Focus 580; The Secret History of Public Key Cryptography

Good morning and welcome to focus 580. This is our telephone talk program My name's David inch. I am glad very very glad to have you with us this morning and we are going another couple of conversations. Probably for as long as humans have been around or at least going back a long way in human history people have recognized the need for secure communications particularly in areas of war and politics and probably about as soon as people started writing things down they started to develop ways to encode that information so if it fell into the wrong hands the information wouldn't be available. That is a continuing concern and in fact it's maybe even a greater concern now in the age of the Internet than it ever has been before because what one person can invent another person can crack. And for some time people have been on this quest to find a kind of security method a way of encoding data and information that would be completely secure. This morning in this part of focus 580 will be

talking a bit about a method that seems to provide the answer to that need something called public key cryptography. And if you don't know what this is Have no fear we'll explain it to you and talk about what it is and where it came from and why it's important. We have two guests here with us in studio Nigel Boston. He's professor associate professor of mathematics at University of Illinois he is also director of the Illinois Center for cryptography and information protection. And joining us by telephone is Simon Singh. He is a journalist who specializes in writing about science and mathematics and he's the author of a couple of books his first two which was a bestseller in the U.K. and also did very well here in the United States was from Matz and that's the title of the U.S. version of the book. And in 1907 he began working on his second titled The Code Book which is a history of codes and code breaking and you might recall that he was here on this program with us and we talked about the code book as a result of that book.

He got involved again as he had been before in television and did a series for British television on the science of secrecy and there is also a companion book to that series which is titled The science of secrecy. Simon Singh will be visiting Champaign Urbana In fact he'll be here tomorrow. To give a talk which is part of any event to celebrate the golden anniversary of the University of Illinois coordinated Science Laboratory he'll be talking on this very topic about The Secret History of public key cryptography. Tomorrow afternoon at 4:15 this will be in 314 Altgeld hall the campus and of course anybody who is interested is welcome. The events are open to the public also following that at 5:45 he'll be doing a book signing at the align a union bookstore at the author's corner. So if you're interested in meeting him he will be there and you can stop by. And as we talk here this morning your questions are welcome. The number here in Champaign Urbana 3 3 3 9

4 5 5. We also have toll free line good anywhere that you can hear us that is 800 to 2 2 9 4 5 5 3 3 3. WRAL and toll free 800 1:58 W while I well Professor Boston welcome. Thank you. And here on the telephone with us Simon saying good morning. Thanks for talking with us today. That's my plan too. It's a start out here I guess we should talk just at least a little bit about this business of code and maybe the way to start out would be like this. I know that if we say the three of us decided that we wanted to exchange letters we're going to write to each other we want to make sure that if somebody else got that letter they wouldn't be able to read it. We could figure out a way of doing that. We could for example write out our letters. We could sit down and then we could say well for every letter of the alphabet in our message it will count for over. And we'll take

that letter and then write that down and send that. And that means that anybody who would get one of these letters would look at it it would just be a jumble of letters it wouldn't make any sense. The problem though is that you we all know how this works. And the more people that know the key the more difficult it is to maintain the secrecy of that communication. So there sort of is the initial problem for what's called I guess that's a symmetric system. Yeah I mean we have a very real situation now in that I'm over here in New York and you're there in Illinois and I may have some secret communication that I want to send to you in advance of my arrival tomorrow. And I'm up you know. Tell you what that secret messages on the phone because this message is being broadcast all over the state. So I want to encrypt I want to scramble up this message maybe it's an e-mail that I'm going to send and and then I'll scrounge it up and I'll send it to

you and it'll get to Illinois. But the problem is I haven't told you how to unscramble it. You know we've never met before. And and the question is how do I get not scrambling recipe you correctly called it a key. How do I get that recipe to you. I need some very secure method. And the problem is if that was a secure method for me to deliver the key to you then I'd use that method to deliver the message. So it's a sort of a vicious circle. Well I guess so the issue is that when we come to public key cryptography it goes back to the example before that as in that example what I'd say we're going to agree there's going to be this code we're all going to know how it works. I use it on my end to encode the message and then you use it on your end to decode the message so there's only one. Basically there's one key that's the same. We both have it and because there's only this one and we have to exchange it or anybody else I would send my message to if I wanted them to read it.

