Friday, March 26, 2004

The Code BookOne of the soft drink companies -- that shall remain nameless -- is imprinting ten character alphanumeric codes on each bottle top. By entering the codes into a web site, you can collect points which are redeemable for prizes.

As an academic exercise, one could investigate how these codes might have been generated. Consider that you might use the alphabet (A through Z) and certain numerals (say: 3, 4, 6, 7, 8 and 9). Those numerals might have been chosen to prevent ambiguity during data entry (e.g., the number "1" might look too much like the letter "I"). Anyhow, that range of alphanumerics allows 32 discrete values or five-bit patterns (2 to the fifth power).

Imagine further that, embedded within each code there might reside a random, time-based key. Using the time-based key, one could decrypt the remaining five-bit "bytelets". It might even be possible that a check value would also be embedded within each code to ensure its integrity. For example, a checksum, a CRC or a truncated hash (such as an MD5 value) could be generated and encrypted as part of the code string.

If one could imagine how this was all accomplished then one could theoretically co-opt this "virtual currency". However: given the fact that publishing an algorithm of this sort might technically run afoul of any number of new-fangled laws like the DMCA... even if one were able to deduce the algorithm used for code string generation, it would be highly risky to employ it for evil purposes. So there... you're warned. :-)

BTW

Simon Singh's The Code Book is not just one of the best books on cryptology and "code-breaking" ever written... it might be one of the best historical, non-fiction books of any type ever written. It's startlingly good. Highest recommendation.

Week-long Hiatus

This blog, which has been regularly updated since November, will probably be going on a week-long hiatus starting tomorrow. Mr. T has promised to Tivo the Sopranos for me. My prediction: a Mr. Johnny Sac is going to be sleeping with the fishes quite soon....

1 comment:

Anonymous said...

Can anyone recommend the top performing MSP system for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central help desk software
? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!