 OK. Če pa to dobro. To je tuk. Što je tuk? Všem ročem, na različenje, vse je tuk, na 30 septem, na različenje, v Parisi, pripovodno je tuk. Na različenje vse je tuk. Vse je tuk, je tudi ovoje vsega tukaj do zelo v Franciju, a tukaj je vsega, kak je tukaj do zelo? To pa je vsega, in izsem je vsega, tudi tukaj, tako vsega je to težko, z titanik in tri leto agorizme, kaj Arise. Tako, so smo v Belenu, kongrescentu Belenu, Nr. Erz, Mikiwe, in v momentu smo v universtju 1. Všeč better. Češčo, da se nekaj zelo so bahaj, da je in nekaj, nekaj, nekaj, nekaj, nekaj. Zanimu, da se prišli, da se na vse se na vsega izgledi. Laj je ničo, naredil njih nekaj. Zato smo v Tienci in kultu. Kultu, robot, titanik, recen, faktorizacije, historije in vsega. Zato beginamo. Zato beginamo, tako je, mjelj je prav, da je dobro. Asi creeping by be something comment. Just don't say that everything you will see in this presentation, everything you will say is all copyrighted. We have the right for everything. We are not some bad hacker. All the name, brand, image are copyrighted. And we want to the thanks people allowed us to use the material so you have a name, esse. And thanks to them. And thanks to the Ocean Expedition, indeed. Zato smo nekaj prejmišljeni, vznikaj in tudi vsečče. Zato, vseče. Zato sem tudi prišličen, kako se tudi svoje spraveni. Zato sem vedno tudi svoje vseče. Vseč, tudi se je tudi prišličen, da je zelo s Davidem Semidem, je njem nasta daj. Mojem, ini sem ne tako nek��. Pedal sem maxem, sem znikam prejzor dva dnev pastera, zato imam neko lepo da spremljeni, bo njih dobl Lučke všom. So sem našo ljudi, zato implementedujmo o način in svih zašližov. I had nice pictures with some hair. I don't have hair anymore. OK. Maybe I can say that Jean-Jacques can maybe introduce himself, because it's better than me for this. OK. I did a lot of things... I am normally not there but I was teaching this week. I was the former head of the UCL crypto group In pa na Philipo, na svoj izgledaj. Vsih pa je, da smo vedno počiniti. Part 1, introlikt. Explenicij iz titul. Zato vse bo, da se prišli po vših, ko ima ljudi, da je zelo uživljena. Je mora. Da se več, da se prišli po vso svoj svoj, da je dobro, so pa nekaj, Peskel me kaj vse! carefully, and if you keep in mind what we are speaking about, when I will speak about Titanic, you will get the message. In case you don't get it, our professor will explain you better, it's going a bit faster. One remark, don't worry too much about the wall text, there are too many slides, too much text, we'll skip. All right. We're just speaking about Titanic, why Titanic, Tristit, tudi vsi vsi izgledati o Titanik, je ono 10, več nekaj vse vse vse vse vse vse vse. Ko KAKOLA, SEXPON, in nekaj vse vse vse, ki vsi vsi vse. Zabij smo o 3 letu algoritmi. 3 letu je ne v srbom, na čistih, ki so o kryptom in srbom, je a drža, srbom, svrbom, srbom, srbom, dva. Zelo v svojih familijah. In tudi ne znamenjamo presezjon in nekaj algoritm, ki smo prišli o generale. Zelo smo prišli v svojih slijde. To je dobro. Zelo smo prišli o problemem. Titanik je problem. Zelo smo tudi sveti, ki smo prišli, algorimi, ki se vzijemo in ki se vzijemo, kaj je problem. A da je to nekaj površen, je, da jih vzijemo in ki svojim, da se prišlo, da nekaj površen nekaj nekaj površen, da se vzijemo, ki se vzijemo, da se vzijemo. Kaj je Mr. David Samid, kaj je nesel, Tako, to še au površenje. V dalje poslepno nekaj. Tako. Now we speaking about run reverse, so for people we don't know who is run reverse, you can use Wikipedia, but he is one of the guy who invents RSA, one of the three guys, and he told us a few things about algorithmic, which is, I believe, interesting. He explained that factoring RSA could be easy, we don't know until now nobody did it, but he said it could be. He said something else, he said that to go to another system, it can be easy too, that something personally I'm not so agree, it's like people saying after the Titanic, because I'm still speaking about the Titanic, that Titanic could think it's true, everybody to survive, it was another story, it would be better if we would be prepared before. Agenda, the talk. We just did the introduction, it's done. We'll have a second part about Titanic. We'll have the pleasure to speak for this part. Then we'll have another part about crypto with conjuctur difficulties. Yes. That will be our point of view about nowadays crypto, and then we'll have the last part, will be maybe for people who still didn't get it, the mix of both. Why we use Titanic and why we can see that it's a lot of common points between these two. And of course you will have a nice conclusion at the end. Titanic, so that the part I will present to you, so it will be historical fact, after I leave you imagination to make it going with the topic. As we can see that the