Well I have to give them the key to then that makes it much more difficult to keep the whole thing secret because everybody uses the same key. So then we come to public key cryptography and the thing that makes this different is there are two keys you use one to encode and one to decode and you can make one public and keep the other one secret. And by doing that that means that this is actually we now have what seems to be the perfect way of doing it was seems to work pretty well right now except that each of these public key cryptosystems depends on solving some very hard mathematical problem. And we number theorists are getting better at solving these mathematical problems. So in other words to find the private key from the public key so that you know you have the same power as the person who posted the code it. Then you have to solve this problem. And for instance factoring the large integer is

the basis of the most popular system right now the RSA system and there are huge advances in our ability to fact the large integers using quite advanced mathematics. And because of that RSA is turning to longer and longer key lengths which is restricting where it can be used for instance in if there are in a Palm Pilot or whether it's some constrained environment then you might not be able to use our AC CB It's a very important idea that you've just mentioned. Concept of a public key and a private key. So it's an error you say they're not symmetric so that the public key is something that you can send everybody you can put it on the web you can put it in a phone directory you can put it on your business card and it's essentially instructions for had to encrypt your message but that information those instructions are of no use whatsoever when it comes to decrypting the message that information is a distinct and I keep that

secret. So anybody can encrypt a message and send it to me but only and even they know even though they know how to do this only I know how to wonder it and it's sort of there are a lot of analogies in everyday life which sort of fit this. For example you know we can open letters in the mailbox that's easy but only only the mailman has the key to open the box and get a less exact. You know anyone can put something in the back of a car and slam the trunk shot. But only if you've got the key can you open it. So these are a lot of examples of what you might call a one way operation they're very easy to do in one direction very easy to put the letter in the letter box very easy to slam the trunk shut but under in them getting the letters out of the mailbox hoping that the trunk is very hard and that's what all of these systems. Based on that sort of easy to do very difficult one do and they should have some special knowledge which as you say one of the private key. And I gather another one of the assets are or the benefits of a system like this is that also because anyone has the public key they can

encrypt the message but only I have the private one and only I can decoded then that also tells me if I receive a message from someone whether in fact I guess I'm not sure exactly how this works but I know that it does work that I can have some assurance that that message did in fact come from that person that it says that it came from. Otherwise the decrypted version after I use my private key. It would make any sense if it comes out of it's actually I can read it that I know well. Yeah. Simon Singh really did send me this message. Yeah I know this is a very important aspect of cryptography which you know we should have been focusing on secrecy and privacy so far but cryptography is all about. It is also a fact identity of the site. If I had went out when I scramble up he managed send it to you had you know it's really from Simon saying. Also sometimes I'm not worried about secrecy if I order a book or online I don't care if anybody knows I've ordered that book but I don't want anybody to tamper with that message

and order 10 books instead of one. And similarly when the when the retailer received this order I don't want them to be able to say a month later we never received your order. So I want the ability to have non repudiation and cryptography can guarantee all of these elements. Yes if you're going to vote online cryptography can make that vote secret. It can it can determine who sent the vote. It can also check that that vote is not tampered and it can check that that vote was indeed received and can be repudiated. All of these elements are very important. I was going to say that people have been discussing voting by internet lately a lot and it seems like a lot of the technical problems are really way beyond what we can handle right now. You know I mean we can't even stop viruses and junk e-mail how are we going to really make all these things happen it's just I think I think right now we're not at the stage where we can handle voting is just too huge a

problem. But the example that Simon Singh just gave does suggest that this is something that could indeed does touch people in many ways not just people who are doing something that requires a very high level of security in data transmission. It could effect anyone including people who shop for their books online at Amazon. Sure you send your credit card over the Internet. I mean the all these issues come up right away. When do we when you hit send on your browser when you type your credit card details the story that the browser automatically encrypt your your your information using a public key sends it to the dot com who then have the private key to unscramble it for use of one of the problems I think with security on the Internet is that although it is and it's pretty strong in virtually all cases because it's so invisible people have difficulty accepting that it can be strong. You know when we lock

our cars and we have electronic beeper we hear that beep and we know something clever is happening. But when we hit enter on our keyboard with we don't have that same reassurance that a complex scrambling algorithm is really protecting us. Well just a couple of moments ago here Professor Boston talked about the fact that while this does involve a very complicated mathematical formula we are getting better and better at being able to crack the code and I suppose if you were an experienced mathematician you have a supercomputer. Eventually you could do that. That raises the question Is it possible to develop an unbreakable code with. Well the I mean the the the math of it it's a I mean when I was talking earlier about one way operations you know you can slam the trunk door shop you can open it. The mathematical principle that's at the heart of many of these systems is that it's very easy to multiply two numbers to get a certain

number. So if I say it was 11 times 13 people can say well 10 13 is 130. So 11 13 one hundred forty three so they can do that for pretty quickly. But if I give you the results let's say the result is two hundred twenty one. There's no easy way to go backwards. Again you have this easy one way heart in the other way other direction. So you know that the answer is 13 times 17 which I can calculate very easily but if you know people have to think a while before they can go backwards and say the security of these many of these public key cryptosystems depends on using very large numbers multiply together and the larger the numbers the more secure the system. So if you are a codebreaker and you have a really powerful computer all I do is I just use bigger numbers and you build a bigger computer in 10 years time. I'll just use even bigger numbers so I don't think it's a conventional computing. I don't think we'll ever really catch up with this system. What

would be required is either a radically new way to factor numbers that's going backwards from multiplying or a radically new computer technology. I disagree slightly with that in that there are limitations sometimes on the power in the space that the device you want to use the cryptography with has and so you know you can't really keep lengthening the length of the key lens and the size of the integers that you're working with. If you want to use it in some you know limited environment and as a result for some of the companies that we're working with such as Motorola turning to other systems that use other problems where they can keep their key lengths short. It doesn't mean that RSA isn't going to keep being used whether is no limitation on key lands but but if you want handheld devices people want you know PDA is Palm Pilots whatever.

Then then they're not willing to. Have a huge handheld devices that require the sort of key length. Let me introduce Again our guest here for anyone who's tuned in the last little bit we're talking with Nigel Boston. He's here in the studio with me he's professor of math and I also director of the Illinois Center for cryptography and information protection. And on the telephone Simon Singh he's a journalist who specializes in writing about science and mathematics he's authored several books one of them is a history of code which is titled The Code Book and then his most recent is a companion to a series that he did for British television which is titled The science of secrecy that covers some of that same sort of information that's in the code book. And he's going to be here to talk about this very topic tomorrow on the campus. He'll be giving a talk on The Secret History of public key cryptography at 4:15 tomorrow afternoon at all the Guild Hall and room 314 So if you're interested in hearing that you can do that and questions here are welcome to in Champaign Urbana 3

3 3 9 4 5 5 toll free 800 to 2 2 9 4 5 5. Well I want to ask Simon Singh to give us a little thumbnail sketch of the history of public key cryptography. I guess it's my understanding that there are some competing claims as to who it is that actually did develop this from your kind of work that you've done. Who is responsible who who can we say come up with the idea of public key cryptography. Well I think the important thing to appreciate I think is that for 2000 years people thought this was impossible. People thought that you know if I'm a scramble of a message and send it to you I have to somehow get the key to you. And traditionally that meant employing a Korea to deliver it to you which is slow and expensive and and sort of risky if you can't trust the Korea to 2000 years nobody even tries to solve the problem. And then there are various sort of

