Slashdot Mirror
Can the NSA brute force RC6? Probably.
Anonymous Cypherpunk writes "The latest Cryptogram Newsletter has an interesting link to a paper about the feasability of building a RC6 cracking machine much like the EFF's Deep Crack DES cracker. The proposed machine would cost roughly $280 million and be able to crack a 64-bit key in an average of only 3.58 minutes. "
Article concentrates on cracking 56 bit keys. Everything serious (ssh,pgp,apache-ssl,fortify) today uses 128 bit keys. Except for my bank, who are using a commercial ssl server.
Mayby they think closed-source, short-key cryptography gives a more security, than reviewable, secure , cryptography...
Bleh.
First off, let's assume that with $280 Million, you can buy 100 million 486's (which is rather unlikely given that with PC's, you would need hard drive space, motherboards, cases/racks, and the network cards/hubs to connect them all.
Now let's assume that you get a genius programmer (willing to work for free, though the cost of the programmer will be minimal compared to $280 Million, so this is not all that far-fetched), and this brilliant programmer somehow finds a way to get the machine to do one round of the algorithm in one clock cycle, meaning that at best (on an overclocked 100+ Mhz 486) each 486 can do 10 million iterations per second for a 12 round system. This now works out to a total rate of 1 trillion iterations per second, or roughly 2 ^ 40 iterations per second. This means it will still take 2 ^ 39 seconds to break one 80 bit key (given that on overage you will only have to search half the key space) 2 ^ 39 seconds works out to be roughly 17,000 years assuming I didn't totally miss something.
Next off, just in case I missed something here, you still have the issue of heat, space, and power consumption. As it is, the very densely packed hardware system would require a large portion of the space of the pentagon (hence the adoption of networks); less densely packed 486's would take up considerably more space, and would use considerably more power.
On the other hand, using the money for a beowulf does have some merit; a beowulf cluster could be easily (relative to pure hardware) converted to attack a different crypto system, however I doubt a suitable 486-based beowulf system is feasible.
I seem to recall some input they gave on the S boxes for DES, when it was being developed. A lot of people thought they put in a nice trap-door for themselves, until a few years later, when it was realized that the numbers they gave avoided some hole that the origional numbers had.
I can't really remember the source, and it's foggy in my mind, so don't trust the anecdote too much, unless someone else comes up with the references. However, if this was the case, it would point towards the NSA being a bit ahead of the outside world.
No, yer right. It was the invention of "differential cryptanalysis" -- basically a chosen-plaintext attack whereby you force pairs of plaintexts over and over through the coding machine until, bit by bit, the biases in the pseudo-random scrambling functions come out as systematic differences in the cyphertexts, and the machine gives up its key.
It works for a general class of s-box like functions but (as Biham and Shamir noted in the original paper) not for the DES s-boxes themselves. Previous to the (re)invention of diff. crypt. in the public literature, the NSA had been very cagey about why they used that particular algorithm -- making everyone worry that DES had a back door. But after the paper was published, they admitted that they'd known about differential cryptanalysis for years, and had designed DES to be proof against it.
So I'd say a lower bound on the gap between NSA and the rest of us would be the gap between the publication of the DES standard [1977] and the publication of the differential cryptanalysis paper [1991].
jsm
http://www.nsa.gov:8080/
"Providing and protecting vital information through cryptology"
Does anyone else find that ironic & hypocritcal?
And if a big three or four letter agency wanted to build a series of these machines, they would get their own chip foundry going, and the price would come down as time went on. Assuming the NSA has done that, you can imagine the cracking power they can throw against codes they haven't comprimised yet.
The following is a quote from some NSA recruitment literature:
"Your work may also take you into our microelectronics fabrication facility that includes a 20,000-sq.-ft "Class 10" clean room. It is here where we are redefining the limits of an array of key technologies - everything from electron beam maskmaking and "direct write" wafer lithography, to wafer fabrication and testing, and more."