Titanic, I will not say nowadays, because this picture was taken 20 years ago by some Russian submarines, the first to discover the Titanic, another story. As we can see, the Titanic is not eternal. Right now we have some bacteria eating the metal, and depending of experts in 100 years it will be no more Titanic. Size matter. Titanic was a big boat. I said big, it was a huge boat. We can fit inside Titanic, a lot of things. They are coming, human. That's one human. You can see it here too. But we can put much more than human. One, two, three. We can put some car, some bus, or some Airbus. In fact we can put three Airbus. It was the biggest boat ever at this time. Nowadays we had Queen Marie II, which was bigger, but it's still the second biggest boat ever. For information, you don't have the image anymore, but for people who remind them, we can put four chimney. The last one was just for decorations. About the fact of Titanic. The fact, as you can see, it's a lot of numbers and a lot of huge numbers. One more time, it was the biggest ship in the world, and the more secure ship in the world. You have to know that all the best engineers worked a lot for making this ship, which was a special order, as the biggest and as the safest in the world. As in cryptology, we have ASR and others that I spoke before. Sister. Titanic had some sister too. He had two sisters, the Olympic. So here you can see for the second world war, it has this war painting, like it was difficult to see how fast it was. And we had the Britannik. Both of them sunk. Britannik on a mean, and Olympic by some attack of a submarine. So it's not only Titanic, but all Titanic sisters sunk too. Then on this story, we have another thing, an iceberg. What we have to know is the iceberg was here before the Titanic. But as a patient is a virtue, iceberg was nicely waiting for the Titanic. So for two years, iceberg was making a nice term, and slowly going down, waiting for Titanic to come. You know the rest. Security precautions. Titanic must be the safest boat in the world. So engineer worked a lot to make a lot of precautions. First captain, we knew that it was an iceberg, took another route, he go more south. Unfortunately for him, the iceberg too. Second, they had the best radio at this time. It means that radio operator which can talk 600 kilometers abroad, which allows them to in fact reach the mainland. Then they had the best captain at this time. This captain would just make the first trip with Titanic, it was his last trip. It was his last trip, that's true, but it's supposed to be his last trip too, because it's supposed to be retired. It was the old captain which had a lot of experience. Then Titanic, like everything, had problem. Titanic received a lot of warning for other ship around that iceberg are around. But as Titanic was a huge boat, costing a lot of money, companies were supposed to make money too. That's how we live in. And the operator was not supposed to make all kind of communication we normally making on ship, but better to make communication for family and for rich clients. Hi, how it is on Titanic? Oh, it's good, we coming soon. Blah, blah, blah, blah, blah. So it was a priority, it was to make money with the telegraph. That was one other problem. Other problem is as you saw, Titanic has two sisters. So the crew supposed to be on Titanic at start wasn't the crew on Titanic when the Titanic sink because the crew was splitting between other boats. And then a bad condition. No binikula, that's something funny, but no way to see that a big iceberg is coming. Because binikula was in some case, and the only guy who had the key of the case was in another boat. Iceberg. Iceberg was a big iceberg too. For sure to get the big Titanic. 30 meters high. What we can know after for the collision is when Titanic hit the iceberg people don't feel it. It was not a big crash, it was not as you can see on the movie like everybody, like no, it was a small shock. So officer of course go to check but for them it was done, they hit and it was no damage. We can see that 20 minutes later they was under the sea. Then Yes. Number two. What interesting tool. The ship sank in two hours. On 2223 people 1,517 died. Live boats had only 1,078. So it means that some people died even with live boats. And by regulations the law 34 people of passenger were supposed to have a live boat. It was not the case, why? Because it was not very nice. Very attractive to see a lot of live boats. It takes a lot of place on reasons to put passengers there and to get more money. One, two, wait, no wait, question. Okay. You will wait a bit and I will answer you. Sorry. These organizations as we spoke before people fought for life jackets. Then when the Titanic hit the iceberg it was a bit panic when people begin to see that the