Crypto

Extracted without permission from Neal Stephenson's book Cryptonomicon. A fantastic book envisioning the future of cryptography and the net - I thoroughly recommend it.

[Randy] turns on his laptop. Electronic mail from Avi, encrypted to a fare-thee-well has been piling up in his inbox...Randy fires up a piece of software that is technically called Novus Ordo Seclorum but that everyone calls Ordo for short. It is a fairly strained pun based on the fact that Ordo's job, as a piece of cryptographic software, is to put a message's bits in a New Order and that it will take Centuries for nosy governments to decrypt it. A scanned image of a Great Pyramid appears in the middle of his screen, and a single eye gradually materializes at its apex.

Ordo can handle this in one of two ways. The obvious way is to decrypt all of the messages and convert them into plaintext files on his hard disk, which he can then read any time he wants. The problem with this (if you are paranoid) is that anyone who gets his hands on Randy's hard disk can read the files. For all he knows, the customs officials in Manila will decide to ransack his computer for child pornography. Or, fogged by jet lag, he'l leave his laptop in a taxi. So instead he puts Ordo in a streaming mode where it will decrpyt the files just long enough for him to read them and then, when he closes the windows, expunge the plaintext from the computer's memory and from its hard drive.

Avi sent him encrypted e-mail:

When you get to Manila I would like you to generate a 4096-bit key pair and keep it on a floppy disk that you carry on your person at all times. Do not keep it on your hark disk. Anyone could break into your hotel room while you're out and steal that key.

Now, Randy pulls down a menu and picks an item labeled: "New key...."

A box pops up giving him several KEY LENGTH options: 768 bits, 1024, 1536, 2048, 3072, or Custom. Randy picks the latter option and then, wearily types in 4096.

Even a 768-bit key requires vast resources to break. Add one bit, to make it 769 bits long, and it becomes twice as difficult. A 770-bit key is twice as difficult yet, and so on. By using 768-bit keys, Randy and Avi could keep their communications secret from nearly every entity in the world for at least the next several years. A 1024-bit key would be vastly, astronomically more difficult to break.

Some people go so far as to use keys 2048 or even 3072 bits in length. These will stop the very best codebreakers on the face of the earth for astronomical periods of time, barring the invention of otherworldly technologies such as quantum computers. Most encryption software - even stuff written by extremely security conscious cyrptography experts - can't even handle keys larger than that. But Avi insists on using Ordo, generally considered the best encryption software in the world, because it can handle keys of unlimited length - as long as you don't mind waiting for it to crunch all the numbers.

Randy begins typing. He is not bothering to look at the screen; he is staring out the window at the lights on the trucks and the jeepneys. He is only using one hand, just flailing away loosely at the keyboard.

Inside Randy's computer is a precise clock. Whenever he strikes a key, Ordo uses that clock to record the current time, down to microseconds. He hits a key at 03:05:56.935788 and he hits another one at 03:05:57.290664, or about .354876 seconds later. Another .372307 seconds later he hits another one. Ordo keeps track of all these intervals and discards the more significant digits (in this example the .35 and the .37) because these parts will tend to be similar from one event to the next.

Ordo wants randomness. It only wants the least significant digits - say the 76 and the 07 at the very ends of these numbers. It wants a whole lot of random numbers and it wants them to be very, very random. It is taking somewhat random numbers and feeding them through hash functions that make them even more random. It is running statistical routines on the results to make sure that they contain no hidden patterns. It has breathtakingly high standards for randomness, and it will not stop asking Randy to whack the keyboard until those standards are met.

The longer the key you are trying to generate, the longer this takes. Randy is trying to generate one that is ridiculously long. He has pointed out to Avi, in an encrypted e-mail message, that if every particle of matter in the universe could be used to construct one single cosmic supercomputer, and this computer was put to work trying to break a 4096-bit encryption key, it would take longer than the lifespan of the universe.

"Using today's technology," Avi shot back, "that is true. But what about quantum computers? And what if new mathematical techniques are developed that can simplify the factoring of large prime numbers?"

"How long do you want these messages to remain secret?" Randy asked, in his last message before leaving San Francisco. "Five years? Ten years? Twenty-five years?"

After he got to the hotel this afternoon, Randy decrypted and read Avi's answer. It is still hanging in front of his eyes, like the after image of a strobe:

I want them to remain secret for as long as men are capable of evil.