So they can make chips themselves. But for a production run necessary to build this cracker it might be cheaper to have someone else make the chips, cause you need about 64 million of them.
Every key is assumed just as likely as any other key (in a brute force attack). Key number 1 is exactly as likely as key number 2^63 is exactly as likely as key number 2^64 - 1. Thius means that the distribution is uniform.
That's what the remarks by Gilmore and Brazier concerning controllable search order was about. Unless you're extremely careful about the randomness of your key-generation technology, your actual key-ditribution will not be uniform, and your keys will most probably fall within a very small fraction of the potential key-space. If you understand how they are distributed, you can shrink the sub-4-minute mean time to crack into something far smaller -- probably under one second, and dominated by set-up time rather than by the cracking computation itself.
"My opinions are my own, and I've got *lots* of them!"
Oh, and the NSA does have oversight. Not as good as I (nor many people) would like, but they do answer to congress and the DoD.
The NSA routinely refuses Congressional requests for information (on the occasions it IS brought to the attention of congress). That's not oversight, that's a sham.
Considering that a good secrecy tactic is to deliberatly leak damaging information to keep people from digging for disasterously damaging information, one must wonder what's going on there. Don't ask Congress, they don't know.
The president MIGHT know what's going on in the NSA. Consider though that this is an organization dedicated to digging up deep dark secrets, and that the president has an image (such as it may be) to uphold.
Looking at the balance of power in the above relationship, this is a recipe for disaster. It might as well have been designed to be corrupt. And We The People are supposed to believe that in spite of this, in 50 years time, the NSA has not become corrupt?
In theory, they could shut it down, but in reality it won't happen unless or until the consequences of NOT doing so outweigh having every dirty little secret revealed to the world (and a few total fictions as well).
I'm not sure that even a public opinion strong enough to guarentee that NOT shutting them down would mean being un-electable ,even as dog catcher, for life would be enough to counter having every last secret (including stealing a fig newton from mom's cookie jar at age 4) revealed to the world. This one may require villagers with torches and pitchforks.
We've seen stuff like this before. Does the name E.J.Hoover ring a bell? History is on the side of democracy -- without resorting to the "lynch mob" kind.
J. E. Hoover lived a full life, died a natural death, and was buried with full honors. All while nasty rumors (probably true) circulated everywhere. Those rumors were enough (at that time) to end any career in Washington unless extrordinary means were used to stay in power. I don't see how that helps your point.
J.E. Hoover was also a one man show. His death ended (as far as anyone knows) the extortion racket. The question is, in NSA's case is it one man (in which case it will go on until that man dies) or is it institutional? (in which case, only the 'lynch mob' will end it).
Keep in mind ( Re: Germany and strong encryption) that the NSA has a history of infiltrating corperations in Europe who make strong encryption equipment, and inserting fatal flaws into the design. That's how they decrypt diplomatic channels. The EU could seriously limit the NSA's power, but that would effectivly BE the lynch mob since the action would not be coming from those who supposedly have oversight.
One big goal in cryptography is to eliminate any such curve. Ideally, the keyspace and the cypher text both look like white noise.
Perhaps my definition of "lynch mob" is different from yours" (I'm picturing burning buildings, here).
I think I allowed my metaphore to cloud the meaning. The burning buildings will be more a figurative thing. I'll try to experss it better:
The NSA will not be shut down by an act of congress, the president, or the DOD. It will be shut down by consistant and loud public outcry. The leaders of the NSA may well feel as if the metaphorical angry villagers have surrounded them. The process will need to take place on several fronts. The people of the EU will have a role to play as well, by demanding that their governments withdraw support, facillities, and permission to base operations on European soil. There will probably be many angry words (even more than usual) in the U.N. over this.
Short summary, it can be shut down, but not by those who supposedly have oversight. It has grown too powerful for them.
Mean is the average value, whilst median is the middle value. Neither are guaranteed to be exactly halfway from either end of the range. My gut reaction is that the range would look similar to a skewed gaussian curve, with -ve infinity replaced by 0 and a worst case situation being a lot higher than 7.56. Comments?
