IKIBLOGKU

Alex: Even though it turns out in the end that there was no real unbreakable code, the reader (and a bunch of cryptography experts in the story) are supposed to believe in it at least for a while, but it makes no sense as described. The existence of the unbreakable code is confirmed when the NSA’s super-powerful computer is unable to decode a sample message that the genius gave them. They don’t seem to consider the possibility that he just gave them a garbled mess which cannot be decrypted. If they are so easily convinced, it would be very easy to blackmail the NSA. Moreover, the explanation of how the unbreakable code works either makes no sense or is beyond me. I don’t see how it could ever be decoded, making it useless.

Igor Fedchunov: can you imagine a (super)computer blasting because of overheating due to cooling malfunction? Oh, boy! Ok, let go straight to the crown jewel: we have got a foolproof encryption algorithm. Everyone wants to see it. But its description is encrypted! Great! Its encryption employs THAT algorithm, and you will never know the algorithm’s sectrets unless you have the key…. wait a minute! When you enter the key - the encrypted file will open up, and THAT means that there is a program there that takes the key and makes the decryption - so we can look at the program code and get the algorithm from there ! One does not have to decrypt the file to get the algorithm !

And the last straw - in author’s view a 64-bit key is represented by 64 character string. AND it is implied that it is NOT a binary string. Now that is really gross. Probably the author did not do ANY research for his so-called-book. That’s why I would call this book a [EXPLETIVE DELETED].

T. Rall: The idea that a computer can brute force any encrypted text, without knowing the algorithm used, is absurd. Yes, they can brute force keys for known algorithms, but not for unknown algorithms.

Michael S: Like all other books from Dan Brown, this is quite an suspending thriller, with some unexpected turns, but if you want to learn something about cryptography without reading a math book, Simon Singh or even Edgar Allan Poe is definitely a better read.

Almost any information about cryptograhy given in the book is a bit screwed up. Most notably i think is, that there IS a simple unbreakable code, which is known since quite a while, the so called “one time pad”. You just need a true random (dice, quantom noise…) sequence as key, that is at least as long as your text. Then you xor or modulo add your text with this key. The point is, that because the key is longer (or as long as) the text, there are as many possibilites for keys as there are for plain texts, so you will get every possible plain text with the given length when brute forcing the key (everything from AAAAAAAA..ZZZZZZZZ). And you don’t know which one is right! Of course, you must use such a key only once, so a lot of key material must be exchanged.

The second thing is, that time for breaking a code usually doesn’t grow linearly with key length, as suggested in the book, but exponentially. An old 64-bit (actually 56-bit) DES can be broken with 10,000 PCs within 24 hours, but even if you would turn every single electron of the whole Earth in a computer that can do one AES-256 decryption and plain text evaluation per attosecond, it would still take a day do brute force an AES-256 encrypted text. Brute forcing a 512-bit (symmetric encoding) key is already well beyond the cosmologic limit, meaning that even if the whole universe would do nothing than breaking this code for as long as it lasts, it couldn’t do it. So such a code can be considered “practically safe”. Unless the quantum computer guys make progress (which I doubt). And unless there is some backdoor. And this is the one thing Dan Brown got right about cryptography: Never use a code you suspect or know having a back door!

P.S.: For asymmetric encryption ( PGP… ) brute forcing time does also rise exponentially with key length, but not quite as steep as with symmetric encryption. For this reason key length between 1024 and 4096 bits are used there, while 256 bits key length is assumed to be sufficient for symmetric encryption.

Anonymous: It says in the book that the encryption uses ‘mutation strings’ which I’m pretty sure were made up for the story. This is how he explains the code being unbreakable, we are supposed to assume that the code evolves and changes its own algorithm with time.

Alex: Coming up with a way to turn plain text into unintelligble garbage is not a “code”…there has to be some way to turn it back into the original message. If the thing that makes the code “unbreakable” is that the code itself changes unpredictably from moment to moment, then I cannot imagine how anyone could ever decode a message that had been “encoded” in this way.

Marco Polo: It would seem that almost everyone has missed the point of the story. There was no code. Tankado used to work at NSA. He was considered one of the best programmers at the NSA. He was fired from the NSA. He knew Strathmore’s curiosity would get the best of him. He also knew of the filters built-in to TRANSLTR. Tankado tricked Strathmore into bypassing the filters (remember the mutation strings - he emailed himself to say that mutation strings were the key to success).

Strathmore had to know for himself that TRANSLTR could not break the “code” so he bypassed the filters enabling the “worm” to wreak havoc with TRANSLTR. Because TRANSLTR wasn’t really “stumped” cracking the code, and the security guard shorted the electrical system, the auxilliary power wasn’t sufficient to power the freon cooling system, TRANSLTR overheated allowing the worm to infect the NSA database. The pass key wasn’t the decryption for a code, there was no code. The pass key was an abort for the worm. The mutation strings were the key alright…the key to Tankado opening the NSA database to everyone in the world exposing that they were snooping. This is the main point of the story, not the mathematical accuracy of encryption/decryption schemes.

