American mathematician
POPULARITY
2 episodes with peter shor
2 episodes with peter shor
Here are my 100 interesting things to learn about cryptography: For a 128-bit encryption key, there are 340 billion billion billion billion possible keys. [Calc: 2**128/(1e9**4)] For a 256-bit encryption key, there are 115,792 billion billion billion billion billion billion billion billion possible keys. [Calc: 2**256/(1e9**8)] To crack a 128-bit encryption with brute force using a cracker running at 1 Teracracks/second, will take — on average — 5 million million million years to crack. Tera is 1,000 billion. [Calc: 2**128/100e9/2/60/60/24/365/(1e6**3)] For a 256-bit key this is 1,835 million million million million million million million million million years. For the brute force cracking of a 35-bit key symmetric key (such as AES), you only need to pay for the boiling of a teaspoon of energy. For a 50-bit key, you just need to have enough money to pay to boil the water for a shower. For a 90-bit symmetric key, you would need the energy to boil a sea, and for a 105-bit symmetric key, you need the energy to boil and ocean. For a 128-bit key, there just isn't enough water on the planet to boil for that. Ref: here. With symmetric key encryption, anything below 72 bits is relatively inexpensive to crack with brute force. One of the first symmetric key encryption methods was the LUCIFER cipher and was created by Horst Feistel at IBM. It was further developed into the DES encryption method. Many, at the time of the adoption of DES, felt that its 56-bit key was too small to be secure and that the NSA had a role in limiting them. With a block cipher, we only have to deal with a fixed size of blocks. DES and 3DES use a 64-bit (eight-byte) block size, and AES uses a 128-bit block size (16 bytes). With symmetric key methods, we either have block ciphers, such as DES, AES CBC and AES ECB, or stream ciphers, such as ChaCha20 and RC4. In order to enhance security, AES has a number of rounds where parts of the key are applied. With 128-bit AES we have 10 rounds, and 14 rounds for 256-bit AES. In AES, we use an S-box to scramble the bytes, and which is applied for each round. When decrypting, we have the inverse of the S-box used in the encrypting process. A salt/nonce or Initialisation Vector (IV) is used with an encryption key in order to change the ciphertext for the same given input. Stream ciphers are generally much faster than block cipers, and can generally be processed in parallel. With the Diffie-Hellman method. Bob creates x and shares g^x (mod p), and Alice creates y, and shares g^y (mod p). The shared key is g^{xy} (mod p). Ralph Merkle — the boy genius — submitted a patent on 5 Sept 1979 and which outlined the Merkle hash. This is used to create a block hash. Ralph Merkle's PhD supervisor was Martin Hellman (famous as the co-creator of the Diffie-Hellman method). Adi Shamir defines a secret share method, and which defines a mathematical equation with the sharing of (x,y), and where a constant value in the equation is the secret. With Shamir Secret Shares (SSS), for a quadratic equation of y=x²+5x+6, the secret is 6. We can share three points at x=1, x=2 and y=3, and which gives y=12, y=20, and y=20, respectively. With the points of (1,12), (2,20), and (3,20), we can recover the value of 6. Adi Shamir broke the Merkle-Hellman knapsack method at a live event at a rump session of a conference. With secret shares, with the highest polynomial power of n, we need n+1 points to come together to regenerate the secret. For example, y=2x+5 needs two points to come together, while y=x²+15x+4 needs three points. The first usable public key method was RSA — and created by Rivest, Shamir and Adleman. It was first published in 1979 and defined in the RSA patent entitled “Cryptographic Communications System and Method”. In public key encryption, we use the public key to encrypt data and the private key to decrypt it. In digital signing, we use the private key to sign a hash and create a digital signature, and then the associated public key to verify the signature. Len Adleman — the “A” in the RSA method — thought that the RSA paper would be one of the least significant papers he would ever publish. The RSA method came to Ron Rivest while he slept on a couch. Martin Gardner published information on the RSA method in his Scientific American article. Initially, there were 4,000 requests for the paper (which rose to 7,000), and it took until December 1977 for them to be posted. The security of RSA is based on the multiplication of two random prime numbers (p and q) to give a public modulus (N). The difficulty of RSA is the difficulty in factorizing this modulus. Once factorized, it is easy to decrypt a ciphertext that has been encrypted using the related modulus. In RSA, we have a public key of (e,N) and a private key of (d,N). e is the public exponent and d is the private exponent. The public exponent is normally set at 65,537. The binary value of 65,537 is 10000000000000001 — this number is efficient in producing ciphertext in RSA. In RSA, the ciphertext is computed from a message of M as C=M^e (mod N), and is decrypted with M=C^d (mod N). We compute the the private exponent (d) from the inverse of the public exponent (e) modulus PHI, and where PHI is (p-1)*(q-1). If we can determine p and q, we can compute PHI. Anything below a 738-bit public modulus is relatively inexpensive to crack for RSA. To crack 2K RSA at the current time, we would need the energy to boil ever ocean on the planet to break it. RSA requires padding is required for security. A popular method has been PCKS#1v1.5 — but this is not provably secure and is susceptible to Bleichenbacher's attack. An improved method is Optimal Asymmetric Encryption Padding (OAEP) and was defined by Bellare and Rogaway and standardized in PKCS#1 v2. The main entity contained in a digital certificate is the public key of a named entity. This is either