Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Faster Encryption Algorithm Found By 16 Year Old Girl

CmdrTaco posted more than 15 years ago | from the geek-gals dept.

Encryption 197

Jan Stette writes "This story has made the front page of the UK newspapers today. A 16 year old Irish girl has devised an encryption algorithm that is allegedly as secure as RSA but is much faster at performing the encryption. " Update: 01/15 02:24 by S : A picture of her talking to Gordon Moore.

Sorry! There are no comments related to the filter you selected.

Algorithim (0)

Anonymous Coward | more than 15 years ago | (#2041763)

Does anyone have a link to see this algorithim? Or has it not been released yet, since she hasen't patented it? (Or GPL'd it for that matter :-)

Where's the writeup? (0)

Anonymous Coward | more than 15 years ago | (#2041764)

If it as secure as the UK paper thinks, I assume she's been published. Is it 2 key or shared secret? You don't need to encrypt an entire message with RSA BTW, just a des key used for encryption/decryption and then send the mail message encrypted with the DES key.

Possibly OS too... (0)

Anonymous Coward | more than 15 years ago | (#2041765)

Towards the bottom of the article, however, they mention that she is "considering" making the code available... Let's hold thumbs.

Zak McGregor

techno-babble (0)

Anonymous Coward | more than 15 years ago | (#2041766)

Wow, how could she prove that her algorithm is just as secure as RSA? Has anyone looked at it?
"using matrices", wow...

Some Information (0)

Anonymous Coward | more than 15 years ago | (#2041767)

The award she won (The Irish Young Scientist Award) is for second level (High skool) students who have to present a project they created themselves on their own time.I suppose she got some help from her father considering he's a Maths Professor but this suggest she did it on her own time.

It will be interesting to see her algorithm and code if/when she releases them. The competition only finished in the recent weeks so it will be a while before we see it :/

wonder what are we doing when we are 16 ? (0)

Anonymous Coward | more than 15 years ago | (#2041768)

read the title...

I hope she does. (0)

Anonymous Coward | more than 15 years ago | (#2041769)

Why bother to patent it? It hasn't been inspected by cryptologists, nor has is the code available. It very unlikely to be secure or worthwhile.

sounds fishy (0)

Anonymous Coward | more than 15 years ago | (#2041770)

i dont know about anyone else, but the entire article seemed fake. if one can imagine a better scenario, i would be impressed: gifted 16 year old girl introduces a hot new algorithm in a field dominated by older males, father is a mathematics professor. and then the bit about her being sick, it just doesn't add up.

I can't believe it (0)

Anonymous Coward | more than 15 years ago | (#2041771)

> Or are all the other as great algorithms
> patented and hidden from our mortal eyes?

If it is patented, it is not hidden.


Caption of the picture (0)

Anonymous Coward | more than 15 years ago | (#2041772)

In the UK, "brilliant" means "amazing" or "incredible," not your Americanized "intelligent."

once again the bbc nails us all (0)

Anonymous Coward | more than 15 years ago | (#2041773)

There was an article in the bbc last year about a kid with some kind of fantastic encryption protocol as well. This is absolute bullsh*t. Typical, "Oi we got the nerds" kind of British Press attitude. Has to be tabloid crap. They didn't even mention the name of the "Intel Award", I'm sure if someone from Intel the computer company called them on it, they would say they were just using Intel as short for Intelligence, as in spy stuff.

_I_ can encrypt a letter faster...& 100% securely! (0)

Anonymous Coward | more than 15 years ago | (#2041774)

Take a letter, say 'Q'. I can encrypt it to 'D'.

This type of encryption is 100% secure and takes
a lot less than 1 minute to do. The problem
starts when I want to encrypt multiple letters,
and then wish to have then decryptable.

p.s.-I can make code based on matrices that would
be impossible for a prize judge to understand. And
I'm not even a programmer!

You figure it out.

Someone will be quite lucky... (0)

Anonymous Coward | more than 15 years ago | (#2041775)

To marry this young woman someday. Here in the states it's almost impossible to find a female soulmate who can show interest in anything other than how hot a guy is or the latest episode of Jerry Springer.

hmm? (0)

Anonymous Coward | more than 15 years ago | (#2041776)

You again! Once again, not necessarily!

In best Banky Chasing Amy voice: (0)

Anonymous Coward | more than 15 years ago | (#2041777)


Learn something about crypto (0)

Anonymous Coward | more than 15 years ago | (#2041778)

Well, if you had a clue you'd know that PGP only uses RSA to encrypt a session key, not the entire plain-text. This is because RSA an order of magnitude slower than block ciphers.

Hope you is was were read reading (0)

Anonymous Coward | more than 15 years ago | (#2041779)

Hope you is was were read reading?

You've made a bad batch, Homebrewer, sleep it off.

Excuse me for being skeptical... (0)

Anonymous Coward | more than 15 years ago | (#2041780)

> If some BOY can do something this ludicrous,
> certainly some GIRL can as well, you
> chauvanistic asshole. Stupidity
> isn't confined to a particular sex.

Why, you assumed that I was a man! How sexist of
you! :)

As it happens, you are right.

It just so happens that I have a simple test
that nobody has thought of to prove that Pat
Robertson does not really have a direct line to

When can I expect the NY Times Journalist?

_I_ can encrypt a letter faster...& 100% securely! (0)

Anonymous Coward | more than 15 years ago | (#2041781)

But how do you know when you've solved it? There's no real information in the plain text that indicates you've solved it.