:)
BTW, it was 3.58 minutes, not seconds
"We have seen that the machine can do a full exhaustive key search of a 64-bit key in 7.16 minutes. On average, only 50% of the keyspace needs to be searched, so the average keybreak will be in 3.58 minutes."
:( Of course the range is bounded because we know how many keys per second can be tested, and how many keys exist (2^64). I still think that it will probably be shaped like a gaussian curve though.
You are right. I should have read the article before I opened my mouth... sleep deprevation, excuse, excuse, etc
Also, the NSA would have never OKed DES if they had known the algorithm could also be implemented in software. (There were enough details in the specification to do so.)
computers://use.urls. People use Networds.
But what is fiction and what is fact?
I don't know since when the NSA operates, but they are around for some years. I would like to know if any real proof about these mythical abilities surfaced in the past, some stunt the NSA performed that they were the only ones being capable to.
This is one of the things I wonder. There is lots of software available that would make spying harder, but still your software - lets take any UNIX distribution - comes preconfigured not using this.
So the default is lower security. Why is it not the other way round?
Would it really complicate the installation so much if for example PGP would be made part of the default installation process?
Why do we have telnet or ftp preconfigured, but not have ssh or scp running out of the box?
I would like to see a change here.
Yes. This calculation only works with "average" values.
Now suppose that the cleartext is not known, and is compressed. Then no assumptions can be made about what byte values will appear in it. Those chips would have to be quite a bit more complex - and slower - to do decompression before checking whether the result contains only ASCII printable character codes.
But you're absolutely correct -- a message should be a certain minimum length. Otherwise, the use of a long key and advanced encryption would be pointless.
Kythe
(Remove "x"'s from
Kythe
If you're talking about Ft. Meade, MD, it's not so secret :)
Kythe
(Remove "x"'s from
Kythe
You are correct. All keys would be tried in 7.16 minutes, and on average, the correct key would be found in half that time.
Kythe
(Remove "x"'s from
Kythe
From what I understand, the NSA does have the capability to intercept most, if not all, telephone calls made between America and other countries. I would bet most of these calls are dismissed out of hand as "unimportant".
While it is evidently true that the NSA and equivalent organizations in foreign countries cooperate in the "echelon" program to spy on each other's citizens (since most such departments are prevented by law from spying on their own citizens), I would bet that, again, most communications are simply not important enough to waste valuable time and resources on.
The Internet, by contrast, is potentially a different matter. It is so easy to set up a backbone node and simply scan for keywords that I find it difficult to believe that it's not done. But again, there are practical limits to what the technology can do. I would bet most encrypted messages go unnoticed and undisturbed unless they're between certain people.
Oh, and the NSA does have oversight. Not as good as I (nor many people) would like, but they do answer to congress and the DoD. The trouble is, for the most part, what the NSA does doesn't seem to be routinely brought to congress's attention. Additionally, their budget can be inferred from the fact that they receive their funding as part of the overall DoD budget.
And for what reason do you believe they can "break just about any code"?
Kythe
(Remove "x"'s from
Kythe
Oversight of the form necessary to prevent abuse simply isn't there when it comes to the NSA (from what I've read), and much needs to change.
The point I was trying to make, however, is that, should they choose to do so, congress and/or the president most certainly could change or even shut down the NSA. And at least in name, the NSA does answer to these bodies.
Kythe
(Remove "x"'s from
Kythe
Further, things could get much, much worse for the NSA than they are. I really think they'd be overplaying their hand to try blackmail.
We've seen stuff like this before. Does the name E.J.Hoover ring a bell? History is on the side of democracy -- without resorting to the "lynch mob" kind.
Kythe
(Remove "x"'s from
Kythe
Regardless, Mr. Hoover's tenure in the FBI was widely regarded as the height of its abuses of power. Nonetheless, that power was curtailed through legislative means. Yes, the man had a very successful career, and in many circles, he's honored. In many others, he's villified. How he's remembered isn't the point -- rather, the fact that the democratic system triumphed is.
