Encrypt A Message In the Big Bang Afterglow

A diagram of the Big Bang expansion according to NASA

If you’ve got a secret you need to keep safe, look toward the skies. Physicists have proposed using the afterglow of the big bang to make encryption keys.

The security of many encryption methods relies on generating large random numbers to act as keys to encrypt or decipher information. Computers can spawn these keys with certain algorithms, but they aren’t truly random, so another computer armed with the same algorithm could potentially duplicate the key. An alternative is to rely on physical randomness, like the thermal noise on a chip or the timing of a user’s keystrokes.

Now Jeffrey Lee and Gerald Cleaver at Baylor University in Waco, Texas, have taken that to the ultimate extreme by looking at the cosmic microwave background (CMB), the thermal radiation left over from the big bang.

Random strings
There are several ways to extract numbers from the CMB. For example, you could divide a patch of sky into pixels and measure the strength of the CMB’s radio signal, which is never duplicated exactly. Over time, each pixel would generate a string of different strengths, which are just numbers, so putting the strings from each pixel together gets you a very large random number.

“An adversary measuring the same patch of sky exactly the same way and at exactly the same time could not get exactly the same values,” says Lee. “A matching pattern of digits in a CMB measurement cannot be obtained by any other observer, thus adding yet another layer of difficulty in breaking the encryption.”

Mads Haahr of Trinity College Dublin in Ireland runs a website called random.org, which uses noise from weather to generate random numbers. He says the big issue with CMB encryption would be setting up the hardware. “It would be interesting to learn how much a suitable radio telescope costs, how much space it would require and whether a clear view of the sky is necessary,” he says.

Lee agrees that setting up a radio telescope array is not something individuals can do, and the CMB might not offer better encryption than the weather, but using the big bang as a random number generator has its own appeal.

“It brings together two fields of study that don’t often cross-pollinate – early universe cosmology and cryptography,” Lee says.

New Scientist

« The True Cost of Surveillance
Can Big Data Help Climate Change? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Lastline

Lastline

Lastline is the leader in advanced malware protection.

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

National Agency for the Security of Information Systems (ANSSI) - France

National Agency for the Security of Information Systems (ANSSI) - France

The role of Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) is to foster a coordinated, ambitious, pro-active response to cybersecurity issues in France.

Black Duck Software

Black Duck Software

Black Duck Hub allows organizations to manage open source code security as well as license compliance risks.

MetricStream

MetricStream

MetricStream provide integrated GRC solutions across business, IT, and security functions.

Fastpath Solutions

Fastpath Solutions

Fastpath deliver software solutions that enable you to take control of your security, compliance and risk management initiatives.

SISSDEN

SISSDEN

SISSDEN will improve cybersecurity through the development of increased awareness and the effective sharing of actionable threat information.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

Deceptive Bytes

Deceptive Bytes

Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

International Cybersecurity Institute (ICSI)

International Cybersecurity Institute (ICSI)

ICSI is a UK company offering specialized and accredited professional qualifications in cybersecurity for young IT graduates as well as mature professionals.

Query.ai

Query.ai

At Query.AI, we are committed to helping companies unlock the power of their security data, so they are empowered to meet security investigation and response goals while simultaneously reducing costs.

JFrog

JFrog

JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime.

Flotek

Flotek

Flotek is an IT & Comms service provider delivering SMEs with trusted, innovative and cost effective cloud technology, with confidence, clarity and clout.

Rescana

Rescana

Rescana offers a cyber risk management platform with the vision to remove the security team bottlenecks, accelerating business processes that require risk assessment.

SPYROS Information & Technology Consulting

SPYROS Information & Technology Consulting

SPYROS specializes in providing highly qualified professionals in Computer Network Operations, Signals Intelligence, Technical Training and Certifications, Network Administration and Security.