papers that are published that sort of that kind of approach the problem tangentially but the first big breakthrough that hit the newspapers happened at Stanford three gentleman by the name of Whit Diffie Ralph Merkle and Marty Hellman. They came up with the concept of how you might solve this problem. And indeed three years later well I wouldn't say 1975 in 1977 three gentleman in Boston Ron Revestive R.D. Shamir and Len Adelman actually constructed the mathematical architecture that implemented the concept and it's their system RSA Rivette able Adelman. That's one of the very popular systems now. For 25 years people accepted this as the birth of crypto public key cryptography. But what emerged in 1997 what I was writing the book in fact was that in Britain

in America you have the National Security Agency the NSA which is responsible for the government code in code breaking. In Britain we have a organization called GC HQ. Government Communication Headquarters and they do the same thing. And it appears that in 1969 a chap called James Ellis came up with a concept about three or four years ahead of the Stanford trio. And in 1973 a young man by the name of Clifford Cox came up with RSA. But four years ahead of RSA Maronite a month. But because they work for a government agency they were forbidden to talk about their work or publish it. So these gentleman James Ellis. FIFA Coxon also Chaco Malcolm Williamson had made the greatest breakthrough in cryptography for size it is and yet they couldn't tell anybody what they done and then they had to watch as Whitfield defame Martin

Hellman and Ralph Merkle and RSA made their breakthroughs and so you have two powerful discoveries and we defeat who was involved in the American discovery actually match up with James and I think I think Whit Diffie more or less except the GTX he may have got there. But. The important thing to point out here that are worth mentioning one is that you know that although the Brits may have got there first. It was it was discovered independently in America. It was publicized here in America it was commercialized here and it hadn't been for the work of the American scientists and mathematicians of the Information Age may not have progressed as rapidly as it has done. So that's absolutely crucial. And then the second thing is that I was talking earlier about the ability to identify yourself and you describe sort of how you might use a public you know private key system to do to do that. Well it seems that GZ HQ had no appreciation of this aspect of their invention. So

again that concept really was born here in America and it is absolutely vital. You know if I go into a shop they recognise my face and I can establish trust with a handshake I can you know I can build up a relationship with that person. Similarly Cryptography by giving you digital signatures and so on can can do saying a similar sort of thing. People have never met. So again that's really a very very American discovery that GC HQ seem to have overlooked. You know it's interesting because a couple of years ago I interviewed would feel defeat and he wrote a book which I still hadn't when thinking about this interview I pulled down off the shelf and started looking at it and here he lays out the claim just to say he and the other guy at Stanford and this guy it was at UC Berkeley. Well you know Ralph Merkle was at Berkeley you know and he wanted to work on this problem of public. He said no I want to invent a system where you don't need to distribute cases. And his supervisor thought this was such a crazy idea.

Berkeley likes crazy ideas even too crazy for Berkeley. So he too had to move down to Stanford to join with Diffie and Martin Hellman. Well this book was published I think in 1988. So at that time then would defeat these other guys they didn't they didn't know anything about these British researchers they were working on the same stuff. What we did know because he was possibly a very select group of people who had been in full time. But he was forbidden to talk about it because this was still classified information. So when he submitted his manuscript probably in 1997 he couldn't write about it and pretty much when that book was published this knees began to emerge into the public realm. And so although he's been aware of it all the time he was unable to include it in that book. We were already at the midpoint of this part of focus 580 again your questions are welcome as we talk with Simon Singh. He's joining us by telephone lines of Boston here in studio with me. We're talking about public key cryptography and what it is and how it was developed and why

its important questions are welcome three three three. W I L L toll free 800 1:58. W well. You want to add anything to you. Well one thing I'd like to add is that this is not just the Simon Singhs link for full 15 tomorrow but he's also giving a lecture at 1:30 for school children ages about 10 to 18 in CSL rather than in Mount guilds and that's just southeast of the bagman Institute and school children and their teachers are welcome we have a number coming. And I think the still little room and also at 3 o'clock there's another person John Lawrence coming who has a fully operational German Enigma machine the TE's driving from Canada with him. Right now I believe and he's going to demonstrate to people to poke and prod it so that will also be in 314 gold before Simon's talk. And this is this this very famous Coke machine that was developed by the Germans and was used in World War 2 and eventually also West was cracked by a

