Prime numbers and encryption

How Encryption Works

Prime Numbers - Encryption is based on prime numbers - two prime numbers to be exact. When multiplied together, two prime numbers will yield a product that is only divisible by one and itself – and those two prime numbers. These prime numbers are used in a complex algorithm to scramble (encrypt) a message or file. Thereafter, the two prime numbers are needed again in order to unscramble (decrypt) the message or file.

Size of the Prime Numbers - The size of prime numbers used dictate how secure the encryption will be. A message encrypted with prime numbers that are 5 digits in length (40-bit encryption) yields about 1.1 trillion possible results. A message encrypted with prime numbers that are 7 digits in length (56-bit encryption) yields about 72 quadrillion possible results. However using 128-bit encryption (16 digit numbers) yields 340,282,366,920,938,463,463,374,607,431,768,211,456 possible results. Mathematically, It would take a super computer testing 100 billion passwords per second, 107,829 billions years to break 128-bit encryption using brute force. (Today’s fastest chips can handle about 256 million encryptions per second.)

Time Needed To Crack - Mathematically speaking, based upon today’s top computing power 40-bit, 56-bit, 64-bit, and 128-bit encryption could be broken in 1 second, 19 hours, 7 months and 11,000 quadrillion years, respectively. This is why 128-bit encryption is the standard used world wide to protect financial transactions and sensitive data.

Key Length (bits)	1995	2000	2005
40	68 seconds	8.6 seconds	1.07 seconds
56	7.4 weeks	6.5 days	19 hours
64	36.7 years	4.6 years	6.9 months
128	6.7e17 millennia	8.4e16 millennia	1.1e16 millennia
Table of time needed to break certain key sizes using hardware http://www.cs.bris.ac.uk/~bradley/publish/SSLP/chapter3.html

It has been estimated that 128-bit encryption will be breakable in about 105 to 125 years (by the years 2109 to 2129).

Letters versus Numbers - You might be interested to know that four words selected at random are much more effective than 56 Bit encryption. According to Jeremy Bradley of the University of Bristol, a 7-character password (56-bit) has 1,028,071,702,528 possible results. However four random words yield a total of 390,625,000,000,000,000 possible results. His basis for this claim is explained here: http://www.cs.bris.ac.uk/~bradley/publish/SSLP/chapter3.html.

Symmetric-key versus Public-key

Most computer encryption systems used today fall in one of two categories: Symmetric-key encryption or
Public-key encryption. These concepts are described below:

Symmetric Key - In symmetric-key encryption, each computer has a secret key (code) that it can use to encrypt data that is sent back and forth. Symmetric-key requires that you know which computers will be talking to each other so you can install the key on each one.

Public Key - Public-key encryption uses a combination of a private key and a public key. The public key (makes the message public) is stored only on your computer, while the private key (makes the message private) is given to anyone who wants to communicate securely with you. A very popular public-key encryption utility is called Pretty Good Privacy (PGP), which allows you to encrypt almost anything. This product is discussed below.

PGP (Pretty Good Privacy)

PGP or Pretty Good Privacy was released on June 5, 1991. Developed by Phil Zimmerman, Phil first sent PGP to Allan Hoeltje and then Kelly Goen who in turn released PGP through Internet user groups. This set off an unexpected feeding frenzy. Volunteers around the world offered to help Phil port PGP to other platforms, add enhancements, and generally promote the product.

Fifteen months later, in September 1992, PGP 2.0 was released for MSDOS, Unix, Commodore Amiga, Atari, and a few other platforms, and in about ten foreign languages. Shortly thereafter US Customs took an interest in the case. At first the government tried to build a case against Phil for exporting weapons outside the US, and they frequently harassed him. By doing so the government helped propel PGP's popularity by igniting controversy that would eventually lead to the demise of the US export restrictions on strong cryptography. Today, PGP remains just about the only way anyone encrypts their email. And now there are a dozen companies developing products that use the OpenPGP standard, all members

You can download PGP for free, or purchase a more feature rich version at this web site: www.pgp.com. Here is a quick introduction into using PGP:

To start using PGP, launch the product and start the wizard to generate the encryption keys as shown below:

The PGP wizard shown above walks you through the process of creating your encryption keys.

PGP is based on public key cryptography, a widely accepted and highly trusted public key encryption system, by which you and other PGP users generate a key pair consisting of a 'private key' and a 'public key'. As its name implies, only you have access to your private key, but in order to exchange files with other PGP users you need a copy of their public key and they need a copy of yours. You use your private key to sign the file attachments you send to others and to decrypt the files they send to you. Conversely, you use the public keys of others to send them encrypted files and to verify their digital signatures. PGP won't route your e-mail over a Secure Socket Layer (SSL), but it will be unreadable by anyone other than you and the person to whom it is addressed. Keep in mind that encryption is for the message body only - it does not hide the subject line or the headers.

One popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL recently became part of an overall security protocol known as Transport Layer Security (TLS).

Look for the "s" after "http" in the address whenever you are about to enter sensitive information, such as a credit-card number, into a form on a Web site

In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways. You will notice that the "http" in the address line is replaced with "https," and you should see a small padlock in the status bar at the bottom of the browser window.

The padlock symbol lets you know that you are using encryption.

Public-key encryption takes a lot of computing, so most systems use a combination of public-key and symmetry. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.

When PGP was first developed, it was absolutely understood that the only person capable of reading an e-mail encrypted with PGP was the e-mail recipient. Although this is unconfirmed, it is strongly suspected that since PGP was purchased from Phil Zimmermann, its developer, by Network Associates, Inc. (NAI) several years ago, it is quite possible that a 'master key' exists in the hands of both NAI and the U.S. Federal Government. Even with this in mind, PGP is just about the safest and most reliable method of encryption available. PGP Corporation provides the source code for PGP upon request and acceptance of a license agreement. Though not fully open-source, certain elements of PGP subject it to the General Public License so that modifications can be reviewed by customers and cryptography experts.

In October, 2001, NAI put PGP up for sale. With no buyers, in March of 2002 NAI dropped support and development of its PGP desktop encryption software.

On August 19, 2002, NAI sold PGP to PGP Corporation, a newly formed company. The deal gives the new company a line of encryption products based on the PGP algorithm, including PGPmail, PGPfile, PGPwireless, PGPkeyserver, for the Windows and Macintosh operating systems.

A full history of PGP can be found at www.pgp.com/company/pgphistory.html

Though a freeware version of PGP does exist, the End User License Agreement (EULA) is rather restrictive limiting it to home-based non-profit use. Freeware PGP set-up only takes a few minutes, but users should note these facts about the free version of PGP:

• Does not include automatic encryption of email file attachments
• Does not provide plug-in integration with Outlook, Outlook Express, and other email applications
• Does not operate with PGP Admin or other PGP deployment tools

GNUPG www.gnupg.org

Free Software Foundation, Inc. offers GnuPG, (GNU Privacy Guard) a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.

Conclusion

While freeware and open-source software may not be the solution for every company, small to medium size businesses can benefit from the low TCO and the community of users working to improve or enhance the product. Furthermore, cautious companies can purchase the software with included support contracts from distributors to achieve a comparable level of documentation and support as other commercially marketed solutions.

The existence of coded messages (or cryptography) has been verified as far back as the Roman Empire.

RSA: 56-bit crypto too weak - http://news.com.com/2100-1023-204556.html?legacy=cnet

Honorary doctorate without college education

John H. Lienhard presents Peyman Pakzaban

Imagine a father racing against time to invent a device to save the life of his son. John W. Holter worked as a machinist for a lock company in 1955 when his son, Casey, was born. Casey was diagnosed with hydrocephalus at birth. Too much fluid was building up inside his brain. In those days, most patients with hydrocephalus died or suffered brain damage.

Six years before Casey’s birth, two Philadelphia neurosurgeons, Spitz and Nulsen, had come close to a solution for hydrocephalus. They had made a brain drain — a shunt. This was a tube implanted under the scalp with one end in the brain, the other in the jugular vein. Its purpose was to drain excess brain fluid into the bloodstream. To prevent the backflow of blood into the brain, the tube had a crude one-way valve, made of metal balls and springs. Alas, the valve often malfunctioned. As far as we know, only one patient was ever helped by this shunt.

To keep 5-week-old Casey alive, a needle had to be inserted each day through the soft spot in his skull to remove the excess fluid. Dr. Spitz told Holter about his shunt. He also told him about the problems with the valve and the high likelihood of failure. Holter headed home, locked himself up in his garage, and three weeks later emerged with the first prototype of what would later be called the Spitz-Holter shunt.

John Holter works on his shunt, while his wife holds Casey.

Holter’s simple and elegant solution was a slit valve in polyvinyl chloride tubing. It worked much like the nipple on a baby bottle. When the brain fluid pressure became dangerously high, the rubber would stretch and the valve would open so that the fluid could get through. Unfortunately, polyvinyl chloride deformed in high temperatures and could not be sterilized.