an RSA or an Elliptic Curve key. A digital certificate is signed with the private key of a trusted entity — Trent. The public key of Trent is then used to prove the integrity and trust of the associated public key. For an elliptic curve of y²=x³+ax+b (mod p), not every (x,y) point is possible. The total number of points is defined as the order (n). ECC (Elliptic Curve Cryptography) was invented by Neal Koblitz and Victor S. Miller in 1985. Elliptic curve cryptography algorithms did not take off until 2004. In ECC, the public key is a point on the elliptic curve. For secp256k1, we have a 256-bit private key and a 512-bit (x,y) point for the public key. A “04” in the public key is an uncompressed public key, and “02” and “03” are compressed versions with only the x-co-ordinate and whether the y coordinate is odd or even. Satoshi selected the secp256k1 curve for Bitcoin, and which gives the equivalent of 128-bit security. The secp256k1 curve uses the mapping of y²=x³ + 7 (mod p), and is known as a Short Weierstrass (“Vier-strass”) curve. The prime number used with secp256k1 is 2²⁵⁶-2³²-2⁹-2⁸-2⁷-2⁶-2⁴-1. An uncompressed secp256k1 public key has 512 bits and is an (x,y) point on the curve. The point starts with a “04”. A compressed secp256k1 public key only stores the x-co-ordinate value and whether the y coordinate is odd or even. It starts with a “02” if the y-co-ordinate is even; otherwise, it starts with a “03”. In computing the public key in ECC of a.G, we use the Montgomery multiplication method and which was created by Peter Montgomery in 1985, in a paper entitled, “Modular Multiplication without Trial Division.” Elliptic Curve methods use two basic operations: point address (P+Q) and point doubling (2.P). These can be combined to provide the scalar operation of a.G. In 1999, Don Johnson Alfred Menezes published a classic paper on “The Elliptic Curve Digital Signature Algorithm (ECDSA)”. It was based on the DSA (Digital Signature Algorithm) — created by David W. Kravitz in a patent which was assigned to the US. ECDSA is a digital signature method and requires a random nonce value (k), and which should never be reused or repeated. ECDSA is an elliptic curve conversion of the DSA signature method. Digital signatures are defined in FIPS (Federal Information Processing Standard) 186–5. NIST approved the Rijndael method (led by Joan Daemen and Vincent Rijmen) for Advanced Encryption Standard (AES). Other contenders included Serpent (led by Ross Anderson), TwoFish (led by Bruce Schneier), MARS (led by IBM), and RC6 (led by Ron Rivest). ChaCha20 is a stream cipher that is based on Salsa20 and developed by Daniel J. Bernstein. MD5 has a 128-bit hash, SHA-1 has 160 bits and SHA-256 has 256-bits. It is relatively easy to create a hash collision with MD5. Google showed that it was possible to create a signature collision for a document with SHA-1. It is highly unlikely to get a hash collision for SHA-256. In 2015, NIST defined SHA-3 as a standard, and which was built on the Keccak hashing family — and which used a different method to SHA-2. The Keccak hash family uses a sponge function and was created by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche and standardized by NIST in August 2015 as SHA-3. Hash functions such as MD5, SHA-1 and SHA-256 have a fixed hash length, whereas an eXtendable-Output Function (XOF) produces a bit string that can be of any length. Examples are SHAKE128, SHAKE256, BLAKE2XB and BLAKE2XS. BLAKE 3 is the fastest cryptographically secure hashing method and was created by Jack O'Connor, Jean-Philippe Aumasson, Samuel Neves, and Zooko Wilcox-O'Hearn. Hashing methods can be slowed down with a number of rounds. These slower hashing methods include Bcrypt, PBKDF2 and scrypt. Argon 2 uses methods to try and break GPU cracking, such as using a given amount of memory and defining the CPU utlization. To speed up the operation of the SHA-3 hash, the team reduced the security of the method and reduce the number of rounds. The result is the 12 Kangaroo's hashing method. The number of rounds was reduced from 24 to 12 (with a security level of around 128 bits). Integrated Encryption Scheme (IES) is a hybrid encryption scheme which allows Alice to get Bob's public key and then generate an encryption key based on this public key, and she will use her private key to recover the symmetric. With ECIES, we use elliptic curve methods for the public key part. A MAC (Message Authentication Code) uses a symmetric key to sign a hash, and where Bob and Alice share the same secret key. The most popular method is HMAC (hash-based message authentication code). The AES block cipher can be converted into a stream cipher using modes such as GCM (Galois Counter Mode) and CCM (counter with cipher block chaining message authentication code; counter with CBC-MAC). A MAC is added to a symmetric key method in order to stop the ciphertext from being attacked by flipping bits. GCM does not have a MAC, and is thus susceptible to this attack. CCM is more secure, as it contains a MAC. With symmetric key encryption, we must remove the encryption keys in the reverse order they were applied. Commutative encryption overcomes this by allowing the keys to be removed in any order. It is estimated that Bitcoin miners consume 17.05 GW of electrical power per day and 149.46 TWh per year. A KDF (Key Derivation Function) is used to convert a passphrase or secret into an encryption key. The most popular methods are HKDF, PBKDF2 and Bcrypt. RSA, ECC and Discrete Log methods will all be cracked by quantum computers using Shor's algorithm Lattice methods represent bit values as polynomial values, such as 1001 is x³+1 as a polynomial. Taher Elgamal — the sole inventor of the ElGamal encryption method — and Paul Koche were the creators of SSL, and developed it for the Netscape browser. David Chaum is considered as a founder of electronic payments and, in 1983, created ECASH, along with publishing