"I'm sorry Captain. They rotated by fourteen." |

*why is*

*the cybersecurity*

*so*

*bad*on

*Star Trek*?

Please don't take this the wrong way. I'm a huge Trek fan. I've watched every episode ever made, and I'd do it again if I had time. Even the Holodeck ones.

But I also teach computer security, and specifically,

*cryptography*. Which is ruining the show for me! How can I buy into a universe where the protagonists have starships, transporters and dorky positronic robots, but still can't encrypt an email to save their lives? The Trek crew has never encountered an encryption scheme that didn't crack like an egg when faced with an 'adaptive algorithm' (whatever that is), or -- worse -- just a dude

*doing math in his head.*

But there's no reason to take my word for this. Thanks to the miracle of searchable Star Trek, you can see for yourself.

Cryptographers deserve better. Viewers deserve better. And while I can't fix bad screenwriting, I

*can*try to retcon us an explanation. And that will be the subject of this post: four

*scientifically credible*explanations why 24th century crypto could legitimately be so awful.

**Theory #1: A quantum leap**

One answer to the mystery of Trek's bad crypto is so obvious it's mundane. It's the 24th century, and of course all the computers are

*quantum*. Everyone knows that quantum computers are super-duper-powerful, and would blow through traditional encryption like a knife through butter.

But not so fast! As I've written before on this blog, quantum computers are actually quite limited in what (we think) they can do. This even goes for quantum computers enhanced with bio-neural gel packs, whatever the hell those are.

Specifically: while QCs are very good at solving certain number-theoretic problems -- including the ones that power RSA and most public-key encryption schemes -- theorists

*don't*believe that they can efficiently solve NP-complete problems, which should still leave an opening for complexity-theoretic crypto to thrive in the 24th century. And yet we never hear about this in Trek.

Of course it's always possible that the theorists are wrong. But quantum computers

*still*don't explain why Spock can apparently crack encryption codes in his head. (And no, 'Vulcans are really good at math' is

*not*a theory.)

**Theory #2: It's the warp drive, stupid**

If there's a single technology that makes the Star Trek universe different from ours, it's the Warp drive. And this tees up our next theory:

Shockingly, there might actually be something to this. Exhibit A is this paper by Scott Aaronson and John Watrous -- two honest-to-god complexity theorists -- on the implications of a physical structure called a 'closed timelike curve' (CTC) and what would happen if you used one to go back in time and kill your grandfather.Could it be that there's a conflict between faster-than-light travel and secure cryptography? Could Zephram Cochrane have done in crypto?

Aaronson and Watrous aren't really interested in killing anyone. What they're interested in is paradoxes, and particularly, what it means if the Universe

*resolves*paradoxes. It turns out that this resolution power has huge implications for computing.

It seems that computers with access to paradox-resolving time travel would be dramatically more powerful than any of the computers we can envision today, regardless of whether they're quantum

*or*classical. In fact, CTC-enhanced computers would be powerful enough to efficiently solve problems in the complexity class PSPACE. This would utterly doom the type of complexity-theoretic crypto we rely on today.

But this still leaves a question: does the Warp drive necessarily imply the existence of CTCs?

One clue comes from Einstein's special theory of relativity, which implies that faster-than-light travel would imply violation of causality. For those without the physics background: Star Trek IV.

**Theory #3: Complexity theory is dead**

Do you remember the episode in Deep Space Nine where O'Brien and Bashir discussed the latest developments in Ferengi computer science? How about the episode that took place at a Vulcan complexity theory conference? No, I don't either.

*These things never happened*.

This all by itself is suspicious. Trek characters could waste hours blabbering about subspace fields or trying to convince Data he's a real boy. But something as central as the computers that run their ship and keep them alive? Not a peep, not even in a "TECH

It's almost as though by the end of the 24th century, complexity theory has fallen off of the list of things people care about. Which brings me to my next theory

*:*

In one sense this would be huge and mostly great news for computer scientists. But it would be a disaster for the efficient (complexity-theoretic) encryption we use on a daily basis. For things like RSA and AES to be truly secure, we require the existence of 'one-way functions'. And those canIn the Star Trek Universe, P = NP.

*only*exist if P does not equal NP (P != NP).

Fortunately for cryptography, most computer scientists are convinced that P != NP. They just haven't been able to to prove it. The most recent attempt was made by Vinay Deolalikar of HP Labs, and his proof foundered on subtleties just like every one before it. This means the problem is still open, and technically could go either way.

If P

*did*turn out to be equal to NP, it's conceivable that result would look exactly like Star Trek! A few algorithms could still be quite difficult to break (

*i.e.,*the attacks would have huge polynomial runtimes). But maybe not. People might instead fall back on

*obscurity*to overcome the mathematical impossibility of building strong complexity-theoretic encryption. One-time pads would still work, of course, and quantum key distribution might allow for point-to-point transmission. Everything else would become a massive joke.

Now, this theory still doesn't explain the 'breaking crypto in your head' thing, or why it takes like six hours to change the Enterprise's command codes. But it would go a long way to repairing the damage wrought by years of bad scriptwriting.

**Theory #4: The Stallman effect**

Live long and publish your source. |

To get a fix on it, you first have to think about this Federation we hold so dear. Here we have a society where the cost of making something is simply the marginal cost of replicating a copy. Money isn't necessary, and people are free to devote themselves to activities that are fun

*,*after spending the necessary ten hours a week on required tasks such as legislation, family counseling, robot repair and asteroid prospecting.

Does any of this sound familiar to you? Yes.

*Th*

*e Federation was founded on the teachings of Richard M. Stallman.*

A society based on the teachings of RMS can't possibly get security right. To such a society, security is simply a tool that prevents you you from accessing the full capabilities of your

A minor problem with this theory is that it doesn't explain why bad cryptography crosses species lines: even the Romulans have terrible encryption. Of course, the Romulans have frigging

*cloaking devices*and still haven't managed to wipe us out. So maybe we can just chalk that one up to incompetence.

**In conclusion**

I admit that there's only so far you can go with all of this. At a certain point you have to give in and admit that the Trek screenwriters don't know encryption from a Chronoton field. And honestly, what they've done with cryptography is

*nothing*compared to what they've done to physics, electronics, and historical drama.

And please don't get me started on the Holodeck. Can't they just fit that thing with an OFF switch?

Still, if nothing else, this post has given me another forum to bitch about my favorite grievance: bad cryptography in movies and TV. And a chance to remind Hollywood (should any representatives be reading) that I am ready and willing to help you with your cryptographic script writing problems for a

*very*reasonable fee. Just don't expect anyone to do crypto in their head.