Not enough info. (0)

Anonymous Coward | more than 15 years ago | (#2041782)

You might be able to prove that certian forms of cryptanalysis would be very inefficent.

Learn something about english. (0)

Anonymous Coward | more than 15 years ago | (#2041783)


Trust? Give me a break. (0)

Anonymous Coward | more than 15 years ago | (#2041784)

I'm supposed to trust the analysis of a 16-year old girl and her father on an issue that you can't get 2 of the brightest mathmetecians to agree on? I've watched people rip algorthms apart in a few minutes that other people (who are brilliant) have spent YEARS researching, simply because they missed something.

Let her present it at EUROCRPYT '99 and see how far it flies :-) I'm betting Coppersmith or others will be happy to break it while they're sitting drinking their coffee :-)

Cryptography is nerly a black art, and as I was once told by someone: "Never trust anyone to design algorithms who hasn't spent years breaking them."

HA (0)

Anonymous Coward | more than 15 years ago | (#2041785)

"But she has also proven that her code is
as secure as RSA,"

OH PLEASE! To make any kind of proofs about RSA's security would require serious mathmatical breakthroughs. If she really did this, I say we nominate her for a nobel. but... Where is the paper?

It's probably just you (0)

Anonymous Coward | more than 15 years ago | (#2041786)

My wife has a PH.D. in math. One girl I went out with before her is now an executive of a well known software company (not Microsoft). Back in university I went out with 2 electrical engineers...

sounds fishy (0)

Anonymous Coward | more than 15 years ago | (#2041787)

She might well be sick. I don't know whether it hit
Ireland, too, but large parts of the British Isles are
being very badly affected by influenza at the moment.
Have a look at the rest of the BBC news website for
details on that. It may not be world-shattering news
but I assure you that it's pretty big news over here... (0)

Anonymous Coward | more than 15 years ago | (#2041788)

No, not impossible. I don't watch JS. My boyfriend is not some body-builder/model, and I wouldn't want him to feel like he had to be. I love him for the foreign-film watchin', Linux-operatin' geek-guy he is. Be a little more optimistic, you'll meet her when you least expect it.

Someone will be quite lucky... (0)

Anonymous Coward | more than 15 years ago | (#2041789)

Check out this site [] . This young woman is a web developer for Playboy Mag, and she just got married!

Goes to show that if you seek, you shall find!

Lay off the conspiracy theoriees already! (0)

Anonymous Coward | more than 15 years ago | (#2041790)

God! The girl did some neat mathematical work. She submitted it to a contest. A mathematician thinks that it's interesting. Just because the journalist in question may be a complete numerophobe means that she is a fraud?

I can believe that she could be wrong. But there's a difference between being wrong and being a fraud. Even Einstein didn't believe in quantum theory. Heck, I don't even know enough about encryption to _be_ wrong about a new algorithm. Right or wrong, this is an incredible achievement and I at least salute her.


Caption of the picture (0)

Anonymous Coward | more than 15 years ago | (#2041791)

What happened (according to the Irish papers) was that the judges got a maths professor to check it over, as it is a general science competition for schools, an entry like this would require specialist knowledge - which they got - to judge it.


Heheh, start the flamewar. (0)

Anonymous Coward | more than 15 years ago | (#2041792)

The orginial critique of the "oppressed" non-whites and/or non-males was that it wasn't fair for them to be treated differently just because of racial or gender status. Supposedly, equality of everyone was better. Eventually enough white males agreed with this point of view.

NOW, however, many (not all) of those non-whites and non-males aren't satisfied with equality. They want "slight" advantages and "slight" preferences. Look... either you want equality, or you want one group -- however defined -- to have more power/money/status than other groups. If one group is to have more, why shouldn't it be white males?

The attitude of many (not all) white males today is: you want equality, fine we can do equality. You want one group to have more power or whatever, fine -- but that group is going to be us. Decide, and quit lying about equality when you want power.

Excuse me for being skeptical... (0)

Anonymous Coward | more than 15 years ago | (#2041793)

> You can do this by proving that the Christian
> god does not exist:

I am not very religious myself,
but these kind of "proofs" does not hold, since they are based on the assumption that God (creator of everything, including logic) are a subject to logic himself.

I have never seen such Pure Jealousy (0)

Anonymous Coward | more than 15 years ago | (#2041794)

What a bunch of whiners you all are being....

Just about every post I've read here was filled with jealousy masked in statements like "even REAL geniuses cant agrre" or "how can she say its the same as RSA" or outright accusations that this is a scam, duplicitous at its very nature and only being told cause she's a women or becuase she's 16.

Ya there telling the story not because of her gender ( give your head a shake ) but because of her age.. There is nothing wrong with being skepitcal but the reaction her is how the hell can some 16 freaking IRISH kid develop a cryto alogrithm possible better than RSA and I cant....

Its quite simple really, some people are capable of making logical leaps where others weren't, Einstein never showed any promise along the way then bam presents ideas that fundametally shift everything, an even better example of genius coming from the least likely source....Rajuluman... Indian born man with no formal education reads a simple highschool math book while living in India, from that he develops and extrapolates theories that many of the greatest minds in mathematics have said that his theories will leave mathematicians work to do fo the next 500 years, not dissimilar to Fermat or his little theory.

While it is fine to be skeptical, since none of you have seen the code, the behaviour and comments presented are petty, shameful at best for a community supposed to be based on computing excellence etc...