a paper on “Blind signatures for untraceable payments”. Satoshi Nakamoto worked with Hal Finney on the first versions of Bitcoin, and which were created for a Microsoft Windows environment. Blockchains can either be permissioned (requiring rights to access the blockchain) or permissionless (open to anyone to use). Bitcoin and Ethereum are the two most popular permissionless blockchains, and Hyperledger is the most popular permissioned ledger. In 1992, Eric Hughes, Timothy May, and John Gilmore set up the cypherpunk movement and defined, “We the Cypherpunks are dedicated to building anonymous systems. We are defending our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money.” In Bitcoin and Ethereum, a private key (x) is converted to a public key with x.G, and where G is the base point on the secp256k1 curve. Ethereum was first conceived in 2013 by Vitalik Buterin, Gavin Wood, Charles Hoskinson, Anthony Di Iorio and Joseph Lubin. It introduced smaller blocks, improved proof of work, and smart contracts. NI-ZKPs involves a prover (Peggy), a verifier (Victor) and a witness (Wendy) and were first defined by Manuel Blum, Paul Feldman, and Silvio Micali in their paper entitled “Non-interactive zero-knowledge and its applications”. Popular ZKP methods include ZK-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) and ZK-STARKs (Zero-Knowledge Scalable Transparent Argument of Knowledge). Bitcoin and Ethereum are pseudo-anonymised, and where the sender and recipient of a transaction, and its value, can be traced. Privacy coins enable anonymous transactions. These include Zcash and Monero. In 1992, David Chaum and Torben Pryds Pedersen published “Wallet databases with observers,” and outlined a method of shielding the details of a monetary transaction. In 1992, Adi Shamir (the “S” in RSA) published a paper on “How to share a secret” in the Communications of the ACM. This supported the splitting of a secret into a number of shares (n) and where a threshold value (t) could be defined for the minimum number of shares that need to be brought back together to reveal the secret. These are known as Shamir Secret Shares (SSS). In 1991, Torbin P Pedersen published a paper entitled “Non-interactive and information-theoretic secure verifiable secret sharing” — and which is now known as Pedersen Commitment. This is where we produce our commitment and then show the message that matches the commitment. Distributed Key Generation (DKG) methods allow a private key to be shared by a number of trusted nodes. These nodes can then sign for a part of the ECDSA signature by producing a partial signature with these shares of the key. Not all blockchains use ECDSA. The IOTA blockchain uses the EdDSA signature, and which uses Curve 25519. This is a more lightweight signature version and has better support for signature aggregation. It uses Twisted Edwards Curves. The core signing method used in EdDSA is based on the Schnorr signature scheme and which was created by Claus Schnorr in 1989. This was patented as a “Method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system”. The patent ran out in 2008. Curve 25519 uses the prime number of 2²⁵⁵-19 and was created by Daniel J. Bernstein. Peter Shor defined that elliptic curve methods can be broken with quantum computers. To overcome the cracking of the ECDSA signature from quantum computers, NIST are standardising a number of methods. At present, this focuses on CRYSTALS-Dilithium, and which is a lattice cryptography method. Bulletproofs were created in 2017 by Stanford's Applied Cryptography Group (ACG). They define a zero-knowledge proof as where a value can be checked to see it lies within a given range. The name “bulletproofs” is defined as they are short, like a bullet, and with bulletproof security assumptions. Homomorphic encryption methods allow for the processing of encrypted values using arithmetic operations. A public key is used to encrypt the data, and which can then be processed using an arithmetic circuit on the encrypted data. The owner of the associated private key can then decrypt the result. Some traditional public key methods enable partial homomorphic encryption. RSA and ElGamal allow for multiplication and division, whilst Pailier allows for homomorphic addition and subtraction. Full homomorphic encryption (FHE) supports all of the arithmetic operations and includes Fan-Vercauteren (FV) and BFV (Brakerski/Fan-Vercauteren) for integer operations and HEAAN (Homomorphic Encryption for Arithmetic of Approximate Numbers) for floating point operations. Most of the Full Homomorphic encryption methods use lattice cryptography. Some blockchain applications use Barreto-Lynn-Scott (BLS) curves which are pairing-friendly. They can be used to implement Bilinear groups and which are a triplet of groups (G1, G2 and GT), so that we can implement a function e() such that e(g1^x,g2^y)=gT^{xy}. Pairing-based cryptography is used in ZKPs. The main BLS curves used are BLS12–381, BLS12–446, BLS12–455, BLS12–638 and BLS24–477. An accumulator can be used for zero-knowledge proof of knowledge, such as using a BLS curve to create to add and remove proof of knowledge. Metamask is one of the most widely used blockchain wallets and can integrate into many blockchains. Most wallets generate the seed from the operating system and where the browser can use the Crypto.getRandomValues function, and compatible with most browsers. With a Verifiable Delay Function (VDF), we can prove that a given amount of work has been done by a prover (Peggy). A verifier (Victor) can then send the prover a proof value and compute a result which verifies the work has been done, with the verifier not needing to do the work but can still prove the work has been done. A Physical Unclonable Functions (PUFs) is a one-way function which creates a unique signature pattern based on the inherent delays within the wires and transistors. This can be used to link a device to an NFT.
