces her achievements on the basis of
gender, ethnicity, the reputation of the reporters,
the reputation of the events, or in some limited
cases, the plain ignorance of the poster. Why do
I feel that if there had been a corporate logo and
an army of suits that people would have been more
respectful of the news?

But don't get me wrong, I believe that with all
forms of coding, thorough testing of the algorithms
and continued work is not only a good thing, but
required. Just don't discount the work of people
like Ms. Flannery's before the vote is even in.

Linus's work was denounced by a figurehead at the
birth of his idea. But time has told who was right
and who was in need of an open mind.

Her work might not meet with the approval of many
people, but instead of turning one's back on it
so quickly, perhaps one should take a closer look
at it.

Personally, I hope she patents it and decides to
release it under one form of open source license
or another. It would be a boon to the net community
for new ideas to be tossed about and snowball.

*smiles* Maybe even give some of the critics a
little something to chew on.

Anyways, that's my two cents. The Intel site has
some pretty cool pics of Ms. Flannery. Whether her
code turns out to be a big thing or just another
blip on the scope, I hope she has a long and
bright career in the field of Cryptography. She
seems to already have a pretty good start and
a knowledgable father to lend her a hand if she
would ever need the help.

- Wing
- Reap the fires of the soul.
- Harvest the passion of life.

hmm?

[saturated]

anyone know if she is single :) yummy! me loves smart young girls :)

matrices.. man, brings back memories.. we tried something similar in encryption in college but it never panned out so we wrote a cheap compression algo that did nothing but looked like it did..

skrezatch

Blarney?

[GBorter]

I would have to say that a story originating from out of Blarney, Ireland does tend to give one pause for thought. Isn't this where the Blarney stone originated? From some of the replies that I've read here it does sound like the story is on the level, but the Blarney reference was making me wonder about the story.

I love 16 year old girls...

[ghostOfSlashDot]

...I love getting oral sex too..

And they say she's not a prodigy

[betsywetsy]

That bothers me. She's gotta be pretty
brainy to understand this stuff at her
age, let alone turn the science on its
head. Why do they emphasize that she's
not a genius?

Seems like there's a new encryption claim
every few months - some of them just don't
pan out. Hope this one does, but I'm
skeptical...

Patent & contribute to Free/OSS

[vovin]

The best scenario for Free/OSS is that this is true, and that she isn't interested in the profits of this patent. Then she could patent this algorithm, using The League for Programming Freedom This would add a patent to the pool we will need, not that software can be patented.

Would be nice if someone let her know her options.

I have never seen such Pure Jealousy

[HeghmoH]

You allege that the complaints stem from jealousy and the age of the person that invented this. I would bet that the same comments would be made if there was this much hype surrounding some math professor whose code could not be understood by the "brilliant" judges and has not been verified beyond the claims of some article that is clearly written by someone either pandering to the masses or one who doesn't understand the subject material that well.

When it's verified that this algorithm is shown to be truely useful, I shall have nothing but praise, but until then, I will continue to think that this is just the media attempting to leverage a "cute" story about a young girl to get hits and sell newspapers.

I can't believe it

[cvoid]

Well, I think that her discovery was simply a different approach. This happens ALL THE TIME in scientific research. Sometimes you can't see the forest from the trees when you are buried. It sometimes takes someone without any experience to try something no one else has even considered. So I will give her the benefit of the doubt, for the time being.

After all, the CRC tables [Chemical Rubber Corp book of tables] had to be recalculated in the seventies when a 14 year old discovered they were all wrong.

If it's faster, isn't it LESS secure?

[jimduchek]

It seems to me that if it encrypts in 1/30th the
time (although THAT part of the story reeks of
male cow excrement), it would take 1/30th of the
time to crack it using a brute-force technique? Anyway, until I see the algorithm, I aint gonna
use it :)

Huh?

[Papa]

Do you have an example of companies stealing an algorithm by patented already-copyrighted formulae? The only examples of patented algorithms I know of are ones that are kept from public use.



Papa

The full story...?

[SlowarisGod]

So wouldn't this indicate a possable vunerability to a chosen plain text attack ?