Emile: On page 29 of my copy, the book had totally destroyed my ability to suspend disbelief. It says the NSA machine can check 30 million keys per second, that it’s been working on this code for 15h:09m:33s and that therefore the key would have to be “over ten billion digits long.”

30⁶ keys per sec works out to: (30*10⁶)*60*60*16 = 1728000000000 keys in 16 hours

2⁶⁴ = 18446744073709551616.

So even giving Mr. Brown the benefit of the doubt, and assuming he is confusing digits and bits here as he does elsewhere, this machine couldn’t even brute force a single 64 bit key in 16 hours, let alone a billion bit key. I don’t expect perfect math or science from my fiction, but if it’s technical fiction I’d at least like the basic premise to be within the realm of sensibility.

I gave the mathematical content rating a 3 because it is definitly a main theme, but almost all the math actually in the book is wrong!

Obviously, if everything else about the book was great and the author just happened to be math challenged it would rate better than a 1 in quality. But it reads like a romance novel! I don’t understand what it is that people love in this book. Nor do I understand why it has not yet been made into a major motion picture; the studios wouldn’t even have to dumb it down.

Owen: I consider myself to be quite knowledgeable on cryptography, and I have never heard of anything called Bergofsky’s Principle. OK, maybe I just never heard of it and it exists, but if it does, it’s wrong. If Dan Brown had done even a little research, he would have discovered the one-time pad, a cipher that cannot be broken simply because given a ciphertext, any plaintext of the same length is a possible decryption of it.

I know that NSA is capable of building an uber-brute-force machine (they probably already have a DES one), but I think the speed claimed by Brown is unrealistic, even for the NSA. Also, as other readers have pointed out, all the math of that (TRANSLTR’s speed vs. the time it takes to decrypt things) is wrong. And of course the idea that it could brute-force a key without knowing the algorithm is completely ridiculous. Not even the NSA can get around not knowing the algorithm a ciphertext is encrypted with. You’ve got to have an algorithm to try brute-forced keys in.

Also, the cipher used for the final puzzle (the prime difference one) and for the page-number puzzle is not called the Caesar Square. It’s just a column transposition cipher.

A couple of factual errors regarding public key crypto: the first one is just a little nitpick. Brown says that to decrypt a message encrypted under a PKC algorithm, you need to enter the sender’s pass-key. You need to enter YOUR pass-key, the partner of the key the sender encrypted the message with…duh, obvious mistake. Another, more important factual error is that PKC was not invented by entrepreneurial programmers seeking a way to keep email more secure. It was invented in secret by the British equivalent of NSA, then independently reinvented by the now-famous RSA - Rivest, Shamir and Adleman. Or, if you prefer, it was reinvented by Diffie, Hellman and Merkle.

However, I think that Digital Fortress did an excellent job of representing both sides of the battle over digital privacy. On the one hand, you’ve got NSA saying that they only use their near-limitless powers to protect national security, and that they need unrestricted access in order to fulfill their duty. On the other hand, you’ve got EFF and other civil rights groups claiming that everyone has the right to privacy and if that means unbreakable (even by the NSA) encryption, so be it. Before reading Digital Fortress, I couldn’t choose a side. After reading it, I still can’t choose a side. At least Brown wasn’t blatantly biased (although I detected a hint of pro-NSA bias).

Bruce Bailey: I feel fortunate that I didn’t read Digital Fortress until after you reformatted this thread! I went looking for others opinions after I finished. I am out of the habit of reading science fiction, so this was my first leisure book in quite some time. I picked it up because of the math potential and Dan Brown’s recent reputation

I found it to be an entertaining read, but I gather from other’s comments that this is partly because this was my first Dan Brown book. The thing that irritated me the most early on (Tankado not finding a partner who was equally moral) was nicely resolved, so I am glad I stuck with the book. I agree with others that the end was climax was needless drawn out.

The early chapters hinted at more math, and I was quite disappointed with this aspect. At the very least I expected a gibberish pseudoscientific explanation of how TRANSLTR did its magic. I was disappointed that Dan Brown invented SkipJack rather than making references to a “secret background” to the very real Clipper Chip. These too things made my “willful suspension of disbelief” very difficult. [Note: See anonymous reply below. -ak]

I was also certain that the code being inscribed on a ring would utilize topology. Surely, would not the key to “cyclic cleartext” depend upon a phrase with no clear beginning and end? This was certainly an opportunity lost, although I had no idea how Dan Brown would resolve the problem!

Anonymous: Bruce Bailey’s assertion that Dan Brown made up Skipjack rather than referring to the “real” Clipper chip is incorrect. Skipjack is the name of the cryptographic algorithm that was designed to be used in the Clipper chip. The details of the Skipjack algorithm are secret, though not because revealing the algorithm would compromise its encryption. The reason that it is secret is that revealing the algorithm would allow implementation without the key-escrow functionality which would allow law enforcement a back-door.