So, here's my Top 100 snippets of knowledge for blockchain: Blockchains use public key methods to integrate digital trust. Bob signs for a transaction with his private key, and Alice proves this with Bob's public key. The first usable public key method was RSA — and created by Rivest, Shamir and Adleman. It was first published in 1979 and defined in the RSA patent entitled “Cryptographic Communications System and Method”. Blockchains can either be permissioned (requiring rights to access the blockchain) or permissionless (open to anyone to use). Bitcoin and Ethereum are the two most popular permissionless blockchains, and Hyperledger is the most popular permissioned ledger. Ralph Merkle — the boy genius — submitted a patent on 5 Sept 1979 and which outlined the Merkle hash. This is used to create a block hash. Ralph Merkle's PhD supervisor was Martin Hellman (famous as the co-creator of the Diffie-Hellman method). David Chaum is considered as founders of electronic payments, and, in 1983, created ECASH, along with publishing a paper on “Blind signatures for untraceable payments”. Miners gather transactions on a regular basis, and these are added to a block and where each block has a Merkle hash. The first block on a blockchain does not have any previous blocks — and is named the genesis block. Blocks are bound in a chain, and where the previous, current and next block hashes are bound into the block. This makes the transactions in the block immutable. Satoshi Nakamoto worked with Hal Finney on the first versions of Bitcoin, and which were created for a Microsoft Windows environment. Craig Steven Wright has claimed that he is Satoshi Nakamoto, but this claim has never been verified. Most blockchains use elliptic curve cryptography — a method which was created independently by Neal Koblitz and Victor S. Miller in 1985. Elliptic curve cryptography algorithms did not take off until 2004. Satoshi selected the secp256k1 curve for Bitcoin, and which gives the equivalent of 128-bit security. The secp256k1 curve uses the mapping of y²=x³ + 7 (mod p), and is known as a Short Weierstrass (“Vier-strass”) curve. The prime number used with secp256k1 is ²²⁵⁶−²³²−²⁹−²⁸−²⁷−²⁶−²⁴−1. Satoshi published a 9-page paper entitled “Bitcoin: A Peer-to-Peer Electronic Cash System” White Paper on 31 Oct 31, 2008. In 1997, Adam Black introduce the concept of Proof of Work of Hashcash in a paper entitled, “Hashcash — a denial of service countermeasure.” This work was used by Satoshi in his whitepaper. Satoshi focused on: a decentralized system, and a consensus model and addressed areas of double-spend, Sybil attacks and Eve-in-the-middle. The Sybil attack is where an adversary can take over the general consensus of a network — and leads to a 51% attack, and where the adversary manages to control 51% or more of the consensus infrastructure. Satoshi used UK spelling in his correspondence, such as using the spelling of “honour”. The first Bitcoin block was minted on 3 Jan 2009 and contained a message of “Chancellor on brink of second bailout for banks” (the headline from The Times, as published in London on that day). On 12 Jan 2009, Satoshi sent the first Bitcoin transaction of 50 BTC to Hal Finney [here]. A new block is created every 7–10 minutes on Bitcoin. In Aug 2023, the total Bitcoin blockchain size is 502 GB. As of Aug 2023, the top three cryptocurrencies are Bitcoin, Ether, and Tether. Bitcoin has a capitalization of $512 billion, Ether with $222 billion, and Tether at $83 billion. The total cryptocurrency capitalisation is $1.17 trillion. The original block size was 1MB for Bitcoin, but recently upgraded to support a 1.5MB block — and has around 3,000 transactions. Currently the block sizes are more than 1.7MB. Bitcoin uses a gossip protocol — named the Lightning Protocol — to propagate transactions. A Bitcoin wallet is created from a random seed value. This seed value is then used to create the 256-bit secp256k1 private key. A wallet seed can be converted into a mnemonic format using BIP39, and which uses 12 common words. This is a deterministic key, and which allows the regeneration of the original key in the correct form. BIP39 allows for the conversion of the key to a number of languages, including English, French and Italian. A private key in a wallet is stored in a Wif format, and which is a Base58 version of the 256-bit private key. The main source code for the Bitcoin blockchain is held at https://github.com/bitcoin, and is known as Bitcoin core. This is used to create nodes, store coins, and transactions with other nodes on the Bitcoin network. A 256-bit private key has 115,792 billion billion billion billion billion billion billion billion different keys. A public Bitcoin ID uses Base58 and has a limited character set of ‘123456789ABCDEFGHJKLMN PQRSTUVWXYZabcdefghijkmno pqrstuvwxyz', where we delete ‘0' (zero), ‘l' (lowercase ‘l'), and ‘I' (capital I) — as this can be interpreted as another character. In Bitcoin and Ethereum, a private key (x) is converted to a public key with x.G, and where G is the base point on the secp256k1 curve. An uncompressed secp256k1 public key has 512 bits and is an (x,y) point on the curve. The point starts with a “04”. A compressed secp256k1 public key only stores the x-co-ordinate value and whether the y coordinate is odd or even. It starts with a “02” if the y-co-ordinate is even, otherwise it starts with a “03”. In 1992, Eric Hughes, Timothy May, and John Gilmore set up the cypherpunk movement and defined, “We the Cypherpunks are dedicated to building anonymous systems. We are defending our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money.” In Ethereum, the public key is used as the identity of a user (a.G), and is defined as a hexademical value. In Bitcoin, the public ID is created from a SHA256 hash of the public key, and then a RIPEMD160 of this, and then covered to Base58. In computing the public key in ECC of a.G, we use the Montgomery multiplication method and which was created by Peter Montgomery in 1985, in a paper entitled, “Modular Multiplication without Trial Division.” Elliptic Curve methods use two basic operations: point address (P+G) and point doubling (2.P). These can be combined to provide the scalar operation of a.G. In 1999, Don Johnson Alfred Menezes published a classic paper on “The Elliptic Curve Digital Signature Algorithm (ECDSA)”. It was based on the DSA (Digital Signature Algorithm) — created by David W. Kravitz in a patent which was assigned to the US. The core signature used in Bitcoin and Ethereum is ECDSA (Elliptic Curve Digital Signature Algorithm), and which uses a random nonce for each signature. The nonce value should never repeat or be revealed. Ethereum was first conceived in 2013 by Vitalik Buterin, Gavin Wood, Charles Hoskinson, Anthony Di Iorio and Joseph Lubin. It introduced smaller blocks, an improved proof of work, and smart contracts. Bitcoin is seen as a first-generation blockchain, and Ethereum as a second-generation. These have been followed by third-generation blockchains, such as IOTA, Cardano and Polkadot — and which have improved consensus mechanisms. Bitcoin uses a consensus