ship is sinking. So captain make an order. Children on women first. People understand only children only women. So a lot of a lot of small ship for saving people were kind of empty because all children and all women left. But crew said it's only children and women. So problem of communications. Problem of signal because a new signal SOS that you all know was applied since two years. As I told you, the captain on the crew were kind of old. So they use the old CQD. So a lot of other boats didn't answer and didn't get it. They get problem with radio because they ask a lot of boats around to shut down their radio because it's made a jam for their personal transmissions which was important to get money again and that was these organizations. Around what happened around? Around when Titanic think it was couple boats. It was the California which was the nearest one. Unfortunately California had to switch off its radio because Titanic ask it's make jam. Please switch off your radio we have to make some passenger transmissions. So California wasn't aware of the problem of Titanic. It's pretty because it can save everybody. It was only 20 minutes away. We had Carpathia, two hours away. Carpathia was aware. We saved most of people. Then we have a lot of other boats. What's important and funny too it's Olympic. The sister of Titanic didn't move. When they receive the message they think that it's done. That they couldn't do anything. Some small story about Titanic. Some glitches. Captain Smith, not the same than in Matrix was the millionaire captain. Thanks for laughing. As I said he was the old captain that everybody well known in the world. Lot of passengers was waiting for him to be captain. They used to call him the millionaire captain because all which people really wanted to be on boats driving only by him. Another glitch is Titanic was delayed for six months because of preparation of a sister boat. It means if Titanic would leave six months ago Iceberg would not have time to reach him. And we don't have this catastrophe as we know. Then we have other things as the key as I already said and other stuff which was split into. We found Titanic after. You can even visit Titanic if you have lot of money with some submarine. Lot of people think that Titanic sank intact. It's not true. Because of the pressure Titanic split in two. The first we find Titanic was the US Navy. In fact US Navy lose two submarine so they send somebody to find these two submarines. Especially it was nuclear, propulsion submarine. But they said to everybody we send a boat on submarine to look for Titanic. In fact it was for looking for submarine. They find submarine and they find Titanic. If you want to know more about this submarine you can read some very nice book about the car 129 which is Russian submarine and you have all this story about this propulsion and everything. It's fascinating. Claim reactions. Titanic was built to not sink if four of his time compartments was full. Unfortunately five of them were full. And then is the domino effect. Because it begin to go down the water begin to go to other one and step by step Titanic sink. Think you on Titanic you can do it at home so you can rename your front Titanic synchronize it and sink Titanic or you can buy on eBay some kit. You put it on your tubes and it's kind of working. I tried my shower it was not perfect but I saw video it is working. Interesting character. Violet was very interesting because I think she is one survivor she is the most unlucky one. She gets three trips with the same company and three times the boat sink. The third one lot of people didn't wanted to travel with her they were right. We have Williams Williams interesting too because before going to the boat he said the boat will sink. Yes he did and he died. And we have Astor 4 which was the richest American guy last time. If we compare his money with Bill Gates now we had twice more money he died on the Titanic and people said but maybe it's a rumor that his last joke was I asked for ice on my whiskey but not so much. Believe it or not that's a true thing that we found and we find it funny so we share it with you 14 years before Titanic there was a book about some ship named Titan who was same unthinkable kind of as big on his book it sink and people died and that's true that 14 years ago Titanic did kind of the same it have nothing to do together but we find it funny so we share it with you. And then last thing about Titanic and then you will know everything about Titanic it's in few days it will be the 100th anniversary of Titanic and if you are rich enough you can visit it with deep ocean expeditions which can rent this it can be two of you and you can go to visit the Titanic so if you listen me enough and if you try to put what I said and change Titanic by