group of British. Well the polls there was a poll. I mean Simon tells a story in his book a book that's right was the first person in fact this is what John Lawrence will be talking about at 3 o'clock. He's going to give a talk on how the polies Polish research written not sure how to pronounce his name was actually the person to make the first breakthrough. And then. His ideas within developed further by the British ship which we parked to defend against similar German Enigma machines and in fact when we went went when he was doing his work at the periscope break to write ASCII which is I think probably in the early thirties it was well before the outbreak of war. There were German cryptographers in Berlin saying the enigma is absolutely unbreakable it can never be broken it's Fasi formidable for any code break. And yet they didn't know that a few hundred miles away somebody had cracked it and so you know earlier on

what I was saying that RSA is pretty much on breakable and I'll build a bigger machine if you build a bigger machine. That could be somebody in Poland at this very moment somewhere in some somewhere else about it who knows something that I don't and many other people died you know we believe and say we we have a caller here. Why don't we talk with them in southeastern Illinois on our toll free line. Why number five. Hello This may be an impossible question and I made this beast allow your explanation has been explained to me on on the how are you going to have our our our sound one person can now Dicky to put something in and do encode and the other person. Are we assuming that there is only one encoding key and they say anybody who would be decoding would know that encoding key and if that's the case why do they need to be coding.

I mean about how much time I can shut off for a couple of analogies. So I want to send you a message. So if I don't catch a cold and I'm generally don't ask callers I want to give their names but it looks I'm going to call the bulb because in cryptography you tend to have two characters. Alison Bauld A and B. So I'm going to try to send you a message bald and I put the message in a box and I close the lid and I put a padlock on the ball not the padlock shot another. I can crippling it because I protected the message. And I send the book to you. Now the problem is you don't have the key to open the padlock. So this is an old key distribution problem right raising its head again. What you do is you take your padlock and snap that on the box too. So you now have a doubly padlocked box. You send the box back to me. I can take my padlock off now because I've got the key I've always had the key to my own padlock. I've now got a box with one message in it and one padlock and that's your padlock the one you

put in when I send it to you the first time around I'm going to send it back to you now. You've got a box with a padlock on it your padlock you can open it open the lid and now you can read the message. So this is a situation where two people you've never met have been able to have secure communications. The boss was always padlocked in transports and yet at the end of the day you were able to open the box and read the message or not the person bearing the be corroding narrow way and coding is there only one encoding key and the person knowing the beaker already know that and coding. OK let me give you another analogy that though that first analogy is just sort of says look these things strange things are possible things you might think are impossible seem to be possible. The way the system really works is is in a slightly different way. Now youre waiting for a message from May. So what you do is the following. You have a padlock and a key. And you put the key in your pocket you keep a secret you never show that to anybody. But the padlock you make a

thousand copies and you send them to every post office in America and these padlocks are open. OK now I want to send you a message I just go to the post office here in Manhattan and I say Can I have one of Bob's padlocks. I put the message in a box. I closed the lid and I snapped the padlock shot because anyone can snap a padlock shut you don't need a key for that. Then I send you the box and you've already got the key to unlock your own padlock. So hey you can say you've got a key which we're going to call the private K.. I've got something a padlock which so far we've been calling it the public but it is in the way I've just described it. It's more a padlock and the encoding. You know the how to encode and decode you know everything. But you've given other people the information required to encode. So I've got this padlock and I can use it to encode anything I want to send to you but I've got no idea how to open this padlock so I don't have the key. You never gave me that key.

And I don't even need to see this cable is all I'm ever doing is encrypting things to you if you ever want to encrypt something send it to me. You would go to your post office and say Can I have one assignments Pottle and then we could do it the other way as well. There does not desire help from my bank in other words the person who is receiving the message if necessary for the person sending the message to the AB The receivers padlock and he puts a user's red padlock in the padlock are all over the place. I mean everybody got a bad luck. That's if you can and bet if any of that box falls into somebody else's prions all they have is a padlock they don't have the key. That's when it's like a checkbook in a paying in book II. I don't care if I leave my paying in book lying around because that's not a secure job I don't care if somebody pays more money into my bank account. If it's the checkbook or the key that's the the the the really secure thing you have to look after. And. The other thing you said that was really important is

that it's to receive that doing all the work. You know so far in a few thousands of years people said well if if I'm sending you a message then I'm going to encrypt it I'm going to pick the key I'm going to do all the hard work. But what's happening here is that the receiver is actually doing a lot of the work and I'm not sure that I mean as wrong as I don't know the code but wrong absolutely to the receiver the receiver is promulgating both codes and where the sender is simply using the code that the receiver her fare has made available. That's right so if you buy something online you're not encrypting it with your code your encrypted with the dotcoms code and they obviously have the key to decode it at the other end. Right now anyone else would have would be the encoding key. Right that's right and if somebody I was a fan all they have is the encoding key that's there I mean that was I was saying earlier on that some people had that sort of approach

this idea even be full GC HQ and the people in Stanford and one of the ideas that I think developed at AT&T labs Bell Labs was that you and I you know were on the phone. Let's say you want to send me a message. What I could do and I could generate some random noise at my end and send that on the phone. Now I know what that random noise is I'm the receiver and I know what the run noises IC's I'm sending it down the line you send me your message which is hidden by all of this horrible random noise. But all I can tell you the noise off because I generated it to understand what you're actually saying OK I respect that this is a complicated Bender span but i 5 going to question then if he say it it seems fairly simple so why are extremely complicated mathematical formulas and if areas are simply to make the coding more difficult or is that that essential to the pound

set. Well the mathematics I explained earlier which was you know if you multiply number two numbers together and get a result. That's easy but it's very difficult to go backwards that's kind of pretty elementary. Yeah but the mathematics into very very simple I mean why are they complicated mathematics I mean I gathered. Right you were saying that extremely complicated mathematics were necessary. So what I was going to say was the that process of multiplying is easy going backwards is ha. Going backwards is there is no easy way to do it. It's absolutely impossible not impossible it's just the normally difficult to go backwards. So that's like a padlock that doesn't even have a key because nobody has any any ability to go back with easily. So you actually have to embed that idea within a larger concept. And then once you build that larger concept you have many other aspects you need to build into your crypto system such as

you know we all have to have our own private key. So how do you generate that private key we have to do that by generating some random numbers and finding a very large a couple of very large prime numbers you have to build in that sort of mathematical pod into the crypto system and and so on and so so. There were the there are many elements to building a complete system and I'm not going to be a big advocate of regular time but that brings up another question. Am I'm am I my understanding you to say now that they're different people would have different encoding keys that there's more than one encoding key that this one be coding to decode all of them. Oh no not if I was if I was setting up my public key and my private key I would only have one public key and one in coding and one day coding cake and everybody would have access to the encoding Katie I'm not sure that I quite said a second ago but I didn't mean to give give the the opposite impression.

Thank you I think our our mathematician here was itching to get in on this would you want to. Well I was just going to. The weather complicated mathematics comes in is not in applying the method the method is high school math. It's in trying to break the system as is often where it enters in trying to deduce the private key. Given the public key so is in trying to reverse that supposedly one way function there is transfer your question from before there is no known purrfect one way function but to actually reverse that supposedly one way function is where a lot of very advanced mathematics has come in. What does it make it that much. How much easier does it make it to try to determine the private key. If you know what the public key is well everybody knows what the public key is. OK so it really doesn't. It really doesn't help you very much. No no the the strength comes from the difficulty of the problem that you have to solve so like Simon says the difficult problem here in the most