mechanism which is based on Proof-of-Work, and where miners focus on finding a block hash that has a number of leading “0”s. The difficulty of the mining is defined by the hashing rate. At the current time, this is around 424 million TH/s. There are around 733,000 unique Bitcoin addresses being used. Satoshi defined a reward to miners for finding the required hash. This was initially set at 50 BTC, but was set to half at regular intervals. On 11 January 2021, it dropped from 12.5 BTC to 6.2 BTC. Bitcoin currently consumes around 16.27 GWatts of power each year to produce a consensus — equivalent to the power consumed by a small country. In creating bitcoins, Satoshi created a P2PKH (Pay to Public Key Hash) address. These addresses are used to identify the wallet to be paid and links to the public key of the owner. These addresses start with a ‘1'. In order to support the sending of bitcoins to and from multiple addresses, Bitcoin was upgraded with SegWit (defined in BIP141). The wallet address then integrates the pay-to-witness public key hash (Pay to script hash — P2SH). These addresses start with a ‘3'. Ethereum uses miners to undertake work for changing a state and running a smart contract. They are paid in “gas” or Ether and which relates to the amount of computation conducted. This limits denial of service attacks on the network and focuses developers on creating efficient code. Ethereum supports the creation of cryptocurrency assets with ERC20 tokens — and which are FT (Fungible Tokens). For normal crypto tokens (ERC-20) we use, there is a finite number of these, and each of these is the same. Ethereum creates NFTs (Non-Fungible Tokens) with ERC721 tokens. We mint these each time and each is unique. Solidity is the programming language used in Ethereum, while Hyperledger can use Golang, Node.js and Java. For Ethereum, we compile Solidity code into EVM (Ethereum Virtual Machine) code. This is executed on the blockchain. Blockchain uses the SHA-256 hash for transaction integrity. Ethereum uses the Keccak hash is used to define the integrity of a transaction. This is based on SHA-3, and differs slightly from Keccak. The Keccak hash family uses a sponge function and was created by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, and standardized by NIST in August 2015 as SHA-3. The DAO is a decentralized autonomous organization (DAO) for the Ethereum blockchain and was launched in 2016. In 2016, DAO raised $150 million through a token sale but was hacked and funds were stolen. This resulted in a forking of the blockchain: Ethereum and Ethereum Classic. Non-interactive Zero Knowledge Proofs (NI-ZKP) allow an entity to prove that they have knowledge of something — without revealing it. A typical secret is the ownership of a private key. NI-ZKPs involve a prover (Peggy), a verifier (Victor) and a witness (Wendy) and were first defined by Manuel Blum, Paul Feldman, and Silvio Micali in their paper entitled, “Non-interactive zero-knowledge and its applications”. Popular ZKP methods include ZK-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) and ZK-STARKs (Zero-Knowledge Scalable Transparent Argument of Knowledge). Bitcoin and Ethereum are pseudo-anonymised, and where the sender and recipient of a transaction, and its value, can be traced. Privacy coins enable anonymous transactions. These include Zcash and Monero. In 1992, David Chaum and Torben Pryds Pedersen published “Wallet databases with observers,” and outlined a method of shielding the details of a monetary transaction. In 1992, Adi Shamir (the “S” in RSA) published a paper on “How to share a secret” in the Communications of the ACM. This supported the splitting of a secret into a number of shares (n) and where a threshold value (t) could be defined for the minimum number of shares that need to be brought back together to reveal the secret. These are known as Shamir Secret Shares (SSS). In 1991, Torbin P Pedersen published a paper entitled “Non-interactive and information-theoretic secure verifiable secret sharing” — and which is now known as Pedersen Commitment. This is where we produce our commitment and then show the message that matches the commitment. Distributed Key Generation (DKG) methods allow a private key to be shared by a number of trusted nodes. These nodes can then sign for a part of the ECDSA signature by producing a partial signature with these shares of the key. Not all blockchains use ECDSA. The IOTA blockchain uses the EdDSA signature, and which uses Curve 25519. This is a more lightweight signature version, and has better support for signature aggregation. It uses Twisted Edwards Curves. The core signing method used in EdDSA is based on the Schnorr signature scheme and which was created by Claus Schnorr in 1989. This was patented as, a “Method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system”. The patent ran out in 2008. Curve 25519 uses the prime number of ²²⁵⁵-19 and was created by Daniel J. Bernstein. Peter Shor defined that elliptic curve methods can be broken with quantum computers. To overcome the cracking of the ECDSA signature from quantum computers, NIST are standardising a number of methods. At present, this focuses on CRYSTALS-Dilithium, and which is a lattice cryptography method. Bulletproofs were created in 2017 by Stanford's Applied Cryptography Group (ACG). They define a zero-knowledge proof as where a value can be checked to see it lies within a given range. The name of “bulletproofs” is defined as they are short, like a bullet, and with bulletproof security assumptions. While Bitcoin can take up to 7–10 minutes to mine a new block and create a consensus, newer blockchains, such as IOTA, can give an almost instantaneous consensus. Banks around the world are investigating CBDC (Central Bank Digital Currency) and which is not a cryptocurrency but a way to quickly define a consensus on a transaction. Homomorphic encryption methods allow for the processing of encrypted values using arithmetic operations. A public key is used to encrypt the data, and which can then be processed using an arithmetic circuit on the encrypted data. The owner of the associated private key can then decrypt the result. Some traditional public key methods enable partial homomorphic encryption. RSA and ElGamal allow for multiplication and division, whilst Pailier allows for homomorphic addition and subtraction. Full homomorphic encryption (FHE) supports all of the arithmetic operations and includes Fan-Vercauteren (FV) and BFV (Brakerski/Fan-Vercauteren) for integer operations and HEAAN (Homomorphic Encryption for Arithmetic of Approximate Numbers) for floating point operations. Most of the Full Homomorphic encryption methods use lattice cryptography. Some blockchain applications use Barreto-Lynn-Scott (BLS) curves which are pairing friendly. They can be used to implement Bilinear groups and which are a triplet of groups (G1, G2 and GT), so that we can implement a function e() such that e(g1^x,g2^y)=gT^{xy}. Pairing-based cryptography is used in ZKPs. The main BLS curves used are BLS12–381, BLS12–446, BLS12–455, BLS12–638 and BLS24–477. An accumulator can be used for