[Click here for a] reprint of a report reviewing the Skipjack algorithm.

Sean: I agree with most that the mathematics, cryptography, and internet/communications themes felt poorly researched and bordered at times on ludicrous. The first ten chapters were particularly painful, making the book difficult to start and the suspension of disbelief even harder. As with all of Dan Brown’s books, however, it was one heck of a page-turner.

To those who, like me, were disastisfied with the math and technology: a word of caution. While confusing bits and characters is a foolish mistake easily remedied by a bit of research, readers should bear in mind the publication date before posting. One of your commentors, for example, suggested Brown should have researched the NSA website. I can’t find a record of one prior to March 2000, besides which do we really think the information there today existed in the mid 90’s when Brown likely researched the book?

Tom C.: The question that kept running through my mind as soon as it was mentioned (and if you think about it turned out to be key) is what practical value is “rotating clear code”? If it keeps changing it has no “clear meaning”. Also if it were encrypted so well why did “The Gauntlet” recognize it right away as mutation strings? One more question: Do the numbers on in light print on the title page of the book have any significance or are they simply decorative or a decoy? Things that make you go Hmmmmm…

Andrew: I have seen many peoples comments on the “unbreakable code”. There is actually a very old method for doing this that is impossible to solve… use a book. Take a random book and use numbers to represent pages, paragraphs and word number, or simply word number. This is a method that was brought up in my high school algebra class, I was told that there are many encrypted messages that stand to this day. The advantage is that you need even more that the book, you need to know the edition as well. The words that are repeated can be taken from different pages meaning that repetition of words doesn’t help decode it. Simple, easy way to encode a message and impossible to decode without the book.

Taka: I have some guess, although I’m not quite sure. It might be a five story pagoda. The tall, photogenic pagodas often make their way to touristic pictures. Not every temple in Kyoto, not even among the very big ones, has a pagoda. But those touristic photos might give false impressions to those who grew up in the west and have never been to Kyoto (except perhaps a short touristic visit).

Indeed, the author might not be very familiar with Japanese culture. E.g., he said Haiku is written in 3 lines, but in Japanese it is much more common to write a Haiku in 1 line.

Rene: In the meantime I have made some searches, and found a website about Japanese garden. It said that in the Zen garden of the Ryoan-ji temple in Kyoto, stone groups are arranged following the “7-5-3 proportions of Shichigosan” (which is an archaic number range with old Chinese origins). What I don’t know, if this is applicable to every temple of Kyoto.

I then made a search about Shichigosan in relationship with Japanese temples and shrines, and found the following on Wikipedia: “Shichigosan (literally “seven-five-three”) is a traditional festival day in Japan for children aged three, five and seven. It is on the fifteenth of November. Children who are aged three, five and seven will go to a shrine to drive out evil spirits. Old Japanese thought that on the age of odd number years, which is up to thirteen, something important would happen to the child. Today, boys who are aged three and five, girls who are aged three and seven will dress up in kimonos and have fun. They will eat chitoseame, which is a kind of candy, and wish to have a long happy life.”

Taka: I didn’t know of the 7-5-3 proportions in the stone garden of Ryoanji, and I know nothing about the compositions in Japanese gardens, but any such rules you see there may be of technical or artistic nature rather than of religious or philosophical nature. I mean, such rules may have very likely been to make it easy for the gardeners (or architects) to design and create the garden. In the visual art and music, artists often follow rules or theories. Without rules, it’s hard for artists to create and for people to appreciate. For instance, Schoenberg’s works from his “really atonal” period (after he left the old world of tonal music and before he established the Dodecaphonie or twelve tone music) were made without rules, if I understand it correctly. They must have been hard for him to compose, and they turned out to be hard for us to appreciate.

And even if there is something real in the garden’s 7-5-3 proportion, it’s hard for me to believe that there is any relation of it to our tradition of celebrating kids of ages 7, 5 and 3 in November. First, in this shichi(7)-go(5)-san(3) event, we bring kids to shinto shrines, rather than buddhist temples. Second, stone gardens are only in those minimalistic zen temples and thus give me an impression that they are very special. (In most of Japanese gardens in temples, you see trees and water (waterfalls, ponds, etc) besides pieces of rock.) Zen buddhism belongs to samurai culture. On the other hand, I may be wrong but my impression is that the shichi-go-san event seems to be a people’s tradition. They differ as much as noble, court music and profane, folk music. I don’t mean the latter is lower (I don’t really — as a big fan of Bartok, I believe folk music can have very high artistic values and can be real treasure of human history), but they are different.

I may be really wrong. Born and grown up in Japan doesn’t mean I have any authority to answer his question. It’s just what I think. Just my two cents and no more.