Monday, September 16, 2013

response to a question about the NSA

What would you do if someone you do not know at all asks you a question
by email about NSA? If they invoke our responsibility to the future of humanity, which I take quite seriously?

So here below is what they asked, and my reply. But -- I do not claim any kind of infallibility here. I do not have "the answers." I do feel a lot of faith that no one living in this cosmos is infallible. I have worked some things out to some kind of logical conclusion, but not these issues.

So... first I post the questions and my response, and then a few comments on infallibility at the end.

But oops -- suddenly the google blog system won't let me copy anything but his first question.
I start to feel like those Mayan peasants who believe in "alley-ooshas."
Knowing how to bypass things, without understanding them... I will compromise by posting just the first round...

========
===========
His first question:

Due to a lack of certainty about the extent of calculations NSA might be
capable of, one might be tempted to attempt using a mathematical algorithm
(a la pi, which is non-repeating) to thwart decryption.

However, it is possible to agree (between 2 communicating parties, ahead of
time, and not in electronic form) on an algorithm (method or base, rather
than an "algorithm", which would suggest a mechanically produced sequence)
that is not repeating, and has no calculable solutions, hence rendering
decryption impossible (in principle and practice).

It seems to me impossible that people as smart as the large countries (USA,
Russia, etc.) would not be aware of this. Hence, I think they are purposely
keeping the conversation within the bounds of what they can decrypt. Quite
simply, if there isn't any systematic relationship between the input and the
output (unless you know the non-systematic algorithm, which could be random
and non-repeating, and near-infinitely long), then you could never decipher
the message.

I can easily tell you what you could use as a base for a non-repeating and
non-decypherable  mechanism.  But at that time, a bunch of undesirables will
read and get a hold of it at the same time. What do you think?

By the way, the clock is ticking...

The USA has about 30 years to get on board. After that, things are pretty
fluid. Luckily, the Chinese are pretty stupid (do not take me for a bigot),
and it might take them upwards of 50 years to catch up to the US.

But they might undergo a cultural transformation, and become a veritable
competition sooner. In the meantime, the best bet is for the USA to enable
the largest number of US citizens to be really well educated and well off
(i.e. not just the proverbial one percent.)

What do you think?

==================
================

My reply:

What do I think?

Today I am thinking about how to get past hangups people have, preventing them from understanding
even the most elementary quantum reality. How to make the arithmetic simple enough, yet interesting?

But... you are asking what I think about various encryption ideas. And what have people caught on to?

I would speculate that NSA would want the maximum possible security of all US communications (especially sensitive ones
where tampering could cause physical damage to the US), subject to the constraint that they and only they can
monitor it all.

But there are difficulties in achieving that goal, and others pursue different goals -- such as many who seek absolute privacy without NSA being able to drop in.

I do discuss these things a bit with my wife and teenage son, when they get deep into it and they put up with just a little 
comment from me. (I am not the prime mover in these discussions!). They suggest that almost all the encryption
systems of major providers may have special backdoors put in for NSA access, and that the government is working very hard to
minimize the small exceptions -- use of which is already a flag to NSA. 

Myself -- I put a bit more mental energy into how to understand what killed my last Imac computer.
I thought that Imac had a solid, verified "ring bracket" operating system, similar to the well-designed modular
architecture of Multics, the computer I used for my PhD thesis. Hence, unbreakable without "insider attack."
But killer versus appeared... about three of them.. like Maccontrol... and it seemed possible that the devastating "hard drive failure" I experienced a year ago may have actually been due to one of those viruses. I did what web search I could... and was aghast at the superficial understanding of most "security experts" (not even knowing what a backdoor is!!)... but did get the impression that discovery of the backdoors in the operating system was what explained the ability of the viruses to cause problems. At first, I speculated that the death of Steve Jobs might have resulted in NSA or FBI persuading Apple to insert the backdoors, but when I checked this, it seemed that the backdoors came earlier.

After that death by POSSIBLE virus by backdoor... I did momentarily consider shifting to secure SE-Linux based system..
but did not feel that the benefits outweighed the liabilities for me. Still, for sensitive physical infrastructure,
for which failure could even mean mass death, I believe that the time has come to deploy seriously unbreakable operating systems without backdoors, under well-managed conditions.  When NSS filed nss.org/itar with the State Department, I even
sent along a personal filing urging them to consider such possibilities.

Also -- absolute unbreakability is not ALWAYS a threat to the goals of NSA; for example, in US government agencies
(leaving aside the insider issue, which I am no expert on), NSA access and unbreakability may be consistent,
and desirable in today's world.

---
This does begin to segue into the insider issue: qui costodet custodes? Not just versus low-level folks
like Snowden, but vis-a-vis high level moles (such as Cheney friends as depicted in Orson Scott Card's novels on Empire)?

My inner "pay grade" is not so low in some ways, but this does begin to get into areas where it is
well above mine at this point. For the moment, when I am not just engaged in reactive  behavior,
or trying to improve relations with family, I mainly think about "the little things in life" -- electrons and photons.


===============
===============

Infallibility...

Mind as we know it ... to be honest.. is based on approximate dynamic programming. Really.
No time for euphemisms or BS this morning. It is a great chain of approximation. It is also a lot
like a hall of mirrors, as one thing approximates another, and reflects or articulates another..
It reminds me a lot of some ancient words I once heard from the mystics about being giving rise to reflection,
and life as we know it being based on reflection... roughly... Of course, approximations
vary a lot in quality and depth... but at no level are they infallible.

But what about the universe itself? If the universe solves aHamilton-Jacobi (an exact optimization equation,
without stochastic terms or uncertainty or approximation), could we imagine that the universe itself
is infallible? But -- what does the universe "want", if so?

It's funny... I just finished reading a science fiction the Long Earth (Pratchett/Baxter) which I may recommend back to Joshua... which has questions like that embedded within in, if you look closely.

BUT... in yesterday's physics, the mathematics look more like minmax or saddle point than
true Lagrange-styly optimization. So is the universe itself sort of manic-depressive, with life as we know it nothing but chaos or convulsion resulting form the intersection of two conflicting ... "perfect actors"?
The math is real; the words are just ways to try to understand what it really tells us. 

But... today I will focus on much simpler math, and simpler daily tasks which are more complex than I would like...

And of course, I saw no need to get explicit about various levels of math for the cybersecurity area.

Best of luck,

     Paul


No comments:

Post a Comment