New US Executive Order on Cybersecurity

President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government.

For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of new cybersecurity standards. Although the companies would have to “self-certify,” violators would be removed from federal procurement lists, which could kill their chances of selling their products on the commercial market.

I’m a big fan of these sorts of measures. The US government is a big enough market that vendors will try to comply with procurement regulations, and the improvements will benefit all customers of the software.

More news articles.

EDITED TO ADD (5/16): Good analysis.

Posted on May 13, 2021 at 9:39 AM42 Comments

Comments

Clive Robinson May 13, 2021 10:24 AM

@ Bruce, ALL,

When you look through it you will find,

“agencies shall adopt multi-factor authentication and encryption for data at rest and in transit, to the maximum extent”

Take a carefull look and you will see there is no comma after “authentication”…

Which under certain rules, it actually mrans “both”,

1, Multi-Factor Authentication(MFA).
2, Multi-Factor Encryption(MFE).

Are to be used.

That is going to be interesting, whilst ways to do MFE have been around and,are fairly easy to understand[1], thinking back I can’t remember seeing any general consumer software that does MFE for FDE. I have seen some “security” systems that require several “crypto ignition keys”(CIK) theycare not exactly “consumer” grade or oriented.

Therefor I suspect most consumer security product vendors will get MFE more badly mucked up than they have with MFA requirments…

But the “self certification” requirment is realy asking for trouble. MFA has been on auditors check lists for some time, but it used to not be defined. Any one else remember the apocryphal “But two passwords are MFA”. Or even worse “But a secret username and password are MFA”…

[1] MFE or “M of N key” split/share[2] systems come in several varieties. The easiest to undetstand conceptually is the idea that,

You need a minimum of three points on the circumferance of a circle to describe it and work out where it’s center is and it’s radius

Thus you compute the center and radius when you have all three points. Only knowing one or two points on the circumferance will not help an attacker.

[2] https://en.m.wikipedia.org/wiki/Secret_sharing

Meslin May 13, 2021 10:42 AM

well, whatever its merits, the Federal Government has suddenly imposed a big new buyer-requirement on hundreds of in-progress software/IT procurement contracts, many of them huge multi-year programs.

This will cause big disruptions, time delays, and price increases.

New contract requirements require contract re-negotiation with the companies supplying software/IT to the vast number of Federal agencies.
These companies will demand significantly more money and time to comply with their customer’s sudden new wishes.

Winter May 13, 2021 11:35 AM

@Meslin
“This will cause big disruptions, time delays, and price increases.”

I would suspect that most big vendors knew what was coming. Such directives do not fall out of a blue sky. But in this case, the warning time could not have been more than 5 months, which is short.

JMM May 13, 2021 12:29 PM

New screens sold to the government will be made of a special plastic that won’t allow post-it notes with passwords to be attached.

tatere May 13, 2021 12:43 PM

“Such directives do not fall out of a blue sky.” hahaha. Maybe for some people, who are connected at specific points. But down below in mortal land, that’s pretty much just what it feels like.

It sounds OK, but you have these very jargony requirements specified at such a high level, and then they filter down through layers of people who don’t really understand what any of it means, and level N’s best guess becomes level N+2’s absolute requirement “because that’s what they want, don’t ask me.” “Cyber” is a trigger word.

I also like the bit about requiring cloud services to share data with the USG. What about the other way around, Joe?

Anonymous May 13, 2021 1:51 PM

“‘Such directives do not fall out of a blue sky.’ hahaha. Maybe for some people, who are connected at specific points. But down below in mortal land, that’s pretty much just what it feels like.”

Only if you live under a rock. People that work in the government generally know how the government operates for the most part, and so do those selling to it. They know the procurement rules, it doesn’t matter WHY the rules exist, only that they are the rules and that’s all that matters.

