On Feb 15, 5:01pm, Timothy C. May wrote:
Subject: Re: (fwd) DES challenge organisation However, an uncoordinated search is only less efficient by a small factor of two or three, with a 95% probability that the key will be found with an effort "only" 3 times greater than with a coordinated search. (The Poisson probability distribution is what's involved here, and the math is fairly easy to work out.)
The motivation to crack the DES challenge is more the political one of proving DES (aka 56 bit encryption in the popular press) insecure than the financial one of getting the $10,000 prize. To actually get a good mesaure of the strength of DES using this approach, the number of machines that participated in the attack and the time they spend has to be known. This is a main reason why Germano's team prefers the search to be co-ordinated and why they have been asking people not to start the search before the server is ready.
One of the problems with a coordinated search, if the remaining keyspace to be doled out is publically announced, is that as the keyspace is searched and a key _not_ found, the remaining keyspace is increasingly more tempting for "independent searchers" to search. Sort of the way the odds on some lotteries actually become "acceptable" as the lottery pot grows. The organizer of the coordinated search must then, I surmise, keep the assignments secret and dole out keyspace securely.
Knowing the number of people they were able to get to participate in the RC5 attack, this is not a significant problem. They are going to have 5000 clients nibbling away on the not-yet-searched keyspace. Some Johnny-come-lately trying to muscle in on the action towards the end is not going to make a significant dent in their chances of hitting the correcy key first.
Having the prize money go to the finder of the key, as opposed to some artificial division between EFF, Gutenberg, etc., is also an incentive for people to contribute more CPU time.
Again, they didn't have a problem getting people to join in on the RC5/32/12/6 attack. At least the same number of people can be expected to join in for the DES attack, giving an estimated search time of around eight months, if nobody else builds a hardware DES cracker first. -- Anil Das