cryptology get an idea of what we going to speak now if you don't we will repeat it for you. Thank you so we continue with the part 3 about cryptography with contract complexity so you see that it's related to the conference ok continue well next year is the year of Titanic yes maybe but it's also the year of Turing and Turing did a lot of things including the cryptanalysis of the enigma ok and here maybe it's time to record the cac of principle security must be only based on the secret of the key and it's also the so called the Shannon's Maxim the enemy knows the system but what about today's we need secure hardware we need secure primitive based on conjectures and for instance strong difficult strongly difficult factorization so maybe we need to set a new principle you see that not only the key we need to secure but many things so cryptography, cryptology is changing well you know a little bit RSA here is the algorithm here are the inventor including RMS and so you know that factorization of n or the use of composite number allows to mkd ks n and so on ok so we are in for factorization and discret clock in cryptography we have a lot of names some names were not known few years ago Elise Cox with Amson for instance and we know Merkel with a paper rejected and the main paper is Diffy Elman new direction of cryptography and in fact maybe you don't know that River Shamir not Edelman at MIT was trying to prove that Diffy and Edelman were wrong and sometimes it happens invented RSA so here the visible tip of the RSA is Diffy Elman and the RSA team but the iceberg is maybe much bigger so as you know you have a lot of RSA modulus in the room for many years not only PGP and is protecting a lot of money everyday so if you have factorization in your aunts maybe you will or you want to be billionaire or maybe you will have a lot of trouble a lot of new friends and so on some visits indeed but let me remember again factorization was an hobby in fact you have Jevons in 1874 so he published a challenge and ask can the reader factorize that number and he said that anyone except myself will never know well you see the affirmation and the result is Lemer was able to factorize less than 30 years after so formidable challenge was coming trivial and there was another fact call was able to factorize for that time a really big number during Sundays well the complete timeline for RSA maybe you don't know that in 1854 proposed to use large integer for encryption and it was 100 digits Jevons invents the one way function call induction an inverse operator he said what and it is normally encryption it is easy while the crypt analysis is not multiplication is easy while factorization is not you see here the invention of one way function long time ago as you know physical publiki was invented around 1934 Kennedy the president asked to invent signature or able to verify after that more or less in parallel but before publiki RSA Robin invents probabilistic parent testing and signature and Elman invent asymmetric cryptography at the top door defi adds the protection of privacy and Merkel applies it to key description and again Knut one note from Stanford is coming back to the last century and proposed to use easy multiplication versus factorization of large integer for the design of publiki Jill 10 propose to use disk at lock so you see the story of RSA is not totally linear it's a long time and reverse enchemi try to prove there is not your system but as I said invent RSA and other man adds proof from the battery ok so infact if you are thinking about factorization at the moment there are very limited progress on the theory there are a lot of optimization and the question is are we in the right direction is it possible or not to drastically accelerate what we know by improve for instance the polynomial selection and so on and more important maybe are the criteria of generation for the prams RSA prams still valid today I am not sure so we are coming for a very important point the so called Rivest law it is foolish to predict when a integer of any particular size may be factorized so it's Ron Rivest is saying today we are maybe very secure and tomorrow tomorrow maybe not, we don't know and so the question is well are we ready like the Titanic was ready or not and we have prediction for instance at the international workshop on post quantum crypto seven five years ago Jackson said in fact the end of the RSA not me, Jackson and the date is here more recently based on linear extrapolation on the progress of GNFS Paul Leyland said that RSA 124 will be factorized on that date with the precise precision yes, why? so you see that people are saying we are secure for the next 20 or 25 years but Rivest says it is foolish to predict that people are doing that and more everybody is acting like the