zero-knowledge proof of knowledge, such as using a BLS curve to create to add and remove proof of knowledge. Open Zeppelin is an open-source Solidity library that supports a wide range of functions that integrate into smart contracts in Ethereum. This includes AES encryption, Base64 integration and Elliptic Curve operations. Metamask is one of the most widely used blockchain wallets and can integrate into many blockchains. Most wallets generate the seed from the operating system and where the browser can use the Crypto.getRandomValues function, and compatible with most browsers. Solidity programs can be compiled with Remix at remix.ethereum.org. The main Ethereum network is Ethereum Mainnet. We can test smart contracts on Ethereum test networks. Current networks include sepolia.etherscan.io and goerli.net. Ether can be mined for test applications from a faucet, such as faucet.metamask.io. This normally requires some proof of work to gain the Ether — in order to protect against a Denial of Service against the Faucet. The private key can be revealed from two ECDSA signatures which use the same random nonce value. Polkadot is a blockchain which allows blockchains to exchange messages and perform transactions. The proof of work method of creating is now not preference because of the energy that it typically uses. Many systems now focus on proof of stack (PoS). A time-lock puzzle/Proof of Work involves performing a computing task which has a given cost and which cannot be cheated again. This typically involves continual hashing or continual squaring. The Chia blockchain network uses both Proof of Space (PoS) and Proof of Time (PoT). The PoS method makes use of the under-allocation of hard-disk space. With a Verifiable Delay Function (VDF), we can prove that a given amount of work has been done by a prover (Peggy). A verifier (Victor) can then send the prover a proof value and compute a result which verifies the work has been done, with the verifier not needing to do the work but can still prove the work has been done. A Physical Unclonable Functions (PUFs) is a one-way function which creates a unique signature pattern based on the inherent delays within the wireless and transistors. This can be used to link a device to an NFT. In Blockchain applications, we can use Non-interactive zero-knowledge (NIZK) proofs for the equality (EQ) of discrete logarithms (DL) — DLEQ. With this — in discrete logarithms — we have
This is a "return to regular format" episode in one respect - readings from and reflections upon "The Fabric of Reality" but also a departure from regular formatting in another respect: I teach a bunch of simple mathematics. This is for those who might think "quantum computation" and "quantum algorithms" will be forever beyond me. They are not! I begin with (quite literally) primary school mathematics level stuff (what's a prime number, what is the "fundamental theorem of arithmetic") and very gradually move up into algebra and some modular arithmetic and present examples using real numbers of what the problem is and then lead us to a place where we can glimpse the solution (which is Shor's Algorithm). I do not promise to bring the listener to a graduate quantum physics-degree-level of proficiency in quantum information theory and cryptography - but you will gain quite some insight. I refer to the following more in-depth expositions of all this and hopefully bridge the gap I think is there between "I know a little bit of maths and physics" and the kind of thing the following more "high level" videos offer (which I present in order of increasing technical difficulty) 1. The PBS Infinite Series on all this stuff is brilliant. In particular this introduction: • How to Break Cryp... and this video focussed more narrowly on Shor's algorithm: • Hacking at Quantu... 2. Here is Peter Shor himself explaining the history of his work: • The Story of Shor... 3. Artur Ekert's graduate level free online course on Quantum Information Theory: https://www.youtube.com/@ArturEkert/v... in particular his lecture focussed on Shor's Algorithm: • IQIS Lecture 6.9 ... (which, aside from "The Fabric of Reality" itself, served as the basis for this episode).
Episode: 2907 Quantum Computing. Today, it's magic.
In the cybersecurity world they call it Q-Day, the day when a quantum computer will be built that can break the encryption of the internet.John Thornhill and Madhumita Murgia speak to cybersecurity expert and former professional hacker Mark Carney about password cracking, and why quantum computers would be so good at it.Renowned mathematician Peter Shor recounts how he became the first person to discover that quantum computers could upturn the encryption that underpins much of the internet. Jack Hidary, boss of the quantum technology company Sandbox AQ, tells us how quantum computers already pose a threat today, even if it's decades before one powerful enough to threaten encryption will be built. And cryptographer Dan Bernstein explains why protecting ourselves from the quantum threat might just be down to better maths.Presented by Madhumita Murgia and John Thornhill, produced by Josh Gabert-Doyon and Edwin Lane. Executive producer is Manuela Saragosa. Sound design by Breen Turner and Samantha Giovinco. The FT's head of audio is Cheryl Brumley.We're keen to hear more from our listeners about this show and want to know what you'd like to hear more of, so we're running a survey which you can find at ft.com/techtonicsurvey. It takes about 10 minutes to complete and you will be in with a chance to win a pair of Bose QuietComfort Earbuds.Read a transcript of this episode on FT.com Hosted on Acast. See acast.com/privacy for more information.
In the cybersecurity world they call it Q-Day, the day when a quantum computer will be built that can break the encryption of the internet. John Thornhill and Madhumita Murgia speak to cybersecurity expert and former professional hacker Mark Carney about password cracking, and why quantum computers would be so good at it. Renowned mathematician Peter Shor recounts how he became the first person to discover that quantum computers could upturn the encryption that underpins much of the internet. Jack Hidary, boss of the quantum technology company Sandbox AQ, tells us how quantum computers already pose a threat today, even if it's decades before one powerful enough to threaten encryption will be built. And cryptographer Dan Bernstein explains why protecting ourselves from the quantum threat might just be down to better maths.Presented by Madhumita Murgia and John Thornhill, produced by Josh Gabert-Doyon and Edwin Lane. Executive producer is Manuela Saragosa. Sound design by Breen Turner and Samantha Giovinco. The FT's head of audio is Cheryl Brumley.We're keen to hear more from our listeners about this show and want to know what you'd like to hear more of, so we're running a survey which you can find at ft.com/techtonicsurvey. It takes about 10 minutes to complete and you will be in with a chance to win a pair of Bose QuietComfort Earbuds.Read a transcript of this episode on FT.com Hosted on Acast. See acast.com/privacy for more information.