Oh by the way..just for your info... age has everything to do with it in math and older isn't better its worse....Mathematics ( upon which this algoithm is founded by the sound of it ) has the lowest entry age of any science into the Royal Academy of Sciences.....

Furthermore, if this was your kid and the media ( especially british ) was decending upon your door like vultures...wouldn't you talk to them for her.... hmm I just think I might too....

I for one will be interested to see what comes out of it and while remaining skeptical until it is more thoroughly tested, wish her the best of luck...

Judges are Stupid... (0)

Anonymous Coward | more than 15 years ago | (#2041795)

When I was 16 (1992) I entered my local (Hamilton, OH) science fair with a project titled "Pseudo Random Number Genereating Algorithms". I wrote two programs, one in Turbo Pascal and one in Quick Basic, that genereated 10,000,000 random numbers between 1 and 10. I counted how many of each were generated, exported the data to Excel, and made nifty bar graphs. The product that made the most "level" graph won... and anyone can see that this project was a simple product comparison and completely bunk. However, when judges have NO IDEA what you are talking about you can generally do pretty well in the Science Fair... I got first place...

"Fortes are my Forte" - Moe Yerca

Before dismissing, see the "full story" post above (0)

Anonymous Coward | more than 15 years ago | (#2041796)

Guys - this girl might just be for real. Try reading the posts before you dismiss the poor girl. If anyone's at fault here, its probably the bbc for not getting more facts.

She won another prize last year for cryptography and presented it to Intel. Last summer she worked for Baltimore, and that's where her initial research came from.

regardless... (0)

Anonymous Coward | more than 15 years ago | (#2041797)

i think it is rediculous when, for example, our school is automatically giving out half tuition scholarships to any entering freshman female, but my 3/4 tuition scholarship (now reduced to half) was only one of about thirty for all incoming freshmen (freshpeople?)

drew at illinois institute of technology,
who hasn't logged in in so long i've forgotten my password

The full story...? (0)

Anonymous Coward | more than 15 years ago | (#2041798)

Maybe I'm dense, but your explanation doesn't make sense to me.

The core idea in RSA cryptology is that

x == x ^ PHI(n) (modulo n)
PHI(n = pq) = (p-1)(q-1)
The RSA encryption keys e and d are chosen such that e * d is an integral multiple of PHI(n).

The strength of RSA encryption is in this identity, not the fact that the modulus is product of two primes. (More precisely, the strength of RSA encryption derives from the difficulty of computing PHI(n) without n's prime factorization.) An RSA modulus can have an arbitrary number of prime factors; two keys are used solely to provide the largest possible smallest prime factor to thward factorization attempts.

I'm sure that there's some equivalent identity with matrix multiplication over a finite field... but if you're eliminating exponentiation then you're not using an RSA-like algorithm and hence can't depend on it for RSA-like strength. The only exception would be if matrix inversion over a finite field is somehow equivalent to the earlier identity, beyond the trivial

inverse(x) = x ^ (PHI(n)-1) (modulo n)
If that's the case, wouldn't you have simply stated so? If that's not the case, then the strength of your algorithm derives from the difficulty of inverting a matrix, not of computing PHI(n), so even if the best known algorithm today has the same big-O running time, there's no reason to believe the same will be true tomorrow. (Or even today, considering the number of spooky mathematicians.)

Or have I totally missed something? [mailto]

You call that a proof?? (0)

Anonymous Coward | more than 15 years ago | (#2041799)

I AM NOT religious. I dislike religion because I see it as a tool for public mass control.

That is the worst ad hoc so called proof I have seen in a long time. You ever see this one?

All cars are orange
An orange fruit is orange
All cars must then be orange fruits.

It doesn't follow! You started with a false premise. That means you can prove anything. Another thing is that you are trying to see through "Gods" eyes. You can't do this. If I am a bird, I think of birdly things, If I am a human, I think of humanly things, and if I am god, I think of godly things.

I am suprised that the church did not attack this "proof" (sacrasm implied, see an earlier post) by attacking the line:
> If he can, but does not want to, he is wicked.
Let's say that he can destroy evil, but that destroying evil means destroying good since they are part of the same whole (i.e. a simplistc attempt to look through gods eyes which is doomed to failure because I am a mortal, but it gets the point across). He loves good, so he *choses* not to destroy evil; hence, not destroying good. Then he provides good with protection from evil, even if we as mear "mortals" can not tell that we recieve protection. Does this make god wicked? To some maybe, To others no.

There is no proof that god exists or does not exist. This is why it is called faith!

P.S. the false premise was thinking that you can "see through gods eyes".

Heheh, start the flamewar. (0)

Anonymous Coward | more than 15 years ago | (#2041800)

This is a childish attitude. Spend the night in the Bronx and try to figure our why you're so hated. It's not just because of pure racism.
Keep in mind that racial equality has only existed for 30 years or so. Get a feel for what racism feels like. Go into an all black town and
just hang out. Try to understand the situation before you comment on it.

So it's "OK" for an all black neighborhood to harass a white man, yet it's "wrong" for an all white neighborhood to harass a black man?

Ok, I can see the logic in that.

If I were as stupid as some.


Heheh, start the flamewar. (0)

Anonymous Coward | more than 15 years ago | (#2041801)

You won't and cannot understand it like I do and I didn't even have to deal with it directly. Think what you want, but I know you are wrong and I won't hesitate to point it out.
... because I, as an anonymous coward, can make up any example I want to get my point across. Sure, we believe you.