common system RSA is to take a very large number which you know is a product of two small numbers and to deduce from that what the two smaller numbers are. You can take the two smaller numbers multiply them together that's take you a few few seconds maybe but to take some huge huge number I'm with. We're talking numbers you know 300 digit numbers maybe in current What's considering today considered secure for RSA and trying to factor those into two integers make it up that's that requires quite a lot of sophistication. I mean and I think Nigel is right that you if we could not download software for free off the Internet and use very large numbers let's say 300 pages long each to multiply them together to get 600 agent number. And I might I might be wrong on the numbers Nigel but it's something like

you know if you take all the computers in the world I run them for a billion years. They would not be able to fact a number say 600 digits long are they going to sort of the right sort of ballpark. Well currently people have been wrong in the past there was the RSA 129 challenge virus they put out a one hundred twenty nine digit number as a challenge on which some message was encrypted use it using that. And they they estimated that it would take however many trillion years before computing power would get to the point of being able to do it. But actually it took I can do the subtraction quickly enough but less than 20 years to to do that. Not because of advances in computing though that did help a little bit but more in advances in clever mathematical ideas. And so so yeah currently we can't. Factor of 600 digit number but but one of two things could happen the mathematics could advance to a level

where we can really fighting to larger numbers by being clever. And the second thing is quantum computers of course which is an area that actually this university just hired an expert in quantum computing is a budding chair in physics. Paul quipped and this is an exciting area that was just not equal in New York Times on that area. Well I'm glad though to hear that the human brain still is still affected here. Yeah. Yeah it still matters. It makes things quicker than computing advances. We have about 10 minutes left we have two guests here in studio with us. Nigel Boston He's director of the Illinois Center for cryptography and information protection. He's also associate professor of mathematics at University of Illinois joining us by telephone is Simon Singh he's a journalist who specializes in writing about science and math. He has a book that looks at the history of code which is titled The Code Book. So if you're interested in the subject you can seek that book out. And as we've mentioned a couple of times he will be talking

on the campus tomorrow and will try to give you the information again one more time near the end of the show. Questions are welcome 3 3 3 9 4 5 5 toll free 800 2 2 2 1 4 5 5. Let's talk with someone in Urbana here line 1. Hello. Yeah I don't quite. That sounds like you're saying if you if you take beginning number and multiply it by three and by them which are two prime you get the truth of all that you're not going to be able to get back at the original number by the dividing by 21. We're committed to me. But it's just line you started to see a slight miscommunication there. OK let me let me pose you a problem. If I if I say to you can you tell me why 11 times 15 is.

The answer in 61 I think 165 near enough. Eleven thousand fifteen hundred sixty five and there's a there's a way to do that you can. Or if I give you two five digit numbers you could type that into account today to hit multiply and tend to tell me the 10 digit results. But if I give you a 10 digit number there's nothing on your consolation that would take you backwards. The Nothing will not count dates that will say well these are the two numbers you need to multiply together to get this new number. Do you see what I mean. Yeah but. Well anyway the reason I called is because I remember reading about the young think Irish girl or a Flannery That's right that's right and and. That which one of which I thought was a peculiar story having to do with public opinion. Apparently she found some shit covered something.

But then I read later that her father with involved in policy. I was wondering what was the real story there. A. I've met Sarah Smith a father as well in fact I think it's just a sly misunderstanding what happened was she wrote a book with her father would let me go back another day she was. She entered a science competition for European scientists and she got a summer vacation job working with a cryptographic company an island called Baltimore Technologies I think. So she worked with this company and she was giving us a project to work on and she came up with some really clever ideas on cryptography so she entered this competition and she won the year but I think the European young scientist of the Year prize. So the work she did it was in collaboration atoll it was with the people of Baltimore. But then off to it she wrote a really nice book with her

father. So that's where the collaboration with her father and his was in the writing of this book and it's a lovely book called in code. It is partly about cryptography. But it's also about puzzles every day at the breakfast table. Father would give her a new puzzle to think about and she thinks about it during the day and in the evening even she'd sold the island so he explained what the outside walls it's about puddles and high puzzles can be used to inspire children with. And in spite of that mathematics and science and so on in the name of it with in code. That's why I and space. I think it's just being published here in America. Interestingly I also heard that you would going to give away her technique when looking for an economy or a new renumeration event. Yet you were in the past and it now is that if you hold that.