predictions are correct we are thinking about that so you understand the direction of the talk are we ready to implement the Rivest low and mean taken it into account not saying yes and we are not rubbish in fact no, Rivest 20 years ago did also some predictions so you see that there were the law isn't it the law level of number for the years and here average high and what is done you see that in 2000 in fact you can kill the first column for the prediction of Rivest five years after you can kill nearly the second column oh the game is coming to be very dangerous and here we are it's not so so good we are not killing the last one but we don't know now Burschner did also prediction it was very simple here so you see 10 years and here you multiply the size by two and in fact this table is in use today by some people government and so on why? I don't know if you go to the keylines dot com it's not prediction there is what you need to use if you use the LENSTRA laws or the result from Egypt or from the NIST of the FNSA of some internet RFC and so on and you see that normally for the next year you need to use for RSA something like 2000 bits the smallest number is 1000 120 so my question is to the audience who is using a larger key for PGP so the other ones you need to change ok continue now there is a curious collision between the Titanic and number theory there was a publication here by Samuel Yates they finding Titanic prime to be the number with at least 100 digits and here you see there is something not totally correct but Samuel means a very large prime not prime like the Titanic tip dangerous to do that so you see that the product of two Titanic primes is at least 6000 and more bits and number for cryptography are today in use in some specific application there are some PGP keys like this, telecom industry is using that and so version of SSL and so the product of two Titanic RSA primes are Titanic RSA modulus very dangerous expression ok so what if means integer factorization and if something is going to be wrong so here we continue to use some situation from the Titanic so the captain you remember the captain Smith about one of the three chips I cannot imagine any condition which would cause a chip to fonder I cannot conceive of any vital disaster up disaster up into this vessel modern ship building has gone beyond that it was before the story you know well another quote from the Titanic passenger to say a chip was in sinkable was flying in the face of God but some at the launch of Titanic not even God itself could sink this chip very dangerous to say that so you are exciting the gods ok so you know we have the same citation about factoring Richard Guy wrote I shall be surprised if anyone regular factors number of that sites during the present century oh very dangerous to say that but there is the crazy citation is this one from the RSA team in Scientific American RSA 129 so it's for 126 bits will require 4 quadrions year to factories it's a citation, it's not a joke I ask to Ron Rivers why they put that crazy number first answer because we are not thinking to to work in parallel but ok it's not the point and we did an error in the computation this number was factorized 70 years after no there is a problem because you know that maybe cryptography is good but not that much not too much we have to be careful but no we need maybe to come back to reality and here we have a citation for Toy Story the meaning is if you have say something during to everybody during your life is not easy to say yes I was wrong so long citation from Toy Story for saying that you can't find it back on Wikipedia ok there is another problem is the black swan effect a lot in Australia and in fact white swan were very well known in Europe no black so people say we don't see black swan people did not believe that it's possible until it was in Australia somebody found it so it's maybe the same story well it's the same story for IBM chairman predicting that 5 computers in the world will be enough and so we are here in the black swan reason it events are to predict thing about the river slow big impact on the society if you are say broken and maybe after that we will say if it is happening oh it was normal some people say that well ok and so maybe the talk is also maybe we have to be really in case of there is another view of that is the so called elephant hiding in the full booth people many people are working but they don't know maybe if they found it or no sometimes people miss something very important an example well no is the calm opener was invited 50 years after the first calm and Tasman discover many islands that he missed Australia so the story the question is the same for all the things we know about for cryptography and there that will be maybe so few answer maybe we are not happy