$1 Million prize offered for cracking an encryption algorithm

$1 Million prize offered for cracking an encryption algorithm

Summary: It's 2008, and companies perhaps rich on VC money to waste in a guerilla marketing tactic for generating viral buzz, still talk and act as the utopian "unbreakable encryption" algorithm is the panacea of security, or the "Hackers Hell: Privacy That Can't Be Compromised" as they pitch it.

SHARE:
TOPICS: Security, Malware
8

It's 2008, and companies perhaps rich on VC money to waste in a guerilla marketing tactic for generating viral buzz, still$1 Million prize offered for cracking an encryption algorithm talk and act as the utopian "unbreakable encryption" algorithm is the panacea of security, or the "Hackers Hell: Privacy That Can't Be Compromised" as they pitch it.

Permanent Privacy is one of these companies suffering from marketing myopia, and re-inventing the wheel by promotion what's already available on the market, unbreakable encryption if the algorithm is directly attacked, and the opportunity for obtaining the keys and passphrases through malware excluded. They are, whatsoever, offering $1m to those who manage crack their data encryption system :

"Permanent Privacy  announces the world's first practical data encryption system that is absolutely unbreakable. And is offering a $1,000,000 challenge to anyone who can crack it. Permanent Privacy (patent pending) has been verified by Peter Schweitzer, one of Harvard's top cryptanalysts, and for the inevitable cynics Permanent Privacy is offering $1,000,000 to anyone who can decipher a sample of ciphertext. Peter White, Managing Director of Permanent Privacy, said:

"The world of cryptography shuns and disparages outsiders, but Permanent Privacy is the real thing. You can now send emails and store data with 100% security. Even the Pentagon can't read your secrets if they don't have the keys".

There's a business model in here, and not necessarily the brand with a mission like you'd want it to be.  For instance, in order to participate in the challenge, you'd have a purchase the tool for $39 - "Each licence bought will entitle one entry into the Million Dollar Challenge", and what follows is the best part. Even if you purchase it and encrypt a message, the person who wants to decrypt the message would also have the purchase the tool - "if your friend wants to decrypt something you've sent he/she will also need to purchase PP as well." Thinking for a second about the number of people with whom you exchange encrypted emails on a daily basis, and how they wouldn't be able to read them unless they too, purchase the tool, ruins my understanding of public key cryptography.

As far as the "unbreakable encryption" is concerned, it's already there. The GPcode authors use it, and probably you use it, which doesn't mean that you are no longer susceptible to malware and spyware attacks aiming to steal your secret keys and passphrase, since it would be virtually impossible, if not impractical to directly attack the encryption algorithm used. Cases in point :

These ongoing developments clearly indicate that whenever the algorithm cannot be cracked, adaptive approaches are already in the works, and so even the "unbreakable encryption" can by simply bypassed by stealing your keys and associated passphrase through malware. Therefore, the "unbreakable encryption" used in a compromised environment is literally worth nothing.

Topics: Security, Malware

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

8 comments
Log in or register to join the discussion
  • Schneier thought the same

    If you read Bruce Schneier's history on his website, he claim to have discovered the same revelation. He says he used to believe that if he found the perfect encryption, the world would be secure. He later recanted on this view and has spent a good portion of his time pointing out that today's data theft is more and more often a feature of social engineering rather than encryption error.

    Good to see that at least ZDNet isn't fooled by these marketeers.
    cmdrrickhunter@...
    • Schneier is a genius

      and if anyone could invent an encryption technology that could keep everything secure, you'd have to believe it was him, but it's just not possible.

      Also, $1M? Why waste your time... crack something more serious and sell it to a government for $1B. Of course, you might have to leave the country... permanently, but still, $1B U.S. dollars is still something like $500M anywhere else.

      -Nate
      nmcfeters
  • RE: $1 Million prize offered for cracking an encryption algorithm

    Great marketing....
    dragon@...
  • Schneier a genius

    Now don't get me wrong, I have a high opinion of Schneier for all the good he has done raising awareness of security and encryption considerations, but you are getting carried away by hero-worship. Schneier knows a great deal about crypto, but he is a security consultant, not a cryptanalyst.

    Worse, you seem to have missed Schneier's point: his point was that even the strongest crypto alone is NOT the solution to the security problem. It is the entire security protocol that must be bullet-proof and correctly implemented.

    But the Achilles' heel for any such protocol is "social engineering", e.g., getting the password/key by some other means.
    mejohnsn
  • RE: $1 Million prize offered for cracking an encryption algorithm

    Speaking only for myself and my own level of
    talent, the 39 dollars invested would turn into a
    million before I 'd ever decrypt anything.
    trm1945
  • RE: $1 Million prize offered for cracking an encryption algorithm

    where is the program they want cracked??/ reply to dragon3543@hotmail.com
    rubycantrell@...
  • Hey, Wait ... This Sounds Familiar.

    OH, NO!!! It's "Mercury Rising" all over again. You find the algorithm ... you go missing.
    You know how many $MILLION$ and man hours in research can be lost?
    cpuguy1
  • RE: $1 Million prize offered for cracking an encryption algorithm

    Its bs. If you did crack the algorithm, I'd bet that there would be plenty of others willing to pay far more than $1M USD for it.
    Jimster480