MIT Professors Peter Shor and Will Oliver join for a conversation on the current state and future possibilities of quantum computing. A transcription for this podcast can be found at cap.csail.mit.edu
Glad to announce that this Sun Aug 7, 11AM ET, we, Prof. Peter Shor of MIT, recipient of prestigious Nevanlinna prize (Fields Medal of TCS), MacArthur Fellowship, Godel, Dirac Medal and Silver Medal in International Math Olympiad (IMO) (see his wiki page at https://en.wikipedia.org/wiki/Peter_Shor) and Prof. Mohammad Hajiaghayi of UMD plan to have a YouTube Live @hajiaghayi, and simultaneously Live events on Instagram at @mhajiaghayi, LinkedIn @Mohammad Hajiaghayi, Twitter @MTHajiaghayi, and Facebook Mohammad Hajiaghayi of life, research on Quantum Algorithms and Computation, Shor's Pioneering Quantum Algorithm for Factorization, Quantum Supremacy, Future of Quantum, among other topics. Please join us on our simultaneous Lives at YouTube, Instagram, LinkedIn, Twitter, or Facebook and ask questions you may have.#QuantumComputation#ShorAlgorithm#Factorization#QuantumSupremacy#QuantumFuture#PhDAdvising#MIT#ATT#BellLabs#Nevanlinna#Godel#MacArthur#IMO#MathOlympiad
Juan & Terence rank well know physicists and mathematicians.
In the mid-90's, there was no quantum computing field. There was excitement, sure, but nearly a decade and a half after the conference at MIT Endicott House, the possibilities of marrying physics and computer science had yet to yield a significant technological breakthrough. That is, until Peter Shor discovered a way to break RSA, the most famous public-key cryptosystem. Shor's Algorithm was more than a call to action for a generation of scientists, it was a glimpse of how much faster a quantum machine would be able to crack even the most complex encryption scheme. Sebastian, Abe and Matt sit down with Peter Shor to discuss the discovery of the algorithm, the extraordinary response his work received twenty-five years ago, and what's next for ensuing generations of scientists and information theorists. Credits: Co-created and co-hosted by Sebastian Hassinger and Abraham Asfaw. Produced, written, co-hosted and edited by Matt Hooper. Special thanks to the entire IBM Quantum team.
57. Bölümde yine Q Turkey Koordinatörü ve Akademisyen Zeki Seskir konuğum oldu ve kuantum bilgisayarları konuştuk. (00:00) - Açılış (01:52) - Kuantum bilgisayar nedir? (07:50) - Kuantum bilgisayarlar ne amaçla kullanılıyor ve devletler nereye odaklanıyor? (13:17) - Kuantum bilgisayarlar ticari bir değere sahip mi? Kuantum sensör, kuantum radar vs. (15:32) - Kuantum bilgisayar ne zaman ortaya çıktı? https://en.wikipedia.org/wiki/Peter_Shor (19:10) - Kuantum bilgisayarla zaman yolculuğu mümkün mü? https://duzensiz.org/kuantum-bilgisayarla-zaman-yolculugu-mumkun-mu-c682690b8521 (20:53) - Gelecek ne zaman geliyor? https://duzensiz.org/yeni-bir-bilisim-cagi-d71650b2a0e3 (29:25) - Kitap önerileri 50 Soruda Yapay Zeka - https://www.goodreads.com/book/show/42427796-50-soruda-yapay-zeka?ac=1&from_search=true&qid=oT3c598ixo&rank=1 Yeni Dünya Yeni Ağ - https://www.goodreads.com/book/show/53455901-yeni-d-nya-yeni-a Zeki Seskir - https://www.linkedin.com/in/zeki-seskir-989125158/ https://www.qturkey.org/ https://kuantumturkiye.org/ Dünya Trendlerini sosyal medyada takip edebilirsiniz Twitter - https://twitter.com/dunyatrendleri Instagram - https://www.instagram.com/dunya.trendleri aykut@dunyatrendleri.com infodunyatrendleri@gmail.com Bizi desteklemek için; https://www.patreon.com/dunyatrendleri
Blir det Nobelpris i medicin för insikter om immunförsvaret på måndag? Nästa vecka kommer beskeden om årets naturvetenskapliga priser här hör du Vetenskapsradions förhandstips! Medicinreportern Annika Östman tror att priset i fysiologi eller medicin kan belöna Jacques Miller och Max Cooper, som förklarat hur immunförsvarets T-celler och B-celler bildas. Alternativt Huda Y Zoghbi som hittat mutationen bakom Retts syndrom hos barn, vilket ger möjlighet till tidig upptäckt och behandling. Fysikpriset kan belöna Peter Shor som öppnade vägen för den forskning som sker nu för att ta fram en kvantdator, tror Camilla Widebeck. Om det inte går till Alain Aspect för experiment med sammanflätade partiklar. Ulrika Björkstén tänker sig att nanokristallernas upphovsman Christopher Murray eller gensekvenseringspionjären Leroy Hood kan få kemipriset. Alla är ense om att genkniven CRISPR Cas-9 kan väntas få ett Nobelpris, nu eller senare frågan är bara när, och om det blir i medicin eller i kemi. Programledare: Gustaf Klarin gustaf.klarin@sverigesradio.se