there are is possible to stop acceptance so you see you see all the possible reaction this cannot be true who is to blame maybe there is a way to stop it why but it will be ok it is not the end of the road and we need to find new solution let's learn from eros ok, so coming back to Titanic and factorization there were few events before Titanic with the same story and people were not thinking a lot about that and so they were not anticipating one event don't worry for the next one and it's not exactly what we are seeing here we risk managers should have plans and schemes and should be ready and for instance speaking again about the Titanic maybe people were thinking at the time that the probability of collision was really low so here is a map of ship collision with iceberg so you see a lot no, so there will be catastrophic failure if algebra put some answer we don't care about at the moment so maybe it's possible also that some group not so nice the name is maybe algebra to use mathematics weapon or cyber weapon so think about that so be careful under your research with care no, is it only the talk think about that there are a book about that they start this from Ari Jules working for WRC company and the story is some curled nose auto factor integer and keeps the secret ok, is a book think about the sneakers ok, a team of six people gets a factorization device and what to do with that and it is the beginning of many problems and there are also it was on April 1st a paper factoring is polynomial in time it's a fake one but it was working it was like publishing in electronic letters and I know many people that days 15 years ago thinking that it was true ok, so why 15 years ago a joke, the first April was working here we are not the first April we are not joking maybe it's working better ok, so maybe also some people are able to factorize keeping the secret you don't know the Coca Cola recipe normally the Google search algorithm and so on we share everything but in fact we don't know exactly we don't know exactly the theory and so on so maybe the solution is not published maybe there is no solution and maybe it's not enough to change or extend the keys maybe it's a big change to do, to migrate to another system maybe the name will be really secure algorithm oh no, it's not that good RSA ok so part 5 5 minutes it's ok science fiction so Titanic was thinking that in number theory we don't know think about the reaction chain reaction so if you solve something integer factorization maybe you solve other things so maybe the replacement solution is not enough and maybe good resolution maybe there will be impact in other algorithm same sefer, hash function I don't know so what to do think about the Titanic disorganization but think if you factorize what will be life people will revoke discard the certificate there will be massive recall class action legal action and what about the remedy we don't know we don't know the cost we don't know if there are studies we don't know ok so there were 3 words the name is DLEF and CC there were an algorithm attack 2 algorithm structural weakness and not enough replacement solution so maybe we are in that situation maybe in the future we have a lot of security precaution at the moment prime generation prime testing and so on but if factorization is fast all the security precaution we are using are for the past is done so no people think about seeing your own titanic people are doing that also sometimes they are doing that at home you can use some grit or clothes FPGA and so on maybe the algorithmic or the improvement so maybe it's not so crazy to think that somebody in maybe doing that we don't know so we need to take appropriate security here a lot I don't have time to say that but if we are enough clever to solve our problem maybe we are also able to come back to security I think that I will skip this one it's all to prove that you have factorization algorithm but without giving the algorithm the next step here we are proposing a new workshop the name is at the moment Catacrypt created workshop related to catastrophic events when cryptography is used and their possible recoveries for the keys, for the hardware for the protocol for the intellectual property think about DRM and pay TV think about PKI the recent story of DG Notar the paper here in one hour about sovereign keys we need that there are sometimes some indication the first workshop will take place next year maybe not the day of the Titanic having one century so look for the future call of paper a first pointer another one at the moment there is nothing there it's themultiplier.com there are many big companies having put interest about that I cannot give you at the moment the names if you are interested to us we will see how to handle that and thank you for your attention