What we're dealing with (as most seem to agree) is an abuse of power and insufficient oversight. Regardless of the number of people involved, they still, ultimately, answer to/are funded by a democratic system of government. It will probably take courageous folks to rectify it, but such people seem to be taking an interest in the matter, and I have faith that as long as democratic systems of government exist, things like this tend to be rectified.
Perhaps my definition of "lynch mob" is different from yours" (I'm picturing burning buildings, here).
Kythe
(Remove "x"'s from
Kythe
The flip-side of this is, major efforts at public-domain cryptography have only been going on a short while -- pretty much over this decade. Prior to this, it was mostly small efforts outside the NSA. Nonetheless, differential and linear cryptanalysis were discovered after a relatively short time.
IOW, I believe the public-domain efforts are catching up.
Kythe
(Remove "x"'s from
Kythe
All of this info is public knowledge, interestingly enough. 15-20 years ago, noone would even acknowledge that the organization existed. Now they recruit on college campuses.
My, how times have changed :)
It is an interesting question as to whether such an organization could, in ~50 years of dedicated work, defeat mathematical problems that have stood (in some cases, such as the factoring of large numbers) for more than 2000 years as either "extremely difficult" or "unsolvable". My money's on the notion that they're about 10 years ahead of public domain cryptography at this time. They're not gods, however. I'm betting they've probably gone quite a bit further in developing certain technologies useful for cryptography, such as quantum computing (if it can be done), photonics and quantum encryption.
However, it's important to remember that even an organization that could break DES or RC6 (or any encryption, for that matter) in minutes would be overwhelmed if everyone used encryption (real-time mass scanning of internet traffic, for example, would be impossible), and the NSA knows it as well -- this is one reason they've campaigned alongside the FBI to limit the spread of encryption technology.
As far as proof, there are three resources I've found on the NSA. The first is the book "Puzzle Palace" published in the late 70's/early 80's (I don't recall the publisher or the author). The second is the NSA's own website. And the third is hearsay, including alleged NSA employee manuals, etc. published on the 'Net. Needless to say, the last is the least credible.
I'd bet we'll see more possible NSA stunts in the future, as they work more closely with the FBI on high-profile cases that involve criminals and terrorists. Such instances, I would think, would be inherently more visible than the super-secret breaking of Russian launch codes.
Speaking of which, I heard not too long ago that the Russians use RSA encryption for their nuclear launch systems. That alone tells us something of the NSA's capabilities, or lack of same -- assuming it's true.
Kythe
(Remove "x"'s from
Kythe
64 bit and 1024 bit encryption generally refer to 2 different things. The 64-bit encryption is usually symmetric, and relies upon various mathematical convolutions. The 1024 bit encryption is usually a "public-key" encryption method, and is considerably easier to crack for a given key length. 128-bit RSA, for example (if such a thing were available) would be so insecure as to be virtually useless, whereas 128-bit IDEA or CAST is unbreakable, to the best of public-domain knowledge.
Kythe
(Remove "x"'s from
Kythe
I assume that you are reffering to distributed.net's effort in DES-III. At the time of that contest, we had about 40,000-50,000 'active participants' who had submitted blocks within the previous 30 days. Currently, we are working on RC5-64 and have about 67,000 participants who have submitted blocks in the past 30 days. Over the entire life of the RC5-64 contest, blocks have been submitted by 188,845 seperate email addresses, but as you can see, most of those emails are no longer active.
Jim Nasby
distributed.net
> um, why would the growth of capital be a linear
> function? especaly if population growth was
> exponential.
It's the Malthusian Fallacy all over again.
---
DNA just wants to be free...
Well, it's taken us 630+ days to do about 10.5% of the keyspace. Hrm. If this can crack it on an average of about 3 minutes 35 seconds (3.58 minutes, rounded up) . . . hmm... I'll do the number crunching and try to estimate a keyrate within the next 18 hours.