Why don't you learn some English? (0)

Anonymous Coward | more than 15 years ago | (#2041802)

I wonder how anyone being a non-native speaker
is going to be ripped off...

Greetings from Germany.

I have never seen such Pure Jealousy (0)

Anonymous Coward | more than 15 years ago | (#2041803)

It has nothing to do with Pure Jealousy(tm). It has everything to do with...


Like most of those who read /., or so I imagine, I was trained as a scientist and mathematician (well, not too much of the later... ;P ). And therefore, when someone (the following paraphrases the late, great Carl Sagan) shows me invisible dragons, I am inclined to disbelieve them. In fact, I am happy that a 16 year old can program well enough, and has enough mathematical training, to devise an encryption algorithm based upon rings (or fields) of matricies, according to an earlier post on this subject. But the security of such a process is naturally suspect. As many have pointed out, fast decryption is also not a desirable trait, as it aids brute force attacks on a system! Additionally, if you believe that it is the desire to build such a system that should be encouraged, then what does it matter if the system is "secure"? At the very least, she has learned a good deal from the attempt. It is therefore the desire to attempt these things that would should instill in the young, not so that they may succeed, but so that they can learn from the attempts.

Huh?? (0)

Anonymous Coward | more than 15 years ago | (#2041804)

Right. If only the product is known however, it is difficult to find the prime factors.

Humm... /someone's/ got it right, I guess (0)

Anonymous Coward | more than 15 years ago | (#2041805)

After seeing how much time my boyfriend spent on linux, I decided to try running it myself to see what the hoop-la was all about. He's probably the best thing that happend to me and my computer. Now when one of us has a problem, we can collaborate. Computers are no longer standing BETWEEN us. We love each other because we're both nerds. (well, at least I'm trying, anyway)

16, eh? (0)

Anonymous Coward | more than 15 years ago | (#2041806) a 16 year old girl outdoes a multimillion dollar company...

now...let's get down to the real questions...



BS. (0)

Anonymous Coward | more than 15 years ago | (#2041807)

I say: this is crap and we just loseing time discussing it w/o code/algo.

Open Source Patent? (0)

Anonymous Coward | more than 15 years ago | (#2041808)

Patents are by definition Open Source (at least in the US they are). By US law in order to be granted a patent, the patent is supposed to be "enabling". In other words, the patent has to explain enough to enable a person resonably "skilled in the art" to reproduce the patented item. What a patent does is stop anyone else from making money on the patent holders invention.

I think it also keeps it from being distributed (ie for free), but I am not positive on that regard. But either way anyone can read the patent and roll-thier-own, they just can't give it to anyone else without permission.

Hmm... on second thought I guess to that extent something like the GPL could be applied at that point, to give permission for non-commercial use.

Heheh, start the flamewar. (0)

Anonymous Coward | more than 15 years ago | (#2041809)

The point is that you are not going to get to a "fair" society by promoting unfairness. Switching which particular group is discriminated against will only continue the hatred.

If you want as equal a society as humans can create, I'll work with you. If you want revenge for past wrongs, I'll fight against you -- and don't waste your time with your rationalizations, because I don't care. I don't mind being "equal", but I sure will protest against being at the bottom. Just like all the "minority" groups protest against being there. You didn't take it, don't expect us to.

Reporters are Idiots! (0)

Anonymous Coward | more than 15 years ago | (#2041810)

This is another example of reporters being in completely over their head's when discussing anything more complicated than the drivel written on their Tele-Prompter.

It looks like this girl has come up with a Potential new encryption menthod. This happens all the time, although usually by people alot older than her. The next step in the process in peer review. She needs to write it up and submit it for examination by people like those at Counterpane [] who know how to tear apart a new algorithm.


Snake Oil. Be skeptical. Be very skeptical. (0)

Anonymous Coward | more than 15 years ago | (#2041811)

It has not been proved that breaking RSA requires factoring or is equivalent to factoring. Factoring provides a way to break RSA, but it is not known if that is the only way.

--Tim Smith

Caption of the picture (1)

Anonymous Coward | more than 15 years ago | (#2041872)

The prize judges could not completely understand the "brilliant" code

Did anybody else notice that caption under the article? The algorithm might be completely unsecure, and it probably is. How can anybody say it is secure if the code isn't understood, much less the algorithm?

Also, the word brilliant shouldn't be in quotes, unless they actually meant to imply sarcasm. This smells of the infamous 'UBE98' code.

Excuse me for being skeptical... (1)

Anonymous Coward | more than 15 years ago | (#2041873)

If this is indeed true and the hype is actually
representative of reality, my hat is off to her.

But I cannot help being skeptical, given the current penchant of the media to do whatever it
takes to "improve girls' self esteem".

A few months back, there was an article in the cover page of the NY Times, complete with picture, about a `brilliant' 12 year old girl who had done `something wonderful'.
On reading the article, however, it turned out that her contribution to the sum total of human
knowledge was exposing a few psychics as frauds using some simple tricks.

Duhhh.... great. Now we know that psychics cannot really foresee things to come. I would never have guessed.

If it had been a 12-year old boy instead, he would not even have been mentioned.
For a man to get on the cover of the NY times, he would have to win the Nobel prize, run riot and slay six or something like that.

Don't get me wrong, I am all for attracting women to computing and all that, but playing up insignificant contributions just because they were made by women is not the way to do it.

Anyway... my two cents.

Salute brillance, encourage curiosity, defy... (1)

Ludvig A. Norin (81) | more than 15 years ago | (#2041874)

...ignorance, cynism and general bull.

This girl is worthy of all encourage she can get, just for being curious; not only learing but also giving ideas to others. And, she's young - a long life is ahead. Regardless of the potential use of her work today, such a person (male or female) is a gift to humanity. Not that she's the only one; but the fact that she got some attention (or, rather, plenty) is still very positive. It tells us that creativity is a good thing. Remember the Apple campaign "Think different"?

It bothers me reading so many comments here about the potential un-usefulness of the actual algorithm that she allegedly developed; and not a single word about the exciting fact that she actually tried to develop one in the first place. I'm not saying a bit of skepticism and cynism isn't healthy, it's just that the algorithm itself is not as important as the potential of her future works, whatever that may be; not to mention the other kids that she'll inspire to try something of the like!

My sincere salutations, Ludvig A. Norin

RSA proofs (1)

Gleef (86) | more than 15 years ago | (#2041875)

Zachary Kessin wrote:

No one has ever proved that RSA is secure.

Depends on how you define "secure". I define secure encryption as being more costly for an unauthorized person to decrypt the information than:
A) the information is worth; and
B) gathering the information through other means

RSA can be applied in such a way that it meets both of these requirements. Most, although not all, of this is mathematically provable.

It has not been proven (as of last I looked) that you need to factor the number to break RSA.

Of course it hasn't been proven that you need to factor the number to break RSA. It's been proven that you need to either factor n or compute the eth roots mod m. For more details, you can go here [] . I understand the formal proof is given in Applied Cryptography, by Bruce Schneier, but I have not personally examined this.

nor that there is not a fast way to factor a large number. Its just that no one has found a good method for doing it.

There is, of course, no proof that we have the fastest method possible to factor a large number. To quote RSA, "Factoring is widely believed to be a hard problem, but this has not yet been proven." We do have some pretty good factoring methods (see What are the best factoring methods in use today? [] , from RSA's FAQ), but who knows if someone will come up with a better way next year or even next week. In fact it has been proven that a hypothetical quantum computer could be able to do the factoring problem in polynomial time, one just hasn't been built yet.

okay.. (1)

drwiii (434) | more than 15 years ago | (#2041876)

Is this like the Aussie guy who was going to re-invent the internet with his compression algorithm or is this really something useful?

P.S. - Slashdot was in PC Magazine []

NEW! (1)

drwiii (434) | more than 15 years ago | (#2041877)

I have a great new encryption algorithm too! I call it, "ROT26"! I better hurry and get a patent...

Speed (1)

voidptr (609) | more than 15 years ago | (#2041879)

How much faster/slower is the decryption though? If it takes 1/2 the time to decrypt the same key length than with another algorithm, you could brute-force decrypt it FASTER than the algorithm and would need as longer key length to be as secure. (Though only one bit for each twofold increase in speed.)

HA (1)

gavinhall (33) | more than 15 years ago | (#2041880)

Posted by Ed Carter:

It's the other way around. If I can break RSA, I certainly can break a simple xor scheme. Does that mean the xor scheme is as secure as RSA? Of course not. What she needed to do to back up that claim is prove that any algorithm that can break her encryption scheme can also be used to break RSA in a polynomially related amount of time.

Not enough info. (1)

joss (1346) | more than 15 years ago | (#2041883)

Is it a public key algorithm ? if not then comparing the speed to RSA is ridiculous.
I've got some code that can add two large matrices
faster than the best commerical implementations can invert one....

"She's proved..." wow, I'm impressed. I thought proof of encryption security was impossible except for one-time keypad, the best you can do is expose it to the experts, and if after several years nobody has broken it then its pretty secure.

Anyway, good luck to her. Especially if she goes public with it.

Excuse me for being skeptical... (1)

ptomblin (1378) | more than 15 years ago | (#2041884)

The case you're thinking of, the girl in question actually reproduced one of James Randi's experiements, and somehow got the write-up in a pretigous medical journal (Lancet?). God knows why a repeat of a previous experiment gets into a medical journal, even if it was done by a 12 year old girl. (1)

jnik (1733) | more than 15 years ago | (#2041885)

Right on. My gf basically did the "sneak up behind him and whop him over the head--I WANT THIS ONE!" thing. She's intelligent and although she doesn't want to hack kernels with me, she understands that I do it and enjoy it.

They're out there, I swear!

Get a life... (1)

krady (2201) | more than 15 years ago | (#2041886)

You surely aren't going to get laid thinking like that. It can't be the case that all the cute, smart, American women are here in Europe.

same story again on i-times (1)

caolan (2716) | more than 15 years ago | (#2041888)

This stories also on the last sats irish times [] . I wouldnt get too carried away with it all just yet :-), im probably doing her wrong, but i never heard anything that won the young scientist of the year thingy actually being of any worth


Correction: Point about PGP and RSA (1)

David Jao (2759) | more than 15 years ago | (#2041889)

Sigh. I made a mistake. What I meant to say above was: "[the article] implied very strongly that popular e-mail encryption programs use RSA to encrypt the whole e-mail."

The article didn't actually name PGP. Instead, it claimed RSA was widely used to encrypt letters. It's not such a stretch to extend that to e-mails.

