FROM ENGINEERING TO CRYPTOGRAPHY AND….

Now there are reports that hacker attacks violate major public and private companies, compromising even strategic plants and risking harm to millions of people. Until now, companies followed the BUSINESSFIRST rule and therefore did not want to create a common front against such attacks, indeed some did not disdain to buy attacks against competitors at the dark-web supermarket. The top players in the industry have been violated, but this is not just like the saying: Shoemaker with broken shoes! This is a shortcoming of the official cybersecurity culture that has constructed buildings on the sand, and, like the Leaning Tower of Pisa, they tilt and are in danger of collapsing. Now important economic commitments of states, companies and international organizations lead the so-called large companies to renew their creed: BUSINESS FIRST! Neglecting an alliance against those who violate data, identity, against those who blackmail with RANSOMWARE. I write here my experience which leads to amazing results.

I am ROBERTO MONTELATICI, mechanical engineer who graduated in 1982, the only one in my course to come from classical high school. Before graduating, I went into the military as an Officer of the Carabinieri. After the military, I completed my thesis and graduated with 104/110. We had left in two hundred and we had arrived in 20. Chapeau! I went to Rome in state IT, and then I managed to return to Tuscany. In Tuscany, I worked in some mechanical engineering companies. In 1989, I returned to state IT in Florence. We worked for the Autostrade company, then in 1997 we got the outsourcing contract with the State Railways. In 2009, I took advantage of a concession to leave. I attended the Course for Entrepreneurs at the Florence Incubator and began my entrepreneurial experience. I studied Java and began to carry out my projects. I wanted to make software patents, so they said it was not patentable. I contacted Italbrevetti of Pontedera. It was a family-run studio, with an elderly father and son Antonio, a young mechanical engineer, who drew up the documents. In the meantime, I had opened a SRL, Roboing srl. The ww.roboing.net site is still active. Eng. Antonio told me: Engineer but because he comes and drives 60 kilometers for patent reviews, let's exchange everything by mail. And I replied: patent texts not yet published exchanged by mail! No thanks. And he said, I have a 35-character password encryption system, but I don't

use, it's so complicated! And I replied, I do an encryption system.

FIND A BOOK ON HISTORY OF CRYPTOGRAPHY.

I read it avidly. It explained the history of cryptography from Julius Caesar to the present day. I made the first patents. Meanwhile, with Java I was grinding software. I did the first tests and it was slow. I threw it all away and I started again. The book ended triumphantly on the public key and private key system, explaining the mechanism of the primes that linked them. I found this too complicated. On the other hand, engineers think differently from mathematicians. I went through the whole book. Julius Caesar made cryptography starting from the vocabulary Latin of 26 letters and setting a numerical shift. The A became D, B became E and so on. It was fine then. Leaving aside other solutions, there was Vigenere. He built a square table, in which Julius Caesar applied for each row. Then a keyword was identified that gave the beginning of each line. CRYPTANALYSTS were the ones who tried to decipher the messages.

Their most powerful weapon in the Renaissance was frequency analysis. It was already known that in a natural language for quite long messages there was a whole hierarchy of letter frequencies.

In Italian the most common is the E, the second the A, and then the others. It was enough to replace. Thus the puzzle was reassembled and the message deciphered. I had to make a system in which the same initial character had to have several transcodings in order to cheat the frequency analysis. I created a software with a display board of 65 thousand characters, that is the square of 256 which are the possible characters defined in the ASCII correspondence between characters and symbols and the corresponding numerical values zero and one of the computers. Mine was a symmetric cryptography where both partners must have both the algorithm and

the key. If the key is intercepted and the algorithm is known, the omelet is done. When I talked about it at trade shows that I was encrypting a GIGABYTE in a minute, they told me it was an exceptional result, comparable to that of the dreaded hackers.