En el programa de esta semana hemos hablado con Peter Shor, premio Fronteras del Conocimiento de la Fundación BBVA por sus contribuciones a la computación cuántica. Shor es el descubridor del algoritmo que permite que un ordenador cuántico separe un número en sus factores primos. Y esto, que puede parecer una mera curiosidad matemática, en realidad llega hasta el corazón de la seguridad de todo el contenido que se mueve por internet: la mayor parte de ese contenido está encriptado, y para descifrarlo necesitaríamos... separar un número muy grande en sus factores primos. Los ordenadores cuánticos, cuando algún día existan, serán capaces de hacerlo mucho más rápido que los ordenadores que tenemos ahora, y eso es precisamente lo que demostró Peter Shor con el desubrimiento de su algoritmo. Así que os hablamos de cómo funcionan las claves en internet, de ordenadores cuánticos y de por qué son más rápidos que nuestros ordenadores actuales. Además Santi García Cremades, en su sección de retos matemáticos, también nos propone un reto relacionado con números primos y contraseñas. En su sección sobre la historia de los objetos cotidianos Marta García Aller nos habla del desarrollo del mando a distancia, desde sus primeros pasos hasta la actualidad, y después de eso hablamos sobre los incendios que han quemado miles de hectáreas en el interior del Círculo Polar Ártico durante el verano de 2020. Hablamos con Marc Oliva, investigador en la Universidad de Barcelona y experto en el suelo helado de las regiones polares, el permafrost. Con él aprenderemos por qué es especialmente peligroso que se quemen estos suelos del Ártico, bajo los cuales se esconden muchas cosas. Finalmente hablamos con Rubén Mendi, agricultor navarro que ha conseguido el récord de España esta temporada por cultivar una calabaza de más de 1150 kilos. Este programa se emitió originalmente el 14 de septiembre de 2020. Podéis escuchar el resto de audios de Más de Uno en su canal de iVoox y en la web de Onda Cero, ondacero.es
En el programa de esta semana hemos hablado con Peter Shor, premio Fronteras del Conocimiento de la Fundación BBVA por sus contribuciones a la computación cuántica. Shor es el descubridor del algoritmo que permite que un ordenador cuántico separe un número en sus factores primos. Y esto, que puede parecer una mera curiosidad matemática, en realidad llega hasta el corazón de la seguridad de todo el contenido que se mueve por internet: la mayor parte de ese contenido está encriptado, y para descifrarlo necesitaríamos... separar un número muy grande en sus factores primos. Los ordenadores cuánticos, cuando algún día existan, serán capaces de hacerlo mucho más rápido que los ordenadores que tenemos ahora, y eso es precisamente lo que demostró Peter Shor con el desubrimiento de su algoritmo. Así que os hablamos de cómo funcionan las claves en internet, de ordenadores cuánticos y de por qué son más rápidos que nuestros ordenadores actuales. Además Santi García Cremades, en su sección de retos matemáticos, también nos propone un reto relacionado con números primos y contraseñas. En su sección sobre la historia de los objetos cotidianos Marta García Aller nos habla del desarrollo del mando a distancia, desde sus primeros pasos hasta la actualidad, y después de eso hablamos sobre los incendios que han quemado miles de hectáreas en el interior del Círculo Polar Ártico durante el verano de 2020. Hablamos con Marc Oliva, investigador en la Universidad de Barcelona y experto en el suelo helado de las regiones polares, el permafrost. Con él aprenderemos por qué es especialmente peligroso que se quemen estos suelos del Ártico, bajo los cuales se esconden muchas cosas. Finalmente hablamos con Rubén Mendi, agricultor navarro que ha conseguido el récord de España esta temporada por cultivar una calabaza de más de 1150 kilos. Este programa se emitió originalmente el 14 de septiembre de 2020. Podéis escuchar el resto de audios de Más de Uno en su canal de iVoox y en la web de Onda Cero, ondacero.es
1994 presenterade matematikern Peter Shor en berömd algoritm, som visade att en kraftfull kvantdator kommer vara ett stort hot mot säkerheten på internet. En kvantdator kommer vara totalt överlägsen traditionella datorer i kraft och kapacitet och klarar att avkoda information som idag anses vara säkert krypterat. Så det kan vara helt avgörande för resten av världen, vem det blir som först lyckas med att utveckla en kvantdator. Vi kan inte ens vara säkra på att det inte redan finns en ute där som redan är satt i bruk. För är det något lands underrättelsetjänst som utvecklar den första kvantdatorn så blir det ett mäktigt vapen - om man kan hålla det hemligt.
Joseph Emerson of the Department of Applied Math at the University of Waterloo on the documentary The Quantum Tamers which he co-produced at the Perimeter Institute
Joseph Emerson of the Department of Applied Math at the University of Waterloo on the documentary The Quantum Tamers which he co-produced at the Perimeter Institute
Big Ideas presents Joseph Emerson of the Department of Applied Math at the University of Waterloo on the documentary The Quantum Tamers which he co-produced at the Perimeter Institute
Caesar shifted each letter three places in the alphabet. Much of modern computer science was born in the effort to break the Nazi Enigma code, and Cold War spies used code books that fit inside a walnut. Nowadays, the cryptography we depend on every day — for instance, to send our credit card information when we buy something on the Web — relies in turn on the mathematics of prime numbers. But in 1994, Peter Shor discovered that a future quantum computer could crack our cryptosystems by breaking large numbers into their prime factors. Cris will start by describing how these cryptosystems work, and how a quantum computer could break them. (Nothing beyond high-school math, he promises!) He’ll end by giving a personal view about whether quantum computers can be built — and what kinds of cryptography could remain secure even if and when they are built.
© 2020-2025 Ivy Podcast Discovery LLC