This thing dwarves the Russian E2K for sure. =)
Bummer. I took the stats at face value.
So much for what was shaping up to be a decent conspiracy theory. Next step was to create a web page that suggested little tinfoil hats for one's mouse as a preventative.
--
Don't like it? Respond with words, not karma.
"pretty inefisent [sic]"
So, then, you'd be one of those uptight, humourless sorts that wouldn't recognize a joke if it leapt up and bit you on the arse, eh?
--
Don't like it? Respond with words, not karma.
Just over 188 thousand people are involving their machines in the DES cracking effort. Nearly 900 thousand are participating in SETI@home.
What if SETI@home were just a ruse by the NSA to bust open encrypted messages? Package it as something exciting, get all those none-techie-geek people involved...
Ooh! Spooky! Hey... what's that sound? Is someone ther...
--
Don't like it? Respond with words, not karma.
April 5th, 1999 the New Yorker magazine ran a story about the NSA's campaign (using the UN's inspection people as a cover) against Sadaam Hussain during one of the (many) Clinton bombings:
"The encryption system on Saddam's telephones, made in Sweden, was as sophisticated as any on the international market. The phones had a series of channels, and on each channel were algorithms that chopped the signals into hundreds of bits as the channesl were switched." (p. 32)
"Early in the spring of 1998....the algorithms were unscarambled, and Saddam's most closely protected communications were suddenly pouring into UNSCOM"" (p. 32)
And more...
"In March of 1998, a high-tech team from the National Security Agency. which is responsible for American communications intellegence, flew to Bahrain to revew the telephone intercepts. One official recalls that once the intercepts had been decrypted and transalted the Americans told themselves, "Here's the best intellegence that we ever had!" (p. 35)
"Then in April of 1998, operational control of the Saddam intercepts shifted to one of America's least publicized intellegence unites, the Special Collection Service. The S.C.S., which is jointly operated by teh C.I.A. and the N.S.A. is responsible for, among other things, deploying highly trained teams of electronics specialists in sensitive areas around the world to monitor diplomatic and other kinds of communications. Its operations are often run from secure sites inside American embassies." (p. 35)
All this makes me really suspicious of our bombing of the Chinese embassy-- what that was really about... And also-- it doesn't seem like there's too much the NSA *can't* crack if they want to...
I recommend that article, btw, it was pretty interesting and talked about a lot of sigint stuff in a suprisingly frank way.
W
-------------------
-------------------
This is my SIG. There are many like it, but this one is mine.
Doesn't a good key-length depend on message length? That is to say, a message must be a certain length compared to a key-length (1/2x, 1x, 2x?) to be able to be encrypted by that key?
Granted, anyone whose bothering to encrypt probably knows this, but for those who don't, the crypto software generally pads the message length with pseudo-random data, whose contents can be inferred and used to assist the crack.
Or am I just talking out of my ass here? This really isn't my field.
pooptruck
Is this
;D
* $280 million US consumer dollars, or
* $280 million US government contract bid dollars?
Cuz if it's the latter, don't forget that you have to cover the administrative costs of putting the contract up for bid; costs of parts, labor, and "reasonable" profit to the contractor; costs of a lengthy service contract that is also lucrative to the service organization; cost of integration into the existing systems on site; cost of training personnel to use such a system... oh yes, and the padded-in $100 million to fund classified projects at various locations, including Area 51.
Sounds like $280 million dollars is a steal for such a box!!
SlashSigTheorem: Humorous, Political, Critical, Constructive- If you have a
I work for a company that makes massively parallelized boards for doing text matching at extremely fast rates. I know for a fact that getting a single board with no faulty chips can be quite a chore. Assuming that the NSA could produce thousands or millions of these boards I bet only 75% of those would work. (that's gonna kick the price up a little!) Plus mainframes can lose a processor a day. If you had 10 zillion chips how many of those would die every day? Surely that would slow them down. All that taken into account my guess is that 3 secs is WAY longer than it ACTUALLY takes ;-)
My sig has a broken link in it.