Meanwhile it appeared in the newspaper Repubblica in 2012 that researchers had analyzed thousands of public and private keys and had identified 5% of them!! Why? The theory of numbers

First taken randomly it does not take into account that in computer science the random number does not exist, there exists the pseudo-random number generated by an algorithm. Once the algorithm has been identified, the omelet is done. Almost 10 years have passed since then: The asymmetric key system was also adopted by the Revenue Agency to send the documents to the accountants in a so-called secure way. To protect oneself from the forgeries they invented the certificate, which certifies that whoever issues the public key is reliable. Too bad there are fake certificates ...

THE TURNING POINT

In the summer of 2014 I was contacted by a girl, Michela, who graduated in mathematics in Florence with honors and graduated in the master of cryptography in Lucca. She started the job, then introduced me to Francesca, who also graduated in mathematics in Florence with full marks and graduated in Lucca in the master of cryptography. She learned Java in 15 days. She analyzed my software and she said: But you made a Vigenere! Of course, compared to Vigenere we had the answer to the problem of frequency analysis and we had a table of 128 Kilobyte characters. To find the key with brute force attacks, that is, try all the keys, it would take geological ages. 256 raised to 131 thousand. Ends the solar system first. Extreme safety.

NO ONE HAS MADE NEW CRYPTOGRAPH SYSTEMS.

Those who use symmetric encryption use the American military standard AES256, with an algorithm of 256 BIT, or 32 BYTE. They say it will soon be overtaken by the speed of new supercomputers.

We will also resist the speed of future quantum computers and supercomputers. The pseudo cryptographic experts repeated: but how do you transmit the key? At first I said that it could be transmitted on the chip of a supermarket card. Banal. But we have TWO KEYS! Instead of two I send 256! Then the two partners call each other and one says: go to the supermarket with bus 32, then go to the florist's with bus 17.32 and 17 are the numbers of the two keys that are used. Who has the entire set of 256 keys must calculate the attempts from the 256 factorial to derive the right ones. That is an incredible number of years. Let's see how encryption does apply to coins.

THE BLOCKCHAIN SYSTEM is based on modules that generate an encrypted key according to the HASH technique. The HASH technique is a library function of the main computer languages that generates numbers and characters that are very sensitive to variations in the base text. Since the HASH encoding points to the next block, if I change it skips this link. Philosophically they say that the block-chain is a distributed database system as opposed to a centralized system. In Finance, the blockchain had taken on an ideological character. Power passed from a bank or a state to a community of people who do not know each other and verify the correctness of the transaction. Great for ensuring anonymity. So luscious for criminal organizations.This is testified by the IN BITCOIN ransom note

in RANSOMWARE attacks which, by exploiting network interconnections, encrypt millions of computers and websites. The main problem is that the block-chain is getting longer and longer. For a new transaction, a block is added to the chain with simple code instructions in the appropriate language. The so-called

miners carry on the chain which must be checked again for its entire length. This verification requires a supercomputer with huge energy consumption. They are already in tenth place with respect to the energy consumption of nations in the world, more than Argentina and Pakistan.

NOW THERE IS THE COUNTERATTACK of States and Central Banks, with respect to a world that steals huge amounts of money from their control. The CBDC (Central Bank Digital Currency) has placed two main stakes that define two ways of using digital currencies, one similar to paper money perhaps managed by banks, the other intended to be used by companies in a fixed circuit of customers.

OUR SOLUTION conforms to both posts. Compared to CRIPTEOS 3001 our digital currency project uses the 40 megabyte key version, it separates the encryption process from the decryption process. We have inserted a third key that CUSTOMIZES the algorithm for each customer. So if, for example, the Bank of England and the Bank of Japan buy it, and the Bank of England is sure that the other is not putting fake digital pounds on the market and vice versa. Fake Verification is a simple decryption software. As with paper banknotes, counterfeits are identified and eliminated. At ZERO energy cost.

This article will appear on October 18 in Sole 24 ore.

ArticoloSole24ore

Leave a Reply

Your email address will not be published. Required fields are marked *