Where did I put it? Loss of vital crypto key voids election

Back is our weekly column of bizarre stories, implausible advertising claims, confusing instructions and much more.

Locked

According to Feedback, the phrase “you couldn’t make it up” is often misunderstood. This isn’t to say that there are limits to the imagination, but rather that there are certain developments that you can’t include in a fictional story because people would say “oh come on, that’ll never happen.” The problem is that these people are wrong, because real life is often ridiculous.

In the world of codes and ciphers, one of the most important organizations is the International Association for Cryptological Research, described as “a non-profit organization dedicated to supporting the advancement of the science of cryptology.” The IACR recently held elections to choose new officers and directors and to amend its statutes. As cryptographers, they did it in a clever way: They used Helios, an online platform that promises “verifiable online elections.”

Helios is really very intelligent. Every vote is tracked, so you can verify that yours was received and has not been altered, making tampering seemingly impossible. At the same time, each vote is completely secret. The system “uses advanced cryptographic techniques to combine all encrypted votes into an encrypted count, and only the count is decrypted.”

But how is the count deciphered, you ask? Well, an organization must appoint a certain number of directors. The IACR selected three, each receiving a third of the cryptographic key. To decrypt the count and see the results, the three administrators had to enter their piece of key. It was an all or nothing process: one or two bits of the key did not allow even partial decryption.

And so, the inevitable happened. “Unfortunately, one of the three administrators has irretrievably lost his private key, an honest but unfortunate human error, and therefore cannot calculate his share of decryption,” the IACR wrote on November 21. “As a result, Helios is unable to complete the decryption process, and it is technically impossible for us to obtain or verify the final result of this election.”

The IACR had to cancel the election and start the whole process again. This time, he says, “we will adopt a 2 out of 3 threshold mechanism for private key management, and we will issue a clear written procedure that all directors must follow before and during the election.” Commenters want to examine this “clear written procedure”, if only to see if the first page says “DON’T LOSE IT” in big, bold letters.

We are also fascinated by the ability of what the IACR calls “human error” to undermine even the most ingeniously designed system. Every time some Silicon Valley hype-man tells us that human-scale artificial intelligence is imminent, we groan inwardly, because the first human-scale artificial intelligence will probably be comparable to that of the average human — and, well, have you met the people?

Floats like a grape

The ability of science journalists to propose new and interesting units of measurement never ceases to amaze. On November 17, The New York Times published an article about “a small solar-powered radio tag that weighs just 60 milligrams and sells for $200,” which entomologists use to track monarch butterflies as they migrate across North America.

Anthony Weaver pointed out a sentence that attempted to express the weight of a tag relative to its bearer: “Most monarchs weigh between 500 and 600 milligrams, so each tagged migrant making the transcontinental journey is equivalent, in weight, to half a grape carrying three grains of uncooked rice.” »

The comments think we can all agree that this makes things much clearer, in a way that saying “about a tenth of your body weight” just wouldn’t cut it. Or, as Anthony puts it: “As I imagine myself as half a grape on a transcontinental journey, carrying rice to Mexico, I finally understand what butterflies think about science. »

No, this is not an invitation to send similar examples from the pages of New scientist. Don’t even think about it.

The boys club

Comments aren’t on social media because, frankly, we don’t have the mental energy to figure out how to get attention on half a dozen separate sites that all use radically different algorithms. Still, we keep half an eye on things, so we were intrigued by an impromptu experiment on LinkedIn. Women on the site changed their names and pronouns to appear as men, then had their engagements blow up.

For example, social media consultant Simone Bonnett changed her pronouns to “he/him” and her name to “Simon E,” then saw her profile views increase by 1,600%, according to The Guardian. Others have seen similar spikes. As a check, Daniel Hires, who incidentally has the perfect LinkedIn name, tried the opposite. “I changed my name to Daniela for 4 days,” he wrote. “The result? Day 1: drop of -26%”.

Now, Feedback should tell you that, according to LinkedIn’s Sakshi Jain, “the site’s algorithm and AI systems do not use demographic information (such as age, race, or gender) as a signal to determine the visibility of content, profile, or posts in the feed.” We don’t doubt it, but we also believed that unintended emergent effects were a major driver of algorithmic bias.

Meanwhile, Feedback is setting up our brand new LinkedIn page. We’re going to be called Mansplain.

Do you have a story to share?

You can send stories to Feedback by email at feedback@newscientist.com. Please include your home address. Comments from this week and past ones can be viewed on our website.