RC5-64 Success

Peter Trei writes "After over four years of effort, hundreds of thousands of participants, and millions of cpu-hours of work, Distributed.net has brute forced the key to RSA Security's 64 bit encryption challenge, winning a US$10,000 prize. Still outstanding Challenges carry prizes as high as $200,000. RSA's PR release is here. d.net's site has not yet been updated." Update: 09/26 16:59 GMT by CN : The good folks over at SlashNET are having a forum with the distributed.net crew on Saturday at 21:00 UTC. It'll be a great time to meet some of the people who made this possible.

Congratulations

[Dirtside]

While this is an admirable achievement, I found another distributed computing project which I think is more worthwhile -- namely, Folding @Home, which is a distributed protein-folding simulation effort. This is the kind of research that will end up curing things like Alzheimer's, and I think it's a better use of your processing time than brute-forcing encryption keys (or even SETI, or Primenet). I encourage everyone to participate in F@H instead, as I think it will provide a greater benefit to us all in the long run.

Of course, some on /. may need to be reminded that they are indeed free to run whatever distributed computing software they feel like; I am merely requesting that they run this one.

I think many posters here are missing the point

[watanabe]

I think many posters here are missing the point of this. RSA wants people to crack these weaker crypto offerings; it makes their story better, not worse.

• They know exactly how insecure RC5-64 is. They want other IT groups, industry groups and tech managers to know it. The easiest way to do that is to offer open challenges with cash prizes. It's never hard for RSA to up their bit-length to 4096, say, a year before 2048 RSA is broken, and someone collects their $200,000. It is hard to make PHBs understand that RC5-64 is not secure if nobody has broken it.

Secondly, Distributed.net clearly isn't doing it for the cash. I didn't do it for the cash, either. (Although I wouldn't have minded winning.) They're doing it because:

• Breaking codes gives nerds their kicks.
• Building a distributed computing architecture is a difficult and interesting problem.

With current technology, as RSA likes to demonstrate, the winners are the cryptographers, not the cryptologists (the code breakers.) Quantum computing may change that, and make the cryptologists the winners. Until then, RSA can happily give cash prizes for increasing length keys: the numbers are on their side.

Distributed.net no longer in the public eye

[HoserHead]

It's sad, really, that so much focus has moved off Distributed.net to SETI@Home and the other distributed computing projects when Distributed.net was one of the real pioneers of this style of computing (that is, harnessing regular people's CPU time).

In one of my CS classes, we were discussing distributed computing, and a question of any well-known distributed computing projects was asked. I answered "Distributed.net" - and the instructor promptly asked "What's that?" The next student to respond, of course, said SETI: the answer he was looking for.

Maybe I'm biased, as the former maintainer of distributed-net for Debian, but has Distributed.net really become this unimportant and forgotten?

Re:FINALLY.

[Matt2000]

Seriously though, can anyone tell me what the attraction to the d.net project was? It seems like a colossal waste of cycles to me. Everyone knew it was going to be successful, it was just a matter of wasting enough time to eventually find the right block.

Now that it's over, what do we have to show for it? A whole lot of nothing it seems.