User Rating: 0 / 5

Star inactiveStar inactiveStar inactiveStar inactiveStar inactive

WWIVThat's right. This is not a typo. It is WWIV (as in World-War Four). What? You didn't know that WWIII was going on? Silly you. No, not really. WWIII was invisible to most people because it was waged by mathematicians and computer scientists in academic or "black project" settings.

What was WWIII? Oh. That's right. Sorry. WWIII was a traditional cryptographic war race. When a technology appears that will provide some sort of advantage to one side in a war, the other side develops countermeasures against it. But then in response the first side develops counter-countermeasures and then the opposition creates counter-counter-countermeasures and so on. The side who can keep ahead of the race wins.


Don't worry, we won't be getting into the details of this stuff, just the main idea. Modern cryptology is all about math. If you have a problem whose solution lacks a general theory that explains it, you are left with a brute-force approach only. This is, if don't know how it works, we can only calculate about it. And herein lays the strength of cryptography. If we make this problem sufficiently large (and we used it to obfuscate information), then the amount of time it would take for a set of super-computers to crack it exceeds the age of the universe. Basically, without the mathematical key used to create the problem in the first time, it cannot be solved.


Cryptography is nothing new since it was already in use ca 1900 BC. However, what changed and created WWIII was the massive ability of governments to intercept public, digital communications at will. Previously to the advent of the Internet, most regular communications were quite difficult to intercept since they were analogue. Yes, governments could and did open letters, tapped phones, inserted microphones and so on, but all these techniques were complicated, dangerous and above all, expensive. This was the age of security through obscurity. You knew that the government could -potentially- intercept all your communications, but it was extremely unlikely they would do so unless you drew their attention. This is no longer the case. Governments now routinely monitor and store all communications simply because they can. The technology which enabled this capability was digitalization. Once messages became digital they could and would run through the same lines and these lines could be tapped quite easily. Digitalization made possible the process of making untraceable copies of all communications at a massive scale at ludicrously low costs.


As governments began to do this, i.e. to develop a weapon that was being used against people, people responded by creating counter-measures. Essentially, a few brave researchers released strong cryptographic algorithms into the wild. One of such algorithms was known as PGP or Pretty Good Privacy (you can read all about it in Wikipedia). Once the cryptographic damn was breached, the flood began. All kinds of super-strong algorithms were made public and implemented in a large number of applications. Entire hard drives could now be made virtually snoop-proof. Point-to-point encrypted communication became viable. If you so wish, your entire digital life can be encrypted with no hope whatsoever of breaching your privacy. Governments can still intercept your communications but if they are fully encrypted, they can't know what's inside. It is not a judicial matter, it is a mathematical matter. A judge may demand from you to hand over your cryptographic keys, but if you refuse to do so, they are screwed no matter how many supercomputers they run in parallel.

To make matters worse, with the constant erosion of the so-called "privacy laws" (i.e. privacy against corporations but not governments), people have begun to become aware that there are many digital ears listening to our digital messages and that they are not friendly. More and more people are using encryption every day, even if they don't even know about it. For example, did you know that every time you use Google all your traffic between your PC to Google's servers is fully encrypted by default?


All this encryption is causing a gigantic head ache to governments because not only they have to deal with cheap (oftentimes free!) cryptography that they can't break, but the amount of people switching to it is growing alarmingly. Idiotic laws such as draconian so-called copyright regulations are pushing people to use VPN (Virtual Private Networks) in droves. The amount of encrypted traffic in the Internet is growing at the phenomenal rate of 23% per year (as per a study conducted by Cisco). This means that in approximately 10 years from today, 100% of the Internet will be encrypted. What this means in essence is that governments can intercept all they want but the only thing they will get is a pile of useless ones and zeros. Game over. People will win.


Much ink (and recycled electrons) has been used to speculate about the de-crypting capabilities of such organizations as GCHQ, NSA, MSS, ISI or the FSB, to name just a few. Many myths have been created but over time they have begun to lose their lustre. The biggest myth was that these organizations have managed (somehow) to find mathematical theories explaining how to reverse cryptographic algorithms. Basically, given any cryptext (i.e. and encrypted message) these people would be able to run it through a computer programmed with the general solution and this computer would spit out plaintext (i.e. the decrypted message) on the other side. No fuzz no mess.

Many of these myths have been fuelled by the spectacular arrests that police made all over the world of groups of people who believed they were anonymous and protected by strong cryptography when in reality they were not. A few examples:

  • The identification of people using Hidden Tor Services in USA (see Wired "FBI Admits It Controlled Tor Servers Behind Mass Malware Attack).
  • Arrests related to P2P networks "Share" and "Winny" in Japan (see Wikipedia).
  • LulzSec arrest related to the use of VPN (see Wikipedia)

And countless others.

This would seem indeed like "law enforcement agencies" have finally cracked cryptography and we are hopeless. Don't kid yourself. Nothing can be further from the truth. The reality is that in every single case the technicality of the arrest (and you must take a look at the technical details) is due to human error and never to an outright breach in cryptography. Most of the time is simple brute-force police work supported by warrants. Under pressure people talk and cooperate with the police. VPN owners disclose name and log communications. Programmers make gross coding mistakes leaving certain processes un-encrypted. People do not upgrade their vulnerable browsers and so on. Cryptography hasn't failed us, human fallibility did.


The proof that government agencies are increasingly desperate about cryptography comes from two sources. The most reliable of them is from the techies that worked inside such organizations and had the guts to go public. The most current "analyst" in so doing was Edward Snowden. They have all told us that cryptography is our best defense. Properly implemented cryptography is as bullet-proof as you can get. But there is more. Increasingly public "law enforcement agencies" have been requesting "permission" to hack encrypted networks such as Tor or I2P (see for example "DOJ Proposal on Law Enforcement Hacking Would Undermine Longstanding Check on Government Power" from the ACLU). They are so doing precisely because as they can't crack the cryptext thus they are trying to get around it but in order to so do, their only option is to hack user's PC so that the PC itself will provide its address hence de-anonymizing its user (see for example Police - Hacker Division).

They figure that if they can't crack cryptext they may try to ID its owner and retrieve it from the owner's PC as plaintext.

The lesson is quite simple. A properly implemented cryptographic system is your best digital defence. F&P This has effectively won WWIII for us, the people. True, skirmishes will continue to be fought and some battles will be lost but all in all we won.


But now a new disrupting technology has become commercially available: enter the quantum computer. A company in Canada called D-Wave Systems began selling quantum computers on May 11, 2011 (you may also search it in Wikipedia). This is the day WWIII ended and WWIV started (at least formally as if a WW could ever have exact dates).

Why is this so? Because a quantum computer is by definition a parallel processor. Whereby a normal computer deals with zeros or ones, a quantum computer deals with zeros and ones simultaneously! What this means is that very soon it will be possible to break any existing cryptographic code. As such, we all start from zero again. All our cryptext is now plaintext. We are naked in the eyes of governments. Worse. Governments have been accumulating our transmissions since as far back as the 60's and all those cryptexts will now be de-cryptable. All our secretes going back to the 60's will be known.

Note: please see the Glossary if you are unfamiliar with certain words.

Comments | Add yours
  • No comments found
English French German Italian Portuguese Russian Spanish
FacebookMySpaceTwitterDiggDeliciousStumbleuponGoogle BookmarksRedditNewsvineTechnoratiLinkedinMixxRSS FeedPinterest
Pin It