Implementation of the rules are a different thing entirely. Self-certification doesn’t work because it’s usually not properly enforced. Once a vendor has a government dept on the hook, they have them on the hook for the next 10-20 (or more) years because that vendor also knows that if they keep their support contract price just low enough, the budget process will do the rest. This is why proprietary data formats exist. It drastically increases the cost of moving to any competing products. Certain powerful factions in Congress will actively sabotage any attempts to update or switch vendors by continuously cutting budgets to fund their tax and regulatory agendas. Who cares if the vendor never sells another thing to the government. The vendor already has their cash cow they can market.

bcs May 13, 2021 1:56 PM

My concern is that any time you create standards like this you end up with people who’s goals are compliance with the standards and that replaces the goal of accomplishing the actual goals of those standards.

While there are things that are static and basic enough that a slow moving bureaucracy can and should define and require them, those standards are going to lag way behind the evolution of best practices, or they are going to end up demanding irrelevant security theater actions long after they are understood to be pointless and ineffective.

I hope the standards include catch-all clauses that require some effort towards best practices and allow rejection based on things not specifically enumerated in the standard.

Actually the more interesting question: how does this related to ongoing support? What happens if the product, after it’s adopted, is found to not defend against a new threat? What will happen if the vendor is unable (or unwilling) to address the new issue?

bcs May 13, 2021 2:02 PM

As for how this impacts in flight stuff: Who cares if they knew this was coming? They probably don’t.

If I was a vendor (with little in the way of scrupuls) I’d pretend I didn’t see this on the way while trying to figure out exactly how much I can tack onto the contract for the “change order” without loosing the contract all together.

SocraticGadfly May 13, 2021 2:33 PM

Given that state and municipal govs have been dealing with ransomware for some time, no, this can’t really be seen as out of nowhere.

I too have concerns with the self-certification aspect, though.

“Wile E. Coyote, self-certification genius!”

Norio May 13, 2021 2:35 PM

“New screens sold to the government will be made of a special plastic that won’t allow post-it notes with passwords to be attached.”
@JMM, FYI, the inventor of post-it notes (more specifically, the special adhesive), Spencer Silver, died yesterday at the age of 80.

FA May 13, 2021 2:36 PM

@Clive

You need a minimum of three points on the circumferance of a circle to describe it and work out where it’s center is and it’s radius

That’s actually not a very good example of what an ‘M out of N’ secret sharing system is supposed to do.

Having only M-1 inputs should provide no information at all.

But given two points on the circle, you know a line that the center will be on.

Anon May 13, 2021 4:02 PM

Yes…..we should all jump up and down about another “executive order”….

Really….what is that going to do to stop the onslaught of hacking and malware attacks…..

It’s just grandstanding…..

Clive Robinson May 13, 2021 4:27 PM

@ FA,

But given two points on the circle, you know a line that the center will be on.

The same problem exists for one of the standard examples of secret sharing (Blakley’s scheme).

But you also dod not mention it gives you another piece of information as well as the line between the two points. That is the diameter cannot be any less than the distance between the two points. Which is also a concern with other securitycret sharing systems that use reduced “dimentional spaces” for efficiency.

However that’s not going to help you much more either if the granularity of the points in any given dimension os sufficiently high…

The point of using the circle as an example is it’s probably the only example of a “split/shared” key system analog that you can relate to what you were taught at K12 school level. It’s why I not just qualifed it with,

“The easiest to understand conceptually”

I also gave the Wikipedia link as well which explains more.

Look at it another way,

For an N-Share system I generate N random numbers of the same bit length as the bit span on a public key system. I then use the public key –which I do not make available– to encrypt all the random numbers and distribute the resulting encrypted,messages to the N participants. On receiving all N messages I decrypt them with the private key to get the random numbers back. I then mix the random numbers in a function to generate the secret key. The function could be just XOR them all together, or add them all together mod 2^b where b is the bit width of the random numbers, or some other function such as sequential use of N different public keys on a random number, or N different AES encryptions using N random keys.

How many people would be able to relate that explanation to what they got taught in school?

In fact why don’t you post an example system that uses just concepts a K12 pupil would know and relate to, such that they would understand the concept of an N share system.

packages May 13, 2021 6:26 PM

With all due respects:

STUPID. REGULATIONS. rather than gentle influences.

They will make a SKYFALL.

from one who actually meet schneier a long long long time ago.

