18 Sep 2005

Analog Fortress

I read Digital Fortress the other day. The story is gripping and even touching, but Dan doesn't know a thing about cryptography, and little about computers. Here are some corrections:

1) Time is proportional to key length ^ 2:
The book talks of keys 10k bits long, a million, and a billion. That's a joke. Nobody uses keys that long. At the claimed brute-forcing speed of 100 billion keys per hour, to try about all 2^10K values of a 10K bit key, it takes 2.27e+2992 millenia! By then the sun would have burnt out.

2) So Brute force doesn't work. NSA-proof encryption programs are a dime a dozen.

3) ZIP, AFAIK, is a compression/archiving format, not an encryption format.

4)You can't beat remailers the way the novel describes. Sure you can mail the mystery recipient a program, but he wouldn't be dumb enough to run it for you.

5)NSA uses Pascal? Ho ho ho! (Nobody uses it anymore, not even universities.)

6)You don't "upload" firewalls. Uploading means saving a file to a server (generally a web or FTP server). You run a firewall, or launch it, or execute it, or deploy it; not upload it.

7)Virus infection doesn't happen when you try to crack an encrypted file by brute force; it happens only when you run an unknown program.

8)If the machine was a quantum computer, it could try all keys simultaneously, so why does it take so long?

9)The trick of encrypting Digital Fortress with itself doesn't work. Sure you could do it, but nobody will be able to decrypt it even he had the key, because there's no decrypting program available. The analogy with the safe is flawed - a safe needs only a key combination to open, whereas decryption requires not only a key but also a decrypting program.

If there was a decrypting program available in unencrypted form, it could be reverse-engineered and the secret algorithm would probably be revealed.

Dan needs to take a CS101 course before he writes any more computing-related novels.

1 comment:

  1. Shankar11:50 pm

    Read the same book. Called Fictional License my dear friend

    ReplyDelete