Please, they've BEEN cracking 64-bit code
for a frickin while now.
I agree. The article says that this machine will crack 64 bit encryption in under 4 minutes, it does not say that this is the first NSA machine to do it nor does it say that it and their other cracking machines can't do 128 bit (or other bit levels) too.
Dude, NO amount of math will make social secrity work.
They should put the same money into a Beowulf cluster. 280Mil would buy a LOT of 486's.
I am not your blowing wind, I am the lightning.
face it..not much good could can come out of the government. nasa and science/math are probably the best uses for the billions of dollars that the government gets each year.
I think that the people who would otherwise be without food or shelter or medical attention would disagree with this statement. Also people who drive on roads. etc., etc.
what it doesn't run linux? boycott the nsa and the us govt.
I noticed a logic flaw in the calculation of bandwidth.
he said that there would be X amount of "false positives" during each run. while it's true that X amount of false positives will ocur, you don't know *when* they are going to happen, in other words, you could end up with all the positives going off at once, and locking up the system for quite some time.
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
beacuse it would cost ***a lot*** more money, in order to get the same performance. the artical said that a pIII can crack 300,000keys or so per second
this box can can do 10, million * 2^32 or 42,949,672,960,000,000 keys per second. assuming that these bad ass CPUs can do 800,000 keys per second, you would need 53,687,091,200 of them. or about ten for every living person on earth. that would cost a lot
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
um, why would the growth of capital be a linear function? especaly if population growth was exponential.
if that were the case, we would have *a lot* more to worry about......
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
$280 million would buy a lot of hookers and beer.
in fact forget the beer
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
yes, read the whole artical
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
dude, they arn't *actualy* doing this, this is just some guys thoughts on how much a computer like this would cost to build. there's no indication that the NSA, is building, will ever build, or hasn't already built such a device
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
Because the efficiency of software running on one of these computers would still not equate that of a massively parallel computer of chips designed specifically to crack DES...
Funny to see that article by the EFF. They have no idea how much they have underestimated the NSA.
I used to work for a company called Annapolis Micro Systems (Annapolis, MD). They specialize in selling high performance configurable computing boards (both VME and PCI versions). These boards are especially suited to numerically intense algorithms (image processing, encryption).
It's no big surprise that the single biggest customer of AMS is the NSA. They routinely bought Wildfire arrays (see website) by the dozens. Two guesses as to what they were using them for, and the first doesn't count...
It must be emphasized what kind of power these arrays confer. Anyone familiar with configurable computing knows several things:
1) It's not for the light of wallet.
2) It requires a hefty design overhead for each application.
3) It presents the fastest known solutions to almost every NP-complete and iterative solution problem ever posed.
I am a hardware designer by trade, and I can tell you that is almost beyond my ability to measure what kind of processing power these boards can enable, purchased in groups.
Be afraid, be very afraid...
(Author's note: from my limited knowledge of encryption, keys larger than 1024 bytes probably aren't crackable by brute force in this day).
The opinions I post here have nothing to do with my employer.
$280 million is nearly pocket change to Bill Gates... Big Brother watching you? nah, far more insidious... Big Bill.... All anti-microsoft encrypted content will be monitored...
XML is like violence. If it doesn't solve the problem, use more.
Exponential vs. Linear might not be right, but if
... ask the SS Admin. innocently if you can make a withdrawal on your "contribution account"), and made our elders dependent on its largesse. Robbing Peter to pay Pauls' kids, stealing candy from generations of babies.
rate of output > rate of input, then the eventual effect is the same. The pot, toilet tank, refrigerator, coke can, bank account etc all grow empty, at rates varying with the difference between the in- and out- streams.
Social security? Non-sequitur, except in a graveyard. The government made promises which it assumes our asses can keep (lying blithely about the actual set-up
As someone else pointed out, you don't need a multi-million dollar computer to show this, just the willingness to see truth. The US gubmint is lying to the young to justify its defrauding the rich in a setup which would be prosecuted as a Ponzi scheme if the applicable laws applied to federal agencies.
timothy
p.s. Not to mention the obvious Orwellian aspects of the ubiquitous "SS number, please," which for the sake of readers I will not get into right now;)
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
Beside saying nah nah.. to us internet people..