-regards.

Chris May 13, 2021 7:59 PM

@tatere

The “federal government” has required cloud vendors to share information with it for as long as there have been cloud vendors. Keep in mind that there are lots of federal agencies and thus lots of standards and requirements.

And as far as these being “new requirements,” I disagree. A big enough software vendor deals with the most restrictive agency standards; they almost certainly provide this level of security already and would probably welcome both the standardization and the competitive advantage tougher standards imposed on smaller agencies would bring.

Now for the obligatory cynical comment: this executive order was probably written by at least one former employee of a large software vendor.

SwashbucklingCowboy May 13, 2021 8:05 PM

“My concern is that any time you create standards like this you end up with people who’s goals are compliance with the standards and that replaces the goal of accomplishing the actual goals of those standards.”

I forget whose law it is, but “any time a measure becomes a goal it ceases to be a good measure.”

SwashbucklingCowboy May 13, 2021 8:09 PM

“Really….what is that going to do to stop the onslaught of hacking and malware attacks….”

In the short term nothing. In the long term it will reduce the vulnerability of much commercial software and it will raise the cost for attackers.

flat May 13, 2021 8:26 PM

“But given two points on the circle, you know a line that the center will be on.”

Huh?

John May 13, 2021 9:00 PM

@flat,
Construct a perpendicular bisector of a line segment connecting the two points.

ABC May 13, 2021 10:44 PM

@ John • May 13, 2021 9:00 PM

@flat,
Construct a perpendicular bisector of a line segment connecting the two points.

Your name has to be “John” to do something like that.

Zlatan Sedľačikov May 14, 2021 1:05 AM

Since it was created by decree and not by law of Congress, the new council will not have the same wide-ranging powers as the Security Council. However, officials continue to hope this will be useful in investigating vulnerabilities, improving security practices, and encouraging companies to invest more in improving their networks.

Much of the implementing regulation focuses on information exchange and transparency. The aim is to reduce the time it takes companies that are at risk or have discovered vulnerabilities to submit this information to the Cyber ​​and Infrastructure Security Agency.

Etienne May 14, 2021 1:32 AM

I think it’s time for a Constitutional Amendment that says the Executive Branch may not issue Executive Orders that require raising or moving revenue to pay for its demands.

Clive Robinson May 14, 2021 2:16 AM

@ Etienne,

I think you should consider what the “Law of Unintended Consequences” has to say on you wanting to “defund” the US Executive…

One such thing is it would make the position of the President of The United States pointless, and much like many “Monarchs” and other “Heads of State” in the West just a “Ceremonial Signer” of decisions by others.

Even you must have noticed that the “lowest common behavior” rule of thumb about committees applies in spades to both US Houses.

In the past I’ve observed about “democratic representatives” that they are less well behaved than chimps at a tea party in a zoo, and of considerably less use in general. Hence my reason for calling them “Monkeys in Suits” pretending to be beauty contest entrants come election time, and just as stage managed by money men.

Should we fool ourselves that we live in a democracy, or wake up to the fact we have to take responsability for more than our own individual wants and needs?

FA May 14, 2021 4:08 AM

@clive

But you also dod not mention it gives you another piece of information as well as the line between the two points. That is the diameter cannot be any less than the distance between the two points.

Even worse: selecting a point on the line also fixes the radius. So the search space is reduced from 3D to 1D.

For an N-Share system I generate N random numbers of the same bit length as the bit span on a public key system. I then use the public key –which I do not make available– to encrypt all the random numbers and distribute the resulting encrypted,messages to the N participants. On receiving all N messages I decrypt them with the private key to get the random numbers back. I then mix the random numbers in a function to generate the secret key. The function could be just XOR them all together,…

How many people would be able to relate that explanation to what they got taught in school?

The public key encryption is completely useless in that scheme, and only serves to obfuscate the essence: for a key of lenght K, just generate N random numbers of that lenght, and define the key to be the XOR of all of them. Keep one share to yourself. Knowing N-1 shares provides no info at all. The only thing required to understand this is to know what XOR means.

