Jeff Moser has a clear, fascinating enumeration of all the incredible math stuff that happens between a server and your browser when you click on an HTTPS link and open a secure connection to a remote end. It's one of the most important (and least understood) parts of the technical functioning of the Internet.
People sometimes wonder if math has any relevance to programming. Certificates give a very practical example of applied math. Amazon's certificate tells us that we should use the RSA algorithm to check the signature. RSA was created in the 1970's by MIT professors Ron *R*ivest, Adi *S*hamir, and Len *A*dleman who found a clever way to combine ideas spanning 2000 years of math development to come up with a beautifully simple algorithm:
You pick two huge prime numbers "p" and "q." Multiply them to get "n = p*q." Next, you pick a small public exponent "e" which is the "encryption exponent" and a specially crafted inverse of "e" called "d" as the "decryption exponent." You then make "n" and "e" public and keep "d" as secret as you possibly can and then throw away "p" and "q" (or keep them as secret as "d"). It's really important to remember that "e" and "d" are inverses of each other.
Now, if you have some message, you just need to interpret its bytes as a number "M." If you want to "encrypt" a message to create a "ciphertext", you'd calculate:
C ≡ Me (mod n)
This means that you multiply "M" by itself "e" times. The "mod n" means that we only take the remainder (e.g. "modulus") when dividing by "n." For example, 11 AM + 3 hours ≡ 2 (PM) (mod 12 hours). The recipient knows "d" which allows them to invert the message to recover the original message:
Cd ≡ (Me)d ≡ Me*d ≡ M1 ≡ M (mod n)
The First Few Milliseconds of an HTTPS Connection
(via O'Reilly Radar)
A new research report from Citizenlab painstaking traces the origins of a series of sophisticated hacking attacks launched at Rori Donaghy, a UK journalist for Middle East Eye who founded the Emirates Center for Human Rights, which reports critically on the autocratic regime that runs the UAE, and 27 other targets.
Big telcos and cable operators demand the right to impose data caps that punish their most enthusiastic customers for using too much Internet (with exceptions to the caps made for services that have paid bribes for “preferred carriage” of course), and they say that it’s simple economics: if you use up more of a service, […]
Many years ago, EFF co-founder John Gilmore and I were discussing the prevalence of botnets, which are commonly used to launch distributed denial of service (DDoS) attacks that overwhelm websites with floods of traffic; John said that if the botnets were really on the rise at the reported rate, we should expect to see a […]
We’d all love a 75-inch TV screen on which to view our favorite shows. But not all of us can drop the cash needed to get one of those broadcasting beauties (or even have the space needed to house them).Thankfully, there’s an alternative. With the SainSonic Mini LED Portable Projector (only $59.99 in the Boing Boing Store), you can project a picture […]
If you want to add some real firepower to your programming repertoire, learn Java–one of the most adaptable, widely-used programming platforms around. You can easily do that with this Ultimate Java bundle, now just $69 in the Boing Boing Store.Across 14 lectures and 117 hours of content, the educators at online academy eduCBA will walk you through […]
Every company wants to harness the power of social media, but few understand how to make that happen. Be one of those select few with this Social Media Marketing Course & Certification package, now just $29 in the Boing Boing Store.Over 12 modules of course material, you’ll learn what it takes to increase a brand’s […]