Security consequences of possible proof of Riemann’s hypothesis
Security consequences of possible proof of Riemann’s hypothesis
I’ll not resume the news here, it’s was widely done these days: [4], [5], [6], [7], [8] and [9]. There is the proof of the theorem [2] of Louis de Branges [3]
The problem is that we don’t know if his proof is right. Mathematicians have doubt if Louis de Branges is able to prove the hypothesis. It’ll take time to peer review the proof by the most important mathematicians of Riemann’s hypothesis. If finally the proof is counter verified and became true, it’ll probably take time to know the consequences of the proof and how to use it.
In the case that he is right and that we can find how to use the hypothesis to make many one-way functions with prime numbers not one-way anymore, what will be the consequences? For now, no one; in the future, probably many with asymmetric encryption algorithms. If the dream to prove this hypothesis comes true, you’ll can forget electronic commerce, certification, digital signatures, TCP/IP security, secure telephones, just to tell some. You’ll not be able to rely on public-key encryption anymore as a easy to use method for encrypted distant transmission. We’ll live a boom of “The new most secure ecommerce solution with our new full proof proprietary public-key encryption algorithm”. Think about it, it took thousands years and many brilliant ideas to be where we are now. Don’t think that it will take 2 weeks or 2 months to make a new leap in the field of public-key encryption. When we’ll find a solution, it’ll need months and years to analyse and harden algorithms.
There are some questions like: Why there is not enthusiasm for the discovery? Why the proof is not yet published for peer reviewing? Is this because other mathematicians of the field don’t want it confirmed? Is this because there is a price of 1 million in US dollars on the proof of this hypothesis? Is this because they get pressure by commerce and governmental agencies? There is too many questions, we’ll probably know the answer to these questions in a near or far future.
There are some of my reactions and toughs about what come up in the news:
From [4] it’s written: “Gartner research director Ray Wagner said recent flaws in encryption methodologies would take years of research to develop and exploit for, something hackers are less likely to do while other security flaws are easier to take advantage of.” Yeah sure but is there just hackers in the networked world? What about government? Industrial spies? Well funded terrorist groups? (Don’t forget, terrorists aren’t stupid, many have university studies being there necktie. This isn’t an argument to not take the possibility in count.
Always in [4] : “”This is one area where we can stay ahead of the thieves,” said Alan Canton, president of security consulting and software firm Adams-Blake Company. “It does not take nearly as long to come up with a new code or encryption methodology as it does to crack it.” Hummm, I think that Mr Canton needs to read The Code Book. Does he know how it took time to arrive where we are? Yeah, for the moment cryptographers are ahead of cryptanalysts. For how many time if the hypothesis is proved true? Refer to history Mr Canton, it can teach us many things sometimes, specially in the filed of cryptography.
Mr Canton also said: “”No matter what happens,” he added, “it will always be safer to enter your credit card in an e-commerce transaction than to give it to the waiter at the restaurant or to a mail-order company via phone.”” He is right, but I don’t think that he got the point. This is not only a problem of credit card number that travel plain text over the internet, but for the rest, for private communication over a cell phone, to keep our state secret safe of the view of other countries when they communicate. Really, plain text credit card number over the internet is probably on of my last worries. Why? Because the worse thing that can append if someone get my credit card number and buy something with it is that I’ll need to pay 50$CAN for my reclamation to Visa or MasterCard… what a deal!
Just another thing that I wish to point out: check the curriculum of this so-called president of security consulting and software firm. Check his publications, etc. Personally, I cannot find out where you can find his realisations as a security consultant. Therefore, you get his words for what it is. I just say this to remember you that it’s always interesting when you do research on what is said in an article. Be critic!
Come back with our sheep. What’s interesting with this piece of news is that if he is right, we’ll have work for the next years. If he is not then it remembers us that the possibility exists and that we need to get an eye on the situation. It’s not because his proof is wrong that his idea is.
It’s a privilege to have this piece of news. It’s essential to think about news like this. Is the proof of Louis de Branges true? Personally, I don’t care. I know that the possibility exist, it’s what I care of. It’s like UFO, do they come on earth with there flying saucers? For now, I don’t really care, but I know that the possibility exist and this is what make it really interesting. The possibility! Can international terrorism can shutdown our telephone systems by hacking them? The possibility exists. Will they be able to do it? If so, will they do it? It’s another question. What I know it’s that the possibility exist and that we need to take this in count when telephone corporations will build security policies and extend there networks, and try to build security systems. It’s what we care of.
There are the links to Louis de Branges’s website and proof.
[1]http://www.math.purdue.edu/~branges/
[2]http://www.math.purdue.edu/ftp_pub/branges/apology.pdf
There is an interesting article by Karl Sabbagh on the character of Louis de Branges:
[3]http://www.lrb.co.uk/v26/n14/sabb01_.html
There is the proof in the news:
[4]http://www.ecommercetimes.com/story/Mathematical-Solution-Might-Undermine-Data-Encryption-36427.html
[5]http://news.bbc.co.uk/2/hi/science/nature/3794813.stm
[6]http://www.guardian.co.uk/life/science/story/0,12996,1298812,00.html
[7]http://www.vnunet.com/news/1157891
[8]http://www.theaustralian.news.com.au/common/story_page/0,5744,10706836%255E30417,00.html
[9]http://timesofindia.indiatimes.com/articleshow/846888.cms
[10]http://www.math.columbia.edu/~woit/blog/archives/000035.html