Why would they bother? Anyone who is using crypto
extensivly, especially to hide illegal activities
isn't using 64 bit. Probably using 1024 bit keys or higher. Only thing I can think of is to build a machine that can actually crack much higher keyspaces, but just say that you are only cracking 64 bit so as to not piss off the public about violations of privacy and such.
The greatest and probably most known stunt is cracking the WW II Japanese crypto and keeping that secret. After WW II they promoted the use of that crypto system just to lure other governments into using something NSA could read as an open book. Many small nations have enjoyed the benefits of the NSA helping hand.
Now it seems that they are trying other means of promoting weak crypto. The more modern approach is via the Wassenaar agreement. This will have a more long term effect by killing off the development of future strong crypto systems. The message is sign this agreement if you wan't to buy our modern weapons. This will have the added benefit of NSA peer review of most correspondence.
//Pingo
--- Linux or FreeBSD, it's like blondes or brunettes. I like both. ---
While I'm sure you have good intentions, it's attitudes like that which keep us from actually getting off this dirt ball before the big one hits and all life is expunged.
...
If it weren't for SETI and NASA using cheap collaborative methods, we would have no chance of any long-term survival.
Yes, the NSA is bad, but leave SETI out of it, ok?
Will in Seattle
they don't call it the Space Needle for nothing
and if my code there fails, oops
Will in Seattle
280 Million of our tax paying money to assure ourselves that terrorists from countries with GDPs lower than half that amount can't gain access to the technology to encrypt their diabolicle plots to smash this country.... yeah right. how about using the machine for something OTHER than breaking encryption keys, like, oh, i dunno, doing the math that will make social security work, rather than going bankrupt within the next 10 years? 280M seems like a lot of money to be spending on a machine i'm not so sure we NEED, and one that won't get all THAT much use.....
i want to live life, not just go through the motions
Its much more interesting than the theoretical brute force machine.
:-) Or if I am, everyone will be doing the same cheat, until we all decide to fix the rules.
I like the quote about cheating. Been doing that all weekend. Great fun being accused of cheating when all you do is exploit a loophole in the rules. Don't know if I'll ever be invited back for a games night again
There is a good follow up about good security == good engineering.
And the JYA article is a simple extrapolation of the EFF's DES breaker to more bits. A quick look at the numbers and I don't think it would cost anywhere near as much to build a machine like that. And if a big three or four letter agency wanted to build a series of these machines, they would get their own chip foundry going, and the price would come down as time went on. Assuming the NSA has done that, you can imagine the cracking power they can throw against codes they haven't comprimised yet.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
Hey, somebody edit this guy out, he is ruining it by telling everyone that we are not really reading the articles. And it killed a great conspiracy theory we had going here. Took all the fun out.
--- Join my team at www.dcypher.net $10,000 to the winning computer #147 "Homebuilt Computer Users"
I can do the calculations that show social security can't work on my TI-86... just graph an exponential function to represent population growth, and a linear function to represent growth of capital. If they cross then the bank goes bust.
(on topic) The scary thing is that the computer predicted in this article would run at 100 mhz and could still crack RC6 in 7.19 minutes. Think of how fast 1 ghz chips will this time next year... or 5 ghz chips by 2002.
... and there is no doubt, that one day he will be
where the eye of his telescope has already been
Why is the NSA trying to crack 64-Bit encryption?
First, why is it trying to crack encryption, isn't this part of the whole Big Brother thing.
Second, why 64-Bit, at that speed, to crack
128-bit it would take 28087540083642867424704551414336999000 min.
That's my 1/50 of $1.00 US
JM
Big Brother is watching, vote Libertarian!!
--Justin Mitchell
"2nd Place is a fancy word for losing" --Bender (Futurama)