But neither that nor your proposed scheme is an ‘N out of M’ scheme in which
any N shares are required and sufficient to recover the key.

In fact why don’t you post an example system that uses just concepts a K12 pupil would know and relate to, such that they would understand the concept of an N share system.

Because I don’t assume the knowledge and/or intelligence of the audience on this forum to be limited to K12 level with me being the only one knowing everything better.

Clive Robinson May 14, 2021 5:11 AM

@ FA,

Because I don’t assume the knowledge and/or intelligence of the audience on this forum to be limited to K12 level with me being the only one knowing everything better.

I assume that like me most come here to learn things even if it’s just different points of view. Thus I have to assume a base starting point to work from when explaining something. A Kindergarten to twelfth grade (K12) education that prepares you for more specialised higher education should be suitable common starting point as it gives a sufficient foundation in STEM to be able to self progress in more technical subjects.

I’m sorry that you feel that trying to be inclusive should be so offensive to you.

But the point still remains that you are like a theatre critic, happy to find fault, but lacking the ability to tread the boards even when challenged to do so. Thus you don’t help others to learn, I wonder why that would be?

jones May 14, 2021 6:29 AM

At present, software essentially has no product liability due to ambiguities in the Uniform Commercial Code and the way End User License Agreements are treated as a mutual contract between two equal, consenting parties.

While not a strict product liability policy, this measure is a start. It at least incentivizes the production of higher quality software.

If is slows down “innovation” that’s great: most software is riddled with costly bugs that manufacturers are not liable for. I welcome the day I no longer need to subsidize their shoddy workmanship.

Efficiency and accountability are not compatible — it is not efficient to justify your actions at every step, and operating without oversight definitely gets things done — and with software security, I’d rather have some form of accountability.

Shimon Raphaeli May 14, 2021 7:05 AM

As a federal contractor, most agencies that I have worked with, already require MFA and encryption.

It will now be up to NIST to come up with the rules and standards for implementation.

Not a huge deal and not a big problem for contractors or ongoing contracts.

FA May 14, 2021 7:06 AM

@clive

I’m sorry that you feel that trying to be inclusive should be so offensive to you.

There is a thin line between being inclusive and being patronising.
Which is why I avoid writing things like

  • most people don’t know, but …
  • as I have been saying for 10 years …

or to jump on every occasion to show some superior knowledge.

But the point still remains that you are like a theatre critic, happy to find fault, but lacking the ability to tread the boards even when challenged to do so.

I don’t think you have any idea of the challenges I’ve taken, nor of the outcome of doing so.

Thus you don’t help others to learn, I wonder why that would be?

According to one of my profs (of music history actually – he spent half his life in dusty libraries uncovering lost music scores) expert knowledge is the result of long term involvement and practice in some field. If that is true, I can claim to have expert knowledge in a few fields. That includes some in which you are at least equally experienced [1], and some very different others.

That doesn’t make me an expert in anything else. Nor does having a few often recurring mathematical models in mind and being able to dream them. That just allows me to grasp how some things work a bit faster than average, and then only on a basic level.

Yes I will avoid to ‘help others to learn’, except when invited to do so and the subject matter is something I can claim to have some expert knowledge on. That excludes 99 percent of what goes on in this blog, and in particular all the COVID blablah that every dog and his fleas are able to post here.

[1] In fact, the more anecdotes about yourself you post here, the more it seems that at least part of our professional careers must be quite similar. That includes some time ‘wearing the green’ [2] as an officer.

[2] I always believed that phrase referred to Irish Republican pride, not to the military.

flat May 14, 2021 1:30 PM

“Construct a perpendicular bisector of a line segment connecting the two points.”

So right 🙂

Jesse Thompson May 14, 2021 4:03 PM

@FA @Clive Robinson

It’s not my preference that either of you disparage one another or try to one-up one another. I estimate that you are both fairly sharp customers. But here is my take on the discussion thus far.

1: Clive was offering an “easier to grasp” example of how an M of N secret sharing scheme might work.

2: FA attacked Clive’s example as not being state of the art perfect.