Snake Oil. Be skeptical. Be very skeptical. (2)

David Jao (2759) | more than 15 years ago | (#2041890)

This article just screams "snake oil" all over. The claims made in the article are completely unjustified. In the field of cryptography, no algorithm or idea is considered worthy unless it has been publicly scrutinized and tested with time.

Consider the following points:

  • "her code can encrypt a letter in just one minute - a widely used encryption standard called RSA would take 30 minutes." No justification is given, and indeed we all know that PGP does not take 30 minutes to encrypt e-mail.
  • "She has also proven that her code is as secure as RSA." Again, no justification is given. Proofs of correctness are rare in computer science. Moreover, there are many different levels and definitions of security in the field (known plaintext, chosen ciphertext, complete break, etc.) and this quote does not cite any of them.
  • Consider the source: Most of the material is quoted from her father.
I urge everyone to first read the Snake Oil FAQ [] before taking this and other similar articles at face value.

Hope you is was were read reading (1)

homebrewer (2857) | more than 15 years ago | (#2041891)

This was a joke!

...making fun on the guy who uses his complier as a grammar checker....

Incidentally, I have a 20 gal batch of Mild Ale that turned out really well.

Part of a 20 Gal batch is still leftover from a great batch of Pale Ale.

I eagerly anticipate February when I can tap into a 20 gal batch of Pils.

I'm glad malt is cheaper than silicon :)

Caption of the picture (1)

homebrewer (2857) | more than 15 years ago | (#2041892)

So what does "bright" mean in the UK?

I know "fag" has a significantly different meaning depending on which side of the pond you are on.

BTW.... I remember a UK journalist covering the Kobe earthquake. He kept calling the town "ko bee" which in Japanese is the verb for animals in the act of conceiving young. My Japanese friend almost wet his pants laughing so hard.

Snake Oil. Be skeptical. Be very skeptical. (1)

Troy (3118) | more than 15 years ago | (#2041893)

Keep an open long as the source is released, time will tell whether or not the code is secure. Whether it is or not though, this is a large accomplishment, and she should be allowed that accomplishment. Loosen up a little's almost like some people don't want her (and people like her) to succeed. If she tries selling anything, then it's time to pull out the criticism, esp. if the algorithm hasn't been published. But right now, she just wrote it an entered it into the contest. Go easy on her for a little while.

To address your points:

1. RSA is a very slow cipher. It would probably take 30 minutes to encrypt an e-mail with RSA. Most encryption packages that use RSA end up encrypting the actual message data with a conventional cipher and a randomly generated key, and then use RSA to encrypt just the key. So, the statement in the news article is accurate, though the reporter probably didn't have the background to put that statement in its proper context.

2. Don't forget the math underpinnings of cryptography. It is very posssible to make proofs about the mathematics of an encryption algorithm... especially proofs about how secure an algorithm is IN COMPARISON to other algorithms. Chances are, she proved that a mathematical attack on her algorithm is as difficult as a mathematical attack on RSA (which is factoring the modulus). Of course, the question remains (as with every algorithm including RSA) as to whether or not there is an easier mathematical attack that the author has not yet considered...and only time will tell that for this (and all other) algorithms

3. The article mentioned her as being ill. Maybe she couldn't interview.

While this isn't love line (1)

Troy (3118) | more than 15 years ago | (#2041894)

Never forget that, in the end, a computer is just a dumb piece of plastic, and while snuggling with it may keep you warm at night, somehow, it's just not the same :-)

Looks like I'm first (1)

jacoby (3149) | more than 15 years ago | (#2041896)

Anyway, since (in Merka, anyway) you can now patent algos, my concern for my fellow hacker tells me that she should patent this, but I do think that it'd be way cool if she opened the

I hope she does. (1)

Prothonotar (3324) | more than 15 years ago | (#2041897)

Actually, if she didn't patent it, it work would be pre-existing technology and no one else could patent it.

The primary danger in patents is in those patents which are made intentionally broad in order to gain control of other future technologies which the original inventor did not in fact invent (or discover, whatever). Other than that, patents can be a nuisance (such as MP3-encoding), but little more.
Aaron Gaudio
"The fool finds ignorance all around him.

30 minutes for RSA????? (1)

GrimJack (3496) | more than 15 years ago | (#2041899)

Is it just me, or do the father's comments
seem a little wacked?

1 minute to encrypt an email? That's got to be
one of the slowest email encryption systems I've
every heard of.

And 30 minutes for RSA??? Common.

Heheh, start the flamewar. (1)

Dr. Evil (3501) | more than 15 years ago | (#2041900)

I wonder if men qualify for all the scholarships which she is being offered?

Heheh, start the flamewar. (1)

Dr. Evil (3501) | more than 15 years ago | (#2041901)

In my humble opinion, while sexist grants and benefits may go a long way to help top performers, they also go a long way to promote sexism.

If you're so unaffected by all this, why did such a simple, albeit speculative question receive such a vicious response?

Heheh, start the flamewar. (1)

Dr. Evil (3501) | more than 15 years ago | (#2041902)

Beacause my sister is an engineer and my brother is a nurse. You do noy have any compehension of the scope that sexism is destructive. It is worthwhile to do away with it, permanently, even if I have to give up some piddling amount to do it, even if you do as well.

If I interpret you correctly, we are in agreement. Sexist grants should not exist. Even if one should "Give up some piddling amount to do it (eliminate sexism)."

