At 10:32 PM 12/17/95, Anonymous wrote:

What caught my attention was the architecture.

A "hybrid design linking two supercomputer processors with an array of HALF A MILLION inexpensive processors" that were designed by the U.S. government laboratory affiliated with the NSA. The same chip house that brought us Clipper.

First, half a million chips is not that big a deal...the Connection Machine had up to 64,000. Very few cryptographic problems of interest to us will be affected by a mere factor of a million or so. Second, there was work on a "processor-in-memory" architecture, in conjunction with a Bowie, Maryland spook-connected company. Perhaps this is what you are thinking of? Third, all avenues of continued funding having fallen through, Cray Computer (not Cray Research, of course) was shut down and assets liquidated. I haven't heard what's become of Seymour, though. (He is undoubtedly an asset, buy I doubt the Agency would have him liquidated.)

I've not kept up with the "ultimate" demise that eventually befell Cray Computer Company, but the October 16 FBI filing on capacity for Digital Telephony got me thinking back to this article. 1% seems like a rather huge need for horsepower. And what if GAK doesn't fly? And the widespread use of hard crypto just keeps increasing?

The tightly-coupled supercomputers are hardly needed for these sorts of problems.

This kind of machine could, in theory:

1) Implement