3: Clive defended his example as being good enough to help demystify the concept for folk who might not have been as familiar with it, and challenged FA to do better

4: FA declined to offer an example on the strength of feeling that examples ought to be given by people with expertise in the field, which FA suggests that for this field in particular they lack.

My observation is that demonstrative examples do not have to be perfect, and learning material does not have to be perfect. Even real world implementation of security does not have to be perfect, because perfection is an unrealistic standard. Instead, working towards a clearer understanding of what trade-offs are being made (in examples as well as in practice) is what is important.

Doing nothing is not superior to doing something imperfect. Although doing something with poor intel about the limitations of what one is doing can be hazardous, the solution is not “stop doing things” but instead to “better learn what those limitations are” in order to better inform the next steps to take.

So Clive’s example is not a poor one, and his choice to offer a learning example to begin with is appreciated. FA’s observation of the limitation that some information is being leaked by having fewer than M-N known subkeys is a valuable observation, but it should not strike down the example it should instead fortify it. Clive’s further observation of leaked lower bound for diameter also fortifies the example. Here is a viable secret sharing method, and here are an ever more refined list of its known drawbacks.

The partial example FA offered of an M-key system with no information leakage (that I can discern at any rate, it does sound quite solid but I’ll keep ears open if anyone can identify a sneaky flaw) is also valuable, as is it’s domain limitation that “this doesn’t help when you want M of N”. That strategy gains “zero information leakage when some keys are known” at the cost of “cannot unlock for any prescribed M number of keys less than N; you will need all keys period”.

At any rate, every one of these examples are fairly abstract concepts, far from any implementational detail. Nobody is spitting raw source code into the comments section and then trying to sell anyone else on the idea that said code is The Solution™ to any problem of any kind, thus I don’t believe that any poor implementations will be published by anyone as a result of our discussions, and thus there is no need for anyone to remain quiet just because they lack a PHD in applied information security. We can share ideas and perspectives, and doing so ought to be encouraged. Limitations can be found and celebrated and included in the domain restrictions instead of cited as reasons that the imperfect ideas should have been gagged to begin with.

But it is a perennial position of mine that the Four Yorkshiremen aren’t doing anybody a service in this venue. Every time there’s a report of an exploit, or of some novel security product or piece of policy, the response of so many people are a competition of how it’s a bad idea, it’s unsecurable, how everything is unsecurable, how you can’t live life owning a cellphone or standing within a mile of a computer or allowing electrochemical processes to take place within one’s own nervous system.

But it’s not actually clever to do nothing but tear things down, you’ve got to try to build things up as well. Some policy has problems? That’s fine, most do. Why not point out the points that could use improvement and praise whatever portions show promise? Why not opine about alternatives or improvements that still serve the stated goals even if they have their own limitations, instead of suggesting that the only alternative is to pack everything up and head home in contempt and disgrace?

For Biden’s executive order, I can praise that the executive branch is taking some form of initiative in favor of security. The biggest improvement I can offer is replacing the “self-certifying” clause with some actual certification as it appears to me that the policy would lack teeth without it. Unless perhaps the self-certification were implemented in a “hoist by one’s own petard” manner, which is actually a pretty popular regulatory tactic that can get a lot done.

But the proof will be in the pudding: if software vendors wind up facing negative consequences when their software is involved in negative outcomes — such that even those with deep pockets are forced into better security investments — then the policy will be a success, and if not then not.

And as a bonus, we ought to get reliable enough measurements on that outcome (EG: are large software vendors shifting their investments over this?) in a short enough time frame to impact Biden’s re-election cycle, meaning he can also be held accountable for the effectiveness of his initiative here. I view that as a big positive.

Charlie Zaloom May 14, 2021 6:55 PM

This sounds like a reaction to the SolarWinds dev/supply chain compromise. Does this guidance extend from NIST and Common Criteria(CC)?

While the CC framework is OK, certification is an extremely complex process and execution hasn’t been good, in the best of circumstances. There are so few who can do this work at the necessary level.

