Posted by: Joe | May 19, 2009

So, I’m unemployed…

…for one week, at least.  I’ll have a new employer on Monday.

When I was a kid, Mom bought a collection of abridged classic literature from one of those mail-order TV commercials.  It had about 25 or 30 volumes of mostly American novels like Moby Dick, The Last of the Mohicans and The Adventures of Tom Sawyer.  I read them over and over again, and now have many of those same stories in hardcover on my bookshelves today.

One of my favorite volumes was The Tales of Edgar Allen Poe.  It included “The Tell-Tale Heart”, “The Pit And The Pendulum”, “The Cask Of Amontillado”, “The Fall Of The House Of Usher”, and “The Gold-Bug”.

“The Gold Bug” is a story about a hunt for pirate treasure. A large part of the plot is an explanation of how the main character solves a simple substitution cipher using letter frequency analysis to reveal the location of the loot.  For a 10 or 12 year old, interested in math and science, it’s a great tale.  Because of that story, I’ve always had a passing interest in cryptography, though I’ve never done anything about it.

I’ll get the opportunity at my new workplace, Certicom.  Certicom is a cryptography company, and holds a large number of patents related to elliptic curve cryptography.

Elliptic curves are an important part of modern number theory research.  They were used in Andrew Wiles’s proof of Fermat’s Last Theorem, and are used in one method of integer factorization, which can be used to break RSA, the most common form of public-key encryption.

RSA relies on the fact that factoring very large integers is computationally difficult.  The larger your key is, the harder it is to factor.  300-bit keys can be broken in a matter of hours using common PC hardware.  512-bit keys can now be factored in several weeks using common hardware. 2048-bit keys are generally considered secure , and 4096-bit keys are unlikely to be broken in the foreseeable future.

However, the larger the encryption key, the more bandwidth is required for your encrypted message.  The advantage of ECC is that a similar level of security can be achieved using a much smaller key.  The largest publically broken ECC encryption to date is 109 bits, using 10,000 Pentium class PCs running continuously for over 18 months.

Certicom has a tutorial of the math behind ECC, which is not for the faint of heart, and I don’t understand a great deal of it.  Luckily, I’m not going to be working on the guts of Certicom’s cryptographic toolkits–I’ll be building systems using the toolkits.  I’m pretty stoked to learn more about how it all works.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: