Songs of the Universe

Here we discuss various aspects of encryption keys. These fall into two broad groups: Public Keys and Private Keys. Both are in popular use in the commercial world today. You use them both whenever you purchase something over the Internet.

The Secure Socket Layer is the system used to make financial and other secure transactions over the Internet. The SSL makes use of Digital Certificates to authenticate the users, RSA's Public Key Encryption to establish the connection and then the Private Key RC4 streaming cipher to actually make the transaction.

Private Key Encryption

The Public Key

In a public key system, two different keys are used. One is used to encipher the message and the other is used to decipher it. The two are not the same, and knowing one will not allow you to figure out the other. So the CD company publishes their public key, and anybody, including us can use it to encipher our credit card info and then send it to them, knowing it will be safe.

The CD company can decipher our message using their private key, which only they know, and then send us our CD's.

This kind of system is known as an Asymmetrical or one-way system, because each key only goes one direction.

All public key systems are asymmetrical. This is because if we gave out a key that could both encipher and decipher, it would not be very secure.

These two key systems are in widespread use today in many applications. When you make a secure purchase over the internet, you are using a system called SSL (Secure Socket Layer), but internally, this system relies on a public key system called RSA. RSA is a public key system that is used to make the secure connection and verify the two parties. Internally, RSA relies on another, faster system called RC4. This system is a private key system which uses a 128 bit (32 character) key.

More on Keys

We need to just mention a key system here called the One-Time Pad. This was originally a pad of paper like a note pad containing pages of scrambled letters and numbers. Each page was one key, and after the key was used, the page was torn out and destroyed. The modern equivalent is a Key Library. This also happens to be the only key system that has never been broken, and it has been in use for around 100 years.

As we stated earlier, using the same key over and over can lead to trouble. Patterns begin to show in the messages, and computers are excellent at identifying these patterns.

The advantage of using a key only once is that you deny your enemies time to crack your code because you have thrown the key away. This forces the bad guys to crack every message or file on your computer separately, starting from scratch, since each was encrypted with a different key. It takes huge amounts of time and / or computing power to crack even one message.

One problem with Public Key systems is that you cannot keep changing the key every time you feel like it. Once you establish a key, you are stuck with it. Although very secure, these keys are very large and difficult to produce. This also makes them slow to encipher and decipher. For these reasons, they are usually used to establish secure connections using short messages.

This is how the Internet works. Once the Internet connection is established using the Public Key system, it switches to a Private Key system called RC4. RC4 is also the encryption system used by Songs of the Universe.

In Private key systems the keys can be changed rapidly and encryption / decryption is usually many times faster than with public key systems. Private keys are used when sending long and complicated messages.

Private keys are not better than public keys or vice versa. They simply have different uses. As you have seen, public keys are used when two companies or individuals who do not know each other must do business together. Private keys are used when either the two entities know each other, or after some mutual trust has been established, as over a secure Internet connection. Private key systems are also excellent for encrypting files on your computer network where several people might be sharing the same computers.

Random Numbers and Pseudo-random Numbers as Keys

In order to produce complex keys, most computers use a function called a 'Random Number Generator'. Actually, since the numbers are not truly random, so they are more accurately referred to as 'Pseudo-Random Numbers'. Their advantage is that they are fast and easy to produce. They also need a 'seed' number to get them started. Unfortunately, if you can guess the seed, you can crack the code, because the same seed will always produce the same series of numbers.

A better system is to use True Random Numbers, and the only sources of these numbers are natural: Radio emissions from the stars, thermal noise, radioactive decay and others. Songs of the Universe uses these sources to produce numbers which are then used to make up a Key Library, better known as the One-Time Pad.

Producing this 'random noise' sounds like a simple thing to do, however it is not. Collecting the data for our key libraries can be a slow process, especially for radioactive decay. Noise, or to us songs, from the various stars and galaxies around the universe is prone to interference from local sources - satellites, military communications and microwave transmissions and so on. We must test this data to assure that it contains no repeated or recognizable patterns.

Although difficult to produce, key systems using True Random Numbers and One-Time Pads are still the most secure systems ever devised.

OK, our next subject will be...

On Complexity and Cracking



Back to top...