Tim May wrote (reply comments offset by leading '***'): Subject: Re: 'Black' budget purchases Michael Wilson writes:
The data from the Maryland Procurement Office that is stored in certain databases (and removed from others, as I have just discovered when I checked) provides the complete 'black' budget purchases of the intelligence community, not just their purchases of supercomputers. Such raw data goes a long way towards confirming other bits of intelligence, such as the establishment by NSA of its own chip manufacturing facility owing to a lack of trust in undocumented sections of commercial silicon. This data is useful beyond knowing the numbers
That the NSA contracted National Semiconductor to build a facility on-site has been common knowledge since 1989-90. The fab is not state of the art (i.e., is not 1.8 micron or better) and is believed to be used for the very reasonable purpose of producing keying material in a secure environment (ROMs, PROMs, fuse-linked micros, PLAs, etc.). It is unlikely--but possible--that high-performance micros are being manufactured there. *** We were tracking NSA purchases of material over a decade ago; as for their usage of the technology, my statement was simply that they felt, after serious analysis, that they couldn't trust commercial silicon. The issue was trust, not computation power.
of supercomputers available (although it does help provide an upper boundary on raw processing power, useful for quantifying tolerances).
What we find interesting regarding the number of supercomputers at NSA is what they do to the keyspace; a supposition of ours from the early period of commercial public key was an attack on the domain of potential keys. Given a known keylength, a powerful systematic search for primes that fit that range can, over time, begin to damage the strength of the system. Careful analysis of
This is nonsense. A typical 1024-bit RSA system uses p and q close to 512 bits each, e.g., 511 and 513. Whatever. Now a 512-bit number is a 150-plus decimal digit number. About .5-1% of all of these numbers are prime (by the Prime Number Theorem, or somesuch...about 1/N of all N-digit numbers are prime, as I recall). How big a keyspace is this to start searching "systematically"? Considering that there are "only" about 10^73 particles of all kinds in the entire universe (based on our best estimate of the size of the universe, the density of galaxies, gas clouds, etc.), this means that if every particle in the universe were searching for and recording the primes they discovered, each particle would have to store 10^77 primes! So much for "a powerful systematic search for primes that fit that range." *** You assume that your selection of primes is random; it is the case, particularly in the initial usages of public-key systems, that attacks could be made on keyspaces based on the prime generation method. A point that number-crunch jockeys tend to forget is that psychology and systems analysis provide greater in-roads against secure systems than brute force.
technical resource also allows one to speculate--are CM platforms (pardon the pun) used for exhaustive systematic search for keys, while Cray systems are used for attacks on the keyspace? Differentiation of parallel versus scalar processing towards attack domains is interesting.
"Parallel versus scalar processing"? Parallelism means nothing at these scales...see the above point. *** Your point is orthogonal to our point. The two systems are used for different attacks--parallelism can be used for exhaustive search, such as for DES keys, while scalar processing can be used for testing primality.
Michael Wilson Managing Director, The Nemesis Group The Adversary
--Tim May *** TNG