Hopefully

[Artemis]

I hope this is really something that's true, and not just crap. If it's true, it might actually be something useful, but the government will probably rape it anyways if it is.

Force Recon Half-Life TC: Check it out

Am I just supposed take her word on it?

[John+Hays]

Poor article. It gives us a lot of fluff without any hard questions. It appeals to the authority of her father, the Math prof, as guarentee to the algo's security. It implies that speed, not government paranoia, is what's keeping cypto out of the mainstream.

How do you prove an algo is as secure as RSA with out years of cryptoanalysis by recognized experts? Actually, no cryptographic algorithm is proven secure. They just haven't found a feasible attack.

I like the caption, "The prize judges could not completely understand the "brilliant" code." But the awarded the prize anyway.

The full story.

[William+Whyte]

Hi,

This is a copy of a mail I sent to the UK Crypto mailing list earlier today about this story. Sorry in advance for the long sig, but I'm writing in an official capacity.

As far as the patents go, the algorithm is based on ideas of ours and so she and we would have to talk about legal issues before we made any move in that direction. Baltimore is very aware, though, of how hard it would actually be to make any money off a public-key algorithm, given that RSA and DSA/DH are more-or-less hard-wired into the standards, and given that (for understandable reasons) the Internet community is wary of crypto algorithms that have licensing issues associated with them.

William

================================================ =

The algorithm that Sarah won the Young Scientist Competition with is based on work that Sarah did in Baltimore when
she was here on a student work placement last March. We've been
looking at algorithms based on 2x2 matrices for a while and
gave her the idea to see what she could do with it.

The idea we were working on was to use 2x2 matrices with entries
modulo n, n the product of 2 primes (ie an RSA number). The
security is therefore exactly the same as the security of an RSA key with
the same modulus. However, the encryption and decryption processes
require only a small number of matrix multiplications rather than
modular exponentiation, so both public-key operations (16 multiplications
over the finite field) and private-key operations are as fast as a
normal RSA private-key operation (17 multiplications). The downside
is that both the key and the ciphertext are about eight times the
length of the modulus, rather than more-or-less the length of the
modulus as with RSA.

That was our idea, anyway. I haven't had time to look at Sarah's
project in great detail so I don't know how far (or even whether)
she's taken it beyond where we had it.

Sarah, by the way, is level-headed enough to know that new public-key
algorithms only made you millions if you invented them in the Seventies.
Her real problem is trying to stop the journalists talking up the
stupid parts of the story while still emphasising that there's a real
story in there.

Cheers,

William

================================================ =============================

William Whyte, Senior Cryptographer, Baltimore-Zergo

Zergo & Baltimore Technologies merge in $55m deal !
The new company name will be "Baltimore"

See Baltimore at Stands 235 & 425
RSA Data Security Conference, 17-21 Jan '99


Baltimore Ltd, IFSC House, International Financial Services Centre,
Custom House Quay, Dublin 1, Ireland.
Tel. +353 1 605 4399 Fax. +353 1 605 4388
Email: info@baltimore.ie
Website http://www.baltimoreinc.com/
Baltimore - Global e-Security

Caption of the picture

[William+Whyte]

The word "brilliant" was a direct quote from the judges. That's why it was in inverted commas.

William

In best Banky Chasing Amy voice:

[Alex_4.0]

What's an algorithm?

Smelly humour

[Alex_4.0]

Why did Sarah use a 2x2 matrix? To be sure to be sure to be sure to be sure!
[runs away]

Algorithm

[Booma]

Apparently she developed this as a science project (which she won) and is entering it into the european young scientist comp. It is said that she has considered patenting it but is more inclined to publish. Read it in the times today.

okay.. AND We'll see what math thinks of this.

[seejay]

Andrew Wiels DID solve Fermats last theorem, and from what I've read in the press, this new algorithum seems genuine (unlike the Y2K 'Silver Bullet').

get a realdoll

[dangerboy]

..or better yet, a realhamster

There is to be no patent

[cobyrne]

Wooops - there is more on this story on the Irish Independent newspaper