Tuesday, April 30, 2013
Monday, April 22, 2013
Here 37 is the double winner in that the point marked by the dashed lines indicates that the optimal approach is to reject the first 37% and then you will find the best candidate as the next best choice 37% of the time. This magic 37% is derived from 1/e = 0.37, where e is the base of the natural logarithms.
I just downloaded the e-book version of Mathematics and Sex and took a quick look at the 12-bonk section, and it seems that Cresswell's discussion is based on the work of Peter Todd in his paper Searching for the Next Best Mate. Todd looks at simpler heuristics to find a mate than applying the 37% rule, which he notes has the following drawbacks in practice. If we assume a sample of 100 people where they can be rated uniquely on a scale from 1 to 100, then when applying the 37% rule
- On average, 37 additional people need to be interviewed (or bonked) to find the next best beyond the best found in the initial 37 people, for an average total of 74 people being considered from the 100.
- On average, the best person found has rank 82, where 100 is the best on the scale. The 37% rule finds the best person 37% of the time, but averaging the success out over the remaining 63% of choices, lowers the result by about 20%.
Wednesday, February 6, 2013
Monday, May 28, 2012
It seems ironic that a satellite intended to monitor the Earth’s environment is at risk from the space environment and is likely to become a major contributor to the debris environment.
Tuesday, May 22, 2012
The New Scientist has reported on recently declassified letters that were exchanged between John Nash and the NSA in the mid 50’s pertaining to his ideas of building cryptosystems that are essentially unbreakable in practice. At that time the one time pad of Shannon was well-known but Nash, like Shannon himself, hit upon the idea that the inconvenience of managing keys in a perfectly secure cryptosystem could be traded for one where the key space is so large that it cannot be searched in a feasible amount of time. Nash quotes the unicity distance as a measure of how much ciphertext is required to determine the key uniquely, which is infinite for the one time pad but small for a cipher with a fixed key. Even so, quickly obtaining the small amount of ciphertext to uniquely determine the key in principle does not mean that the task of recovering that unique key is (computationally) easy.
Nash outlined his ideas for building a computationally secure cipher to the NSA in a handwritten letter, and proposed a cipher to meet these criteria, a snippet of which is shown below (he would not be winning any awards for his cursive).
Nash made the prophetic remark that substitutions ciphers can be broken piecemeal with partial information accumulating, and that the game of cipher breaking by skilled teams is essentially a thing of the past. In short, and with hindsight then, people that could break the Enigma would not be prepared to break RSA, or other cryptosystems based on computationally difficult problems from number theory. The scale had changed. It seems that the NSA broke the cipher that was proposed by Nash, or did not think it interesting or practical. In any case, they did not wish to pursue the ideas expressed by Nash, and told him as much.
Nash’s letter was written about 20 years before the ideas of pubic key cryptography became mainstream in the mid 70’s. The New Scientist article related Nash’s proposal for an effectively unbreakable cipher to one of the The Millennium Problems, proposed by the Clay Mathematics Institute. Each problem (or challenge if you prefer) carries a prize of $1 million dollars for a solution, and a cipher that would require exponential work to solve implies a solution for the P vs. NP problem.
Business Insider recently reported that Chrome is now the number 1, or near number one browser of choice, and its popularity has come as the expense of IE as shown in the chart below
The data set is based on statistics collected by StatCounter, and is probably not reliable for specific figures but sufficiently reliable for showing trends – in this case, that Chrome is stealing market share mainly from IE and somewhat from Firefox. In any case, a significant amount of internet traffic is now being funneled through the Chrome security model. The previous browser prediction that I posted on, that Firefox would overtake IE by Christmas 2012, agrees quite well with the data set above.
Friday, October 7, 2011
You can now order the new Block Cipher Companion book from Tesco’s, just published this month. I have seen an earlier draft and the text is very detailed and comprehensive, as you would expect from authors of this caliber.
Tuesday, October 4, 2011
I recently posted about the reads on my Scribd collection, and one of the most frequently read is the master’s thesis by the founder of Xobni (inbox spelt backwards) called How to Organize Email. There is a new version of this software called Smartr for Gmail and you can watch a video on its features.
Sunday, October 2, 2011
I have uploaded about 200 documents to Scribd over the last few years and the number of reads has just passed 150,000. You can see the categories here. The top 5 documents, each with over 3000 reads each are
Thursday, September 29, 2011
Monday, September 26, 2011
Don’t ask me why but a lot of SPAM has accrued, and keeps accruing, at this May 2009 post on SHA-1. Apart from the common penis enlargement references, some of the other SPAM is quite long and seems to be playing on some quirk of SEO. Fine.
Sunday, September 25, 2011
Thursday, September 22, 2011
This is a nice presentation on enterprise key management issues from Anthony Stieber given at the 2nd IEEE (KMS 2010) Key Management Summit. The main message is that KMS is tricky and don’t roll your own. By the way if you are looking for examples of Powerpoint that breaks all the rules for good presentations, then you will find them here.
Also there is a very polished and informative presentation from Chris Kostick of E & Y on an enterprise key management maturity model, and below is a comprehensive diagram on the life-cycle management of keys.
I am currently in-between positions, somewhat happily, and are casting my net of interest a bit wider than my traditional roles in IT Security and Risk. One position that caught my eye from a global reinsurer in town was the role of Earthquake Expert within their Natural Catastrophe department (or Nat Cat in insurance lingo). I really don’t have any specific background in this area but I sometimes entertain the idea that I can transfer hard-learnt crypto math skills into a numerate role like this one which calls for extensive modeling and prediction. You also think that this might be a nice and cozy niche area to ply your trade as a specialist, holding something of a privileged position.
Well I was disabused of any such notion this week when I read this week of six Italian scientists and a former government official are being put on trial for the alleged manslaughter of the 309 people who died in the 2009 L'Aquila earthquake in Italy.
The seven defendants were members of a government panel, called the Serious Risks Commission (seriously), who were asked to give an opinion (or risk statement) on the likelihood that L'Aquila would be struck by a major earthquake, based on an analysis of the smaller tremors that the city was experiencing over the previous few months. The panel verdict delivered in March stated that there was "no reason to believe that a series of low-level tremors was a precursor to a larger event". A week later the city suffered an earthquake of magnitude 6.3 on the Richter Scale, denoting a “strong quake”.
The crux of the case against the scientists is that they did not predict the strong quake coming to L'Aquila to allow a proper evacuation of its inhabitants. The defense rebuttal is simply that such a prediction is impossible, and they cannot be held accountable for this unreasonable expectation. The scientists cannot be expected to function as a reliable advanced warning system. The international scientific community has weighed in to support the defendants with a one-page letter from the American Association for the Advancement of Science, which supported the scientists by saying that there is no reliable scientific process for earthquake prediction, and they should not be treated as criminals for adhering to the accepted practices of their field.
Recently people were evacuated from New York City as precaution to the impact of Hurricane Irene. The hurricane passed by New York causing far less extensive damage than expected, and yet there were still complaints from residents about being asked to leave their homes “unnecessarily”. It seems that authorities cannot win in these matters unless they can predict the future accurately.