Additionally, existing protection profiles (certification criteria), if they exist at all, are a hodge-podge of often obsolete and very limited applications and quality. Adding self-certification to low-quality product will not increase trust.

The real problem should be considered: there isn’t enough talent (will & money) to go around to make vendors effective at this. Which makes it look like the way out for most will be through segment-specialized cloud services that can apply proven tools and competent security engineering. They seem to be the only ones focused, incented and funded to do the job right. It’s kind of “back to IBM in the ’70s.”

Theatre Critic (aka FA) May 15, 2021 2:50 AM

@Jesse Thompson

4: FA declined to offer an example

That’s not really true: I took the one Clive claimed nobody would understand and removed the parts (the PK crypto) that only obfuscated how it really worked.

At least you seem to understand it…

Also, if a secret sharing system degrades to 1/3 of its security when two shares out of three are known, then it is not really better than dividing the secret key in three parts. In other words, it’s not just a less than perfect but actually a very bad example. If anyone would propose something like that here, I’m pretty sure Clive would tear it down immediately. He’s usually quite sharp at exposing the hidden deficiencies of simplistic solutions.

On a lighter note: I’m now in the good company of our host who is know as a ‘security theatre critic’ 🙂

SpaceLifeForm May 15, 2021 4:36 PM

@ Jesse Thompson, Clive, FA

The problem is that we do not know if it can leak. Which, I believe, it possibly can, via the magic of math, Just not obvious math.

Whilst I can bisect a line, that does not mean that the line lies on the diameter of the target circle instead of on a chord of a different circle.

And we do not really know or not whether there are harmonic circles that can leak.

Think: Chords may leak diameters. Obviously 2 chords will. If the sharing takes more than 3 players, it may be flawed.

Two can keep a secret, if one of them is dead.

https://en.m.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

SpaceLifeForm May 15, 2021 5:27 PM

@ Jesse Thompson, Clive, FA

I mention circles because every semiprime is tied to a unique circle.

John May 15, 2021 5:27 PM

@SpaceLifeForm

If you have two points of a circle, a line segment connecting those two points is a chord of that circle. And the perpendicular bisector of that chord passes through the center of that circle as well. It also passes through an infinite number of possible circles that include the two specified points, as well as an infinite number of possible circles that don’t include those two points.
So, if two points are revealed, you know the lower bound of the diameter of the circle, as well as a line upon which the center of the circle must lay. So some information has leaked, but the leaked information isn’t enough to simplify determining the parameters of the circle to any significant extent.

Clive Robinson May 15, 2021 5:32 PM

@ SpaceLifeForm,

Which, I believe, it possibly can, via the magic of math, Just not obvious math.

Do I dare mention that a parabola and a circle are linked by a cone which is why only three points are required to describe a parabola?

As for modular fields of infinite planes, yes it’s easier with parabolas because they are open, but circles are closed thus finite.

It’s the kind of “not obvious” that often acts as an impediment to understanding.

SpaceLifeForm May 15, 2021 5:54 PM

@ Clive, ALL

Please, let’s not bring up ellipse. John will get confused. That 3 dimensional talk is confusing for the youngins.

Clive Robinson May 15, 2021 9:01 PM

@ SpaceLifeForm,

Please, let’s not bring up ellipse

Why not?

You only need to know pythag, and have the immagination to apply it and a rotation at right angles to the plane of the circle.

It took my son about five minutes to work out the basic equation for elipses after he asked about orbital mechanics.

For those that do not know… A circle is a special case of an ellipse where both foci are coincident. You can calculate a unity circle just using pythag it’s in most high school maths text books. What is often not is how you relate the positions of the foci on the semi-major-axis.

Think of holding the circle like a hoop at arms length one hand on either side of the hoop. For most people it is a simple matter to rotaye the hoop so the top of it as you look at it comes towards you whilst the bottom goes away. The hoop as you look at it starts as a circle, then becomes an obvious ellipse (oval) untill ay 90 degrees of rotation it looks like a single horizontal line.

Easy so far?

