Researchers have figured out a way to embed encryption into typed blocks of text on paper. Their secret weapon? Helvetica and Times New Roman. Fonts have been transformed into encryption tools. A new paper by a group of researchers at Columbia University details a method for making tiny changes to fonts that the human eye can’t detect but that look entirely different to a computer vision algorithm. A demo of the technology, dubbed “Fontcode,” shows how they were able to embed the secret message “Hello World!” into a paragraph taken from The Lord of the Rings.
The researchers use an algorithm from previous research that can slowly shift letter forms from one typeface to another to make tiny changes in the shape of every letter that the human eye can’t detect. That could make an “h” slightly thicker in the stem,” or the curve of a “j” slightly sharper.
Once they had these “perturbed” letters, the researchers could make 52 variations of each letter. Each of the 52 variations corresponds to every other lowercase and capital letter in the alphabet (and theoretically every numeral and punctuation mark as well). These 52 variations for each letter go into what the researchers call a “code book” that helps the computer match the perturbed letter it sees with the secret letter it’s encoding. Check it out:
Friends, first of all no encryption scheme is “unbreakable”; None. Its simply a function of time and effort. That being said, there is a computing revolution coming, although nobody knows exactly when. What are known as “quantum computers” will be substantially more powerful than the devices we use today, capable of performing many types of computation that are impossible on modern machines. But while faster computers are usually welcome, there are some computing operations that we currently rely on being hard (or slow) to perform.
Specifically, we rely on the fact that there are some codes that computers can’t break – or at least it would take them too long to break to be practical. Encryption algorithms scramble data into a form that renders it unintelligible to anyone that does not possess the necessary decryption key (normally a long string of random numbers). This is what lets us send information securely over the internet. But will quantum computers mean we can no longer create encryption techniques that can’t be broken?
For one system, known as symmetric encryption, quantum computing doesn’t pose much of a threat. To break symmetric encryption you need to work out which (of many) possible keys has been used, and trying all possible combinations would take an unimaginable amount of time. It turns out that a quantum computer can test all these keys out in one square root of the time it would take existing computers – in other words, slightly less time but not so dramatically that we need to worry. This, in part, is the reason we have been working hard on OTPSME; unbroken in over two years with over 6000 decryption attempts.
But for another type of encryption system, known as asymmetric or public-key encryption, it doesn’t look so good. Public-key systems are used for things like securing the data that comes through your web browser. They encrypt data using a key that is available to anyone but need another private key for decryption. Fortunately, we have already foreseen this pending disaster. Researchers across academia, government and industry are currently working hard to develop new public-key encryption techniques that rely on different, harder calculations that will be immune to the powers of a quantum computer. I am confident that these efforts will be successful, particularly since we already know some techniques that appear to work. By the time that quantum computers arrive, we will be ready. Below is a really good primer on Encryption in general as well as Quantum Encryption:
SOURCE – TheConversation.com
The NSA is worried about quantum computers. It warns that it “must act now” to ensure that encryption systems can’t be broken wide open by the new super-fast hardware. In a document outlining common concerns about the effects that quantum computing may have on national security and encryption of sensitive data, the NSA warns…
“public-key algorithms… are all vulnerable to attack by a sufficiently large quantum computer.”
Quantum computers can, theoretically, be so much faster because they take advantage of a quirk in quantum mechanics. While classical computers use bits in 0 or 1, quantum computers use “qubits” that can exist in 0, 1 or a superposition of the two. In turn, that allows it to work through possible solutions more quickly meaning they could crack encryption that normal computers can’t.
It’s unclear if any public encryption algorithms are quantum computer-proof. In the document, the NSA explains that “while a number of interesting quantum resistant public key algorithms have been proposed… nothing has been standardized… and NSA is not specifying any commercial quantum resistant standards at this time.” Instead, it suggests that companies and government departments concerned about the threat of quantum computing use one of a number of algorithms that don’t use a public key to encrypt data where possible. By the way, OTPSME is not a public-key encryption system.
SOURCE – Gizmodo.com
Federal investigative agencies like the FBI have long argued that encryption and other new technologies severely hamper their ability to spy on terrorists and other criminals, putting our safety at risk. A new report from Harvard debunks that “going dark” claim, concluding that the rise of network-connected devices will lead to more, not fewer, opportunities for surveillance. Harvard’s Berkman Center for Internet & Society convened a group of security and policy experts to explore questions of surveillance and encryption at a time when major tech companies like Apple and Google are encrypting their phones and other products by default. The 37-page report, released Monday, concludes that the feds’ “going dark” argument falls flat on its face.
FBI Director James Comey, in an October 2014 speech, argued that the law hasn’t kept pace with technologies, like encryption, that have become “the tool of choice for some very dangerous people.” What it means is this: Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism even with lawful authority,” Comey said. “We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.”
SOURCE – NBCNews.com
A free Android app for sending encrypted text messages was released today amid escalating privacy concerns that the NSA overstepped its authority in its capture of communications and may have worked to weaken encryption standards. Wickr’s announcement followed that of Silent Circle, which earlier this month began offering a similar free app for its subscribers. Both companies already had offered an iOS version of encrypted text-messaging, but now have added Android secure texting to the mix. Wickr’s Android texting app is free. The new apps could potentially propel encrypted texting to the mainstream, experts say. The new Android encrypted messaging services come on the heels of the shutdown of two encrypted email services — Lavabit, which closed its doors altogether, and Silent Circle, which dropped its Silent Mail service in the fallout from the Edward Snowden leaks about the NSA’s spying programs. Ladar Levison, owner and operator of encrypted email company Lavabit, said he shuttered his business after being faced with having “to become complicit in crimes against the American people,” a statement experts say indicates Lavabit may have been pressured to give up customer information or deal with an eavesdropping warrant by the feds. Does anyone remember the Villainous Voodoo commenting on this?
Nico Sell, CEO and co-founder of Wickr and r00tz, says Wickr agrees with Lavabit’s farewell message: Don’t trust any U.S. company with your personal information. “We agree completely. This is why we built Wickr to be a zero-knowledge system. We have no keys and no information,” Sell said in an email interview. “With this type of architecture, the U.S. is the best place to be to offer private communications to the world. It is also the best place to keep our servers.” Wickr anonymizes users’ contacts and can’t read the text messages or any content sent by the user. “Therefore, no criminal or rogue government can take them from us,” said Robert Statica, co-founder and CTO of Wickr, today in a blog post announcing the new Android service. “It is our commitment to keep our users communications between only them and the intended recipient.” Friends, as of this post, Wickr is still in beta but you should definitely check it out. You’ve been warned…
UPDATE – 09/19/13 – An interesting alternative to Wickr is ShazzleMail. Check it out…