One of the strangest moments at the Black Hat USA security conference in Las Vegas this month has now become the subject of a federal lawsuit against the conference.
In a filing to the United States District Court for the Southern District of New York (PDF), attorneys for the “emerging digital cryptography” firm Crown Sterling alleged that Black Hat USA had breached “its sponsorship agreement with Crown Sterling and the implied covenant of good faith and fair dealing arising therefrom.” Crown Sterling goes on to accuse the conference organizers of “other wrongful conduct” connected to events surrounding the presentation of a paper by Crown Sterling CEO and founder Robert E. Grant. In addition to legally targeting the conference, Crown Sterling has also filed suit against 10 “Doe” defendants, who it claims orchestrated a disruption of the company’s sponsored talk at Black Hat.
Grant’s presentation, entitled “Discovery of Quasi-Prime Numbers: What Does this Mean for Encryption,” was based on a paper called “Accurate and Infinite Prime Prediction from a Novel Quasi-PrimeAnalytical Methodology.” That work was published in March of 2019 through Cornell University’s arXiv.org by Grant’s co-author Talal Ghannam—a physicist who has self-published a book called The Mystery of Numbers: Revealed through their Digital Root as well as a comic book called The Chronicles of Maroof the Knight: The Byzantine. The paper, a slim five pages, focuses on the use of digital root analysis (a type of calculation that has been used in occult numerology) to rapidly identify prime numbers and a sort of multiplication table for factoring primes.
Prime numbers are important in public-key encryption because most encryption algorithms depend on the use of primes to create pseudorandom “semiprimes” – numbers with exactly two prime factors. Large semiprimes used in the RSA 2048-bit algorithm are so difficult to factor that no computer, quantum or digital, has yet been able to crack the primes they are made from to extract the keys. Grant and Ghannam’s paper suggests that their method could quickly find the primes in question and essentially break RSA-2048 and any other semiprime-based encryption. Crown Sterling’s answer to this potential crisis in encryption, called TIME AI, is something the company calls “five-dimensional” encryption, “the world’s first ‘non-factor’ based quantum AI encryption” based on polygons, AI-composed music, Fibonacci’s sequence, and various other things.
— JP Aumasson (@veorq) August 8, 2019
Cryptographers were extremely skeptical, with some referring to the talk as “snake oil crypto.” Even before the event, Mark Carney, a PhD candidate at the University of Leeds, wrote a paper refuting the claims Grant and Ghannam had made in theirs.
Guys, I just Fibonacci sequenced an icosotetragon spiral and now my quasi-primes are propagating and mirror-reflecting infinite wave conjugations.
— 𝓡𝓪𝓫𝓫𝓲𝓽 (@ra6bit) August 12, 2019
In a release after the event, Crown Sterling issued the following statement:
Some allegations were made at Black Hat 2019 claiming that Grant’s presentation included misrepresentations and erroneous claims. “Crown Sterling has announced a legitimate multi-dimensional encryption technology that challenges the paradigm of today’s encryption framework. We understand that the discovery completely transforms the way we secure data and that some members of the security industry are resistant to change or accepting of new technologies that do not conform to traditional approaches,” said Grant. “We completely stand behind all content presented at Black Hat 2019 and we look forward to presenting further developments about the company and our quantum AI encryption technology.”
But the buzz from the presentation was so bad that Crown Sterling is now suing Black Hat for not upholding its standards of conduct for attendees and for violating the terms of Crown Sterling’s “sponsorship package”—the thing that allowed Grant to present at Black Hat in the first place—by allowing “a premeditated, orchestrated attack on [Crown Sterling], staged by certain industry detractors and competitors.” As the company’s lawyers assert in their filing, Crown Sterling believes this was in violation of the “gold” level sponsorship the company and its backers purchased to get a slot at the conference:
In purchasing the highest (“gold”) sponsorship package, Crown Sterling went all in to support the Black Hat conference, trusting that Black Hat USA reasonably would stand by its high standards. But it did not. Rather than treat Crown Sterling with the respect due any participant or member of the public attending the Black Hat conference, Black Hat USA looked the other way when a small group of detractors staged a coordinated harassment of Crown Sterling’s scheduled talk, which was part of its sponsorship package.