I think well actually will happen something. Clearly again the details are a little bit. But she then signed an era. In her own system a weakness in it. Which is really because normally you know I come up with a system and other people suddenly say look you made a mistake but you find errors in your own work. I think it's a it is really a terrific sign of somebody that really thinks deeply about what they're doing. Thanks. Well thank you. Let's go to Chicago for someone else your line for. Hello. Oh thank you. I magine the genome project is going to be one of our code to learn more about once it gets translated into understandable language and those who want to encrypt things can probably use it as a road map for traveling and then in direction they want regarding messages. What do you think about that. No I don't. Well one thing I was thinking there is

that when we do research it's almost like trying to decrypt the universe. I mean officially I've only been doing cryptography for a few years but I feel that my whole research life I've been doing cryptography because what are we trying to do with trying to deice decrypt this strange code such as the the genome project. And so in a sense we're all being cryptographers by being research as I said I suppose whether that can be used in practice. Well who knows I mean they take a few years ago they created the DNA computer. So I mean people have very inventive ideas I guess it remains to be seen. Thank you. Certainly there are entities that are concerned about unbreakable code governments like ours don't like this idea terribly well the idea that that individuals could exchange information and that no one could know what was in there. And I think that what they would

like government agencies like the National Security Agency they would like everybody to give them their private keys so that they could monitor communications and is this something that still a point of controversy. Well this is being debated a lot this is the idea of key escrow which is. I think in the end that we're going to win. I mean I quit with the general public and that you know so far we seem to be from my from what I see winning the war. I mean it's the idea that the analogy is that would you let the government have sort of the back door key to your house. You know so they can check on you. And they they claim that they need this to for surveillance and to fight crime. And well there's there's a big argument over it but just as in the past the government tried to restrict

cryptography and defi and Hellman and other people ran into the great problems and then the people of RSA and Phil Zimmermann and all these people have had problems with the government trying to to constrain what they were allowed to do but in time the the general public have won out. So it seems like the record is that they're fighting a losing battle on this I think and you'd like to add to that. Yeah. I generally agree with Nigel that the the the attitude that law enforcers have the right to have access to our messages is a fading one because it's also impractical I think for many years America try to ban the import it badly exports ory of strong encryption. So if I was in London and I bought some software from America it would not have strong encryption and not in particular ball that may because

I could get a patch off the internet that would make it strong or ultimately I might just buy a mile and I might buy from Sarah Flannery's company that it's going to be even more secure. So it was kind of pointless of America trying to ban that exports. And indeed last year I think they dropped that ban and they export American exports very strong encryption around the world. Apart from one or two countries that the disapproves of. So it's just impractical to do that sort of at all. There's a technique called steganography. So far we've been talking about hiding the meaning of a message steganography would and that's cryptography steganography is all about hiding its very existence. So the government bans me from using cryptography. Or if a government demands to see my keys then I will just hide my messages. And a government can then look at something that it can't even find in the first place. We're going to have to stop I'm sorry to say because we're here at the end of the time it's a fascinating subject Gary and I

just guess I'll mention one more time that our guest here Simon saying will be giving couple talks on the campus cracking codes and stealing secrets for elementary through high school students at 1:30 tomorrow at at CSL. Yes the building you see SNL the organization in CSL. OK. And then the secret history of public key cryptography all of Gail hall 314 tomorrow afternoon 4:15 and after that a book signing at the U of A bookstore 545 this is part of a celebration of 50 years of the coordinated science lab on the campus. Mr. Singh thank you thank you. And Nigel Boston thank you very much.