Now imagine that you have a friend holding the hoop and rotating it, and you are standing to one side of them and both there hands at your eye level so you can only see the hand of the side you are on. You are in effect looking down the semi-major-axis. You do not see a hoop but a vertical line that if you are standing on the persons left, rotates clockwise from the vertical untill it is horizontal.

So far so good?

Now when it’s neither vertical or horizontal it’s easy to see it forms the hypotenuse of a right angle triangle. Look at where the foci are on the semi-major-axis and you can quickly see how the verticle of the triangle relates to the distance from the edge of the circle.

Another fun thing is a graphical proof that the ellipse is not parabolic in shape even though it migh look like it.

To draw an ellipse you need two drawing pins a piece of thread and a pencil. Put two knots in the thread the same length as the semi-major-axis and pin then down at the two foci. Pull the thread with the tip of the pencil so it forms a triangle. Then keeping the thread tight with the pencil tip take the pencil round and an ellipse will be drawn out.

To draw a parabolic shape you do things slightly differently. Draw two parallel lines on your paper and draw another line that crosses them at 90 degrees. Again using a thread with two knots in it, pin one at where you want the focus point to be on the third line. Again using the pencil to keep the thread tight and draw a line you need to keep the free knot on one of the vertical paralles and move it and the pencil up and down such that a line between the free knot and the pencil will be parallel to the third line on which the fixed knot at the focus is.

Apply simple logic to the fact the ellipse has both knots at fixed points and for the parabolic curve one end is free. Then flip things over to draw a second parabolic curve on the other side it should be obvious that if you were to cut the two parabolic curves out, no matter how far appart they are a source at one parabolic dishes curve would focus back at the other parabolic dishes focus without either dish or dish focus point changing. A little further thinking will show that an ellipse can not do this as the only time the line from the curve away to the second focus is parallel to the semi-major-axis, is when it is directly coincident to the axis. Even when the ellipse is infinite in size the focus points are less than that appart therfore whilst it approches being parallel it can not ever become so.

All nice and easy to show your kids and bring math to life for them.

Now think about how you would prove it non graphically, would you even be able to work it out yourself without being first shown?

Oh and if you draw both parabolic curves close enough you can show them that they do not join smothly unlike the ellipse.

Whilst you are drawing your ellipse you can also show them what a “cusp” is caused by a “Reflective Caustic”

Basically loose half the ellipse then use the technique for drawing the parabolic curve in reverse such that the lines come in, in parallel and reflect off the eliptic curve.(drawing this takes practice).

You can see such a cusp if you have a cylindrical drinking glass with vertical sides and a flat bottom. If you project in a horizontal “slit of light” angled downwards so it reflects off of the inside of the cylinder and down onto the bottom, you get the bright line of the caustic visable on the bottom. Similar is seen in some tea cups and stainless steel saucepans on sunny winter days when the sunlight comes in a window at a shallow angle.

Weather May 15, 2021 9:58 PM

@clive
I had know idea what you are talking about, but if you plot lotto ticket, you can see the same disputation. Try e 2.713 with a celling at say 100 , then passed that point invert the numbers.

SpaceLifeForm May 15, 2021 10:52 PM

@ Clive

Great description. Hopefully some kids will want to learn.

I was just thinking about a plane thru a conic at a funny angle.

SpaceLifeForm May 16, 2021 1:14 AM

@ Shimon Raphaeli

It will now be up to NIST to come up with the rules and standards for implementation.

“Remember what the dormouse said: feed your head.”

FA May 16, 2021 3:31 AM

@John

So, if two points are revealed, you know the lower bound of the diameter of the circle, as well as a line upon which the center of the circle must lay. So some information has leaked, but the leaked information isn’t enough to simplify determining the parameters of the circle to any significant extent.

If you think in terms of real numbers, the line still has an infinite number of points. But in practice the secret will be a finite number of bits, so all of X, Y (center coordinates) and R (radius) will be quantised.

Assume each of them encodes 40 bits, so the secret key is 120 bits, quite safe agains brute force. Given a line that must pass very close to the center reduces the search space to 40+eps bits, with very small eps. Brute forcing that is very well possible. So this is not better than splitting the key into three 40 bit shares.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.