As Casey’s condition worsened, Holter frantically searched for another material. He found out about silicone and convinced a rubber company to make his shunt out of silicone. But Holter’s shunt was ready a week too late. They had to give Casey the old ball and spring shunt. During that surgery, he suffered severe brain damage and died a few years later. A week after that operation, another child received Holter’s first shunt and fully recovered.

After his son’s death, Holter made it his life’s mission to perfect his shunt and make it available to others. His invention is still in wide use, and it has saved countless lives. Holter, who he did not have a college education, received an honorary doctorate for his work and became the first non-physician member of the American Association of Neurological Surgeons. While Casey’s dire need plunged Holter into the inventive process, Casey’s death galvanized Holter’s resolve and afforded him the closure he needed to complete the methodical process of invention.

A modern programmable shunt and its programming wand. The opening pressure of the this shunt valve can be adjusted before or after the shunt is implanted, allowing the shunt to be fine tuned with respect to cerebrospinal fluid dynamics of individual patients. An integrated anti-siphon device prevents over-drainage of cerebrospinal fluid when the patient stands.

Endnote

Holter and Spitz eventually patented the valve design and set up a company to mass produce it. Although shunts have greatly evolved since 1956 (in large part due to later contributions by Holter), several versions of the Holter valve remain in use even today. Holter went on to invent many more medical devices, but he is primarily remembered for his shunt. He died in 2003, having saved countless lives with his inventions.

Spirals

Archimedean spiral
It is the locus of points corresponding to the locations over time of a point moving away from a fixed point with a constant speed along a line which rotates with constant angular velocity.

Applications

scroll compressor (also called spiral compressor, scroll pump and scroll vacuum pump) is a device for compressing air or refrigerant.

Hyperbolic spiral

A hyperbolic spiral is a transcendental plane curve also known as a reciprocal spiral. It has the polar equation rθ = a, and is the inverse to the Archimedean spiral.

Fermat's spiral

Fermat's spiral, also known as the parabolic spiral, is an Archimedean spiral with

Logarithmic spiral

A logarithmic spiral, equiangular spiral or growth spiral is a special kind of spiral curveDescartes and later extensively investigated by Jakob Bernoulli, who called it Spira mirabilis, "the marvelous spiral". which often appears in nature.

Binocular vision by John H. Lienhard

We humans are largely binocular beings. Each eye alone gives us roughly a 130-degree field of vision. With two eyes, we can see nearly 180 degrees. Most of that field is what's called a Cyclopean image -- the single mental picture that a Cyclops might see. But that single image, created by two eyes, has both range and depth. Only an occasional person, despite having two eyes, remains monocular. Their eyes fail to form that Cyclopean image.

You and I are predator animals. Like other predators, our eyes face forward. They're designed less to look out for our own protection than to locate prey.

Horses, cattle, and sheep, on the other hand, are the predator's prey. They have to be aware of danger from any direction. The eyes on either side of a horse's head, for example function in monocular mode. A horse can see all the way around, except for the portion in back that's blocked by its own body. And it has binocular vision over a very small range directly in front. By the way, a horse's vision is roughly 20/30 compared to 20/20 for a human. And it has a limited ability to distinguish colors.

The eyes of the predator cat have even poorer resolution, far less ability to distinguish color, and a very limited field of view. Cats have to turn their heads to see all around them. But, they have much wider binocular vision, excellent night vision, and they quickly accommodate to lighting changes. Cats have another predator advantage: Unlike humans, they don't have to blink to keep their eyes lubricated with water.

The prey/predator difference is dramatic in birds. A birder once told me, "There are really only two kinds of birds: raptors and bird feed." A pigeon's field of vision is even greater than a horse's -- nearly 360 degrees, with a very narrow binocular portion in front. And it processes what it sees faster than we can. Like horses, pigeons are very sensitive to any movement.

A predatory owl has only a 120 degree field of vision, and most of that's binocular. Like us, any such raptor has to turn its head this way and that, but they can spot prey at great distances. The accuracy of their binocular vision is astonishing by human standards. We use the expression "hawkeye" for good reason.

Unlike humans, few birds can move their eyes. But they're very well-equipped to distinguish color. The eyes of sea birds function like camera filters, cutting through haze and fog. A penguin's eyes are adapted to blue aquatic surroundings. Most birds can see well into the ultraviolet range, which we cannot see at all.

So animals display either the binocular focus of predators like us, or the wide visual spread of prey animals. And that's only the beginning. Once we know the clues, the eyes -- how they're placed and how they act -- have so much more to tell us about who and what any beast really is.

I'm John Lienhard at the University of Houston, where we're interested in the way inventive minds work.