In institutes of higher learning, financial grants based on academic success should be awarded based on academic success. No consideration should be given for minority representation.

The same applies for the workplace. Equal pay for equal work. Equal grants for equal achievement.

Unless you mean that people should take paycuts or loose grants -- whether or not they personally recognise sex or race as a factor in their workplace or institution. This, in my opinion is the worst and most sickening kind of discrimination.

Are you actually suggesting cutting up the population and dolling out benefits or penalties in order to 'justifiably' adjust the workforce or institution so that it perfectly reflects the demographics of the local population?

It's been done and I know people who have been laid off because of it. If this is what you are saying, and I find it hard to believe that it is, explain to me how firing people and cutting their pay does not create sexism and resentment in the workforce.

Now I think I understand what you are saying. (1)

Dr. Evil (3501) | more than 15 years ago | (#2041903)

I don't exactly live in a upper-middle-class white suburb either. Certianly not so extreme as the descriptions of the Bronx. But people have been knifed to death in my neighbourhood, gangs of crack dealers hang out every night unharassed on my street corner, and prostitutes walk up and down my street. And I ignore the ones who sneak into our lobby to warm up from the cold... I know they have little choice.

I've lost more than a few dollars to people who have held a knife to me.

It's not a very racist area, but it sits adjacent to a poor area, and I will say that the poorest of the poor are all visible minorities, and I accept that they are doing what they have to do to get by. Or doing what they can to earn some power or freedom.

But it certainly does not mean that lowering entry requirements for them at the expense of their peers will earn them any respect. It will only make things look good "on paper."

Besides, that's using discrimination as a justification to discriminate. Which if you believe in that... ok, I won't be voting for you if you run for mayor.

It might still be "as secure as RSA" (1)

pirkka (4031) | more than 15 years ago | (#2041904)

Even though we do not know how secure RSA is we might be able to prove something else to be as secure.

Not that I know anything of this particular subject but in general it's possible.


Proof (1)

drig (5119) | more than 15 years ago | (#2041908)

You can prove that cracking RSA is as difficult as factoring the product of two large primes. It is entirely possible that this algorithm is also based on that problem. Thus, you could prove this is as tough as RSA.

Has she patented it yet? :-) (1)

edgy (5399) | more than 15 years ago | (#2041909)

I hope she doesn't patent it. Really.

Ask her to opensource it (1)

Julian Morrison (5575) | more than 15 years ago | (#2041910)

I wonder if there's any way to contact her and persuade her to opensource it, before the corporate vultures snap this algorithm up and make it proprietary?

warning: dangerous pun content (1)

hobbit (5915) | more than 15 years ago | (#2041911)

You mean a one-time Paddy?

Snake Oil. Be skeptical. Be very skeptical. (1)

MikeCamel (6264) | more than 15 years ago | (#2041912)

30 minutes - she's using NT, right?

It won the Irish Young Scientist's Compo (2)

Quark (6774) | more than 15 years ago | (#2041913)

The algorithm in question won first prize at the Irish Young Scientist's Exhibition, which is an annual contest in which secondary school students (12-18 years old) exhibit science projects. Last year, the same student came second with another crypto project, and represented Ireland at the Intel Science Competition in the US. The part about the judges not being able to understand the project is true. The judges had to get in a crypto expert to validate the project.

I don't know any details about the algorithm itself, cos I never got a chance to attend. Bugger....


Skeptical (2)

Elessar (8997) | more than 15 years ago | (#2041922)

Hmm.... I'm very skeptical of this. I certainly wouldn't trust any new encryption algorithm until it has been hammered at for a good few years by some cryptanalysis experts. Some pretty intelligent people have proposed new algorithms over the years only to have them exposed as totally vulnerable shortly afterwards.

In short - don't trust it (yet).

Missing the point (1)

smashie (10166) | more than 15 years ago | (#2041927)

The whole point of a slow algorythm is that someone can't churn through all the possible key combinations in a short space of time.

I guess some people never stop optimising :)

Hmmmmmmmmm (1)

PureFiction (10256) | more than 15 years ago | (#2041928)

I would still prefer my 448 bit Blowfish cypher.

Wonder if I can patent x=f(y,z) (1)

The Dodger (10689) | more than 15 years ago | (#2041930)

You get pissed on five pints of Guinness? Lightweight.

An bhfuil aon duine in ann e seo a dtigmheail?

Wonder what the Gaeilge for "decrypt" is.

The Dodger

PS: Doesn't anyone else find this concept of patenting algorithms just slightly abhorrent? Or are my extreme hacker tendecies ("INFORMATION WANTS TO BE FREE!!!") coming to the fore again?

Caption of the picture (1)

K. (10774) | more than 15 years ago | (#2041933)

The competition she won was a general science one, and one with a strong emphasis on observational sciences, so I wouldn't be surprised if the judges weren't able to understand her code.[1] It's still a very impressive achievement, especially considering the pretty weak amount of CS taught in our secondary schools.

But of course, it doesn't amount to much in the real world until hardcore crypto people have hammered at it for a while.

[1]The cynical view is that since the sponsorship for the competition was recently taken over by a telecom company, there may be an element of "Anything But Biology" in their choice of winner.

hmm? (0)

saturated (11469) | more than 15 years ago | (#2041940)

anyone know if she is single :) yummy! me loves smart young girls :)

matrices.. man, brings back memories.. we tried something similar in encryption in college but it never panned out so we wrote a cheap compression algo that did nothing but looked like it did..


Patent & contribute to Free/OSS (1)

vovin (12759) | more than 15 years ago | (#2041944)

The best scenario for Free/OSS is that this is true, and that she isn't interested in the profits of this patent. Then she could patent this algorithm, using The League for Programming Freedom [] This would add a patent to the pool we will need, not that software can be patented.

Would be nice if someone let her know her options.

I can't believe it (1)

cvoid (13211) | more than 15 years ago | (#2041946)

Well, I think that her discovery was simply a different approach. This happens ALL THE TIME in scientific research. Sometimes you can't see the forest from the trees when you are buried. It sometimes takes someone without any experience to try something no one else has even considered. So I will give her the benefit of the doubt, for the time being.

After all, the CRC tables [Chemical Rubber Corp book of tables] had to be recalculated in the seventies when a 14 year old discovered they were all wrong.

If it's faster, isn't it LESS secure? (1)

jimduchek (13246) | more than 15 years ago | (#2041947)

It seems to me that if it encrypts in 1/30th the
time (although THAT part of the story reeks of
male cow excrement), it would take 1/30th of the
time to crack it using a brute-force technique? Anyway, until I see the algorithm, I aint gonna
use it :)

Huh? (1)

Papa (13862) | more than 15 years ago | (#2041948)

Do you have an example of companies stealing an algorithm by patented already-copyrighted formulae? The only examples of patented algorithms I know of are ones that are kept from public use.


The full story...? (1)

SlowarisGod (14000) | more than 15 years ago | (#2041949)

So wouldn't this indicate a possable vunerability to a chosen plain text attack ?

Hopefully (1)

Artemis (14122) | more than 15 years ago | (#2041950)

I hope this is really something that's true, and not just crap. If it's true, it might actually be something useful, but the government will probably rape it anyways if it is.

Force Recon Half-Life TC: Check it out []

Am I just supposed take her word on it? (1)

John Hays (14371) | more than 15 years ago | (#2041951)

Poor article. It gives us a lot of fluff without any hard questions. It appeals to the authority of her father, the Math prof, as guarentee to the algo's security. It implies that speed, not government paranoia, is what's keeping cypto out of the mainstream.

How do you prove an algo is as secure as RSA with out years of cryptoanalysis by recognized experts? Actually, no cryptographic algorithm is proven secure. They just haven't found a feasible attack.

I like the caption, "The prize judges could not completely understand the "brilliant" code." But the awarded the prize anyway.

The full story. (1)

William Whyte (14374) | more than 15 years ago | (#2041952)


This is a copy of a mail I sent to the UK Crypto mailing list earlier today about this story. Sorry in advance for the long sig, but I'm writing in an official capacity.

As far as the patents go, the algorithm is based on ideas of ours and so she and we would have to talk about legal issues before we made any move in that direction. Baltimore is very aware, though, of how hard it would actually be to make any money off a public-key algorithm, given that RSA and DSA/DH are more-or-less hard-wired into the standards, and given that (for understandable reasons) the Internet community is wary of crypto algorithms that have licensing issues associated with them.


================================================ =

The algorithm that Sarah won the Young Scientist Competition with is based on work that Sarah did in Baltimore when
she was here on a student work placement last March. We've been
looking at algorithms based on 2x2 matrices for a while and
gave her the idea to see what she could do with it.

The idea we were working on was to use 2x2 matrices with entries
modulo n, n the product of 2 primes (ie an RSA number). The
security is therefore exactly the same as the security of an RSA key with
the same modulus. However, the encryption and decryption processes
require only a small number of matrix multiplications rather than
modular exponentiation, so both public-key operations (16 multiplications
over the finite field) and private-key operations are as fast as a
normal RSA private-key operation (17 multiplications). The downside
is that both the key and the ciphertext are about eight times the
length of the modulus, rather than more-or-less the length of the
modulus as with RSA.

That was our idea, anyway. I haven't had time to look at Sarah's
project in great detail so I don't know how far (or even whether)
she's taken it beyond where we had it.

Sarah, by the way, is level-headed enough to know that new public-key
algorithms only made you millions if you invented them in the Seventies.
Her real problem is trying to stop the journalists talking up the
stupid parts of the story while still emphasising that there's a real
story in there.



================================================ =============================

William Whyte, Senior Cryptographer, Baltimore-Zergo

Zergo & Baltimore Technologies merge in $55m deal !
The new company name will be "Baltimore"

See Baltimore at Stands 235 & 425
RSA Data Security Conference, 17-21 Jan '99

Baltimore Ltd, IFSC House, International Financial Services Centre,
Custom House Quay, Dublin 1, Ireland.
Tel. +353 1 605 4399 Fax. +353 1 605 4388
Baltimore - Global e-Security

Caption of the picture (1)

William Whyte (14374) | more than 15 years ago | (#2041953)

The word "brilliant" was a direct quote from the judges. That's why it was in inverted commas.


In best Banky Chasing Amy voice: (0)

Alex_4.0 (14376) | more than 15 years ago | (#2041954)

What's an algorithm?

Algorithm (1)

Booma (14389) | more than 15 years ago | (#2041956)

Apparently she developed this as a science project (which she won) and is entering it into the european young scientist comp. It is said that she has considered patenting it but is more inclined to publish. Read it in the times today.

get a realdoll (1)

dangerboy (95056) | more than 15 years ago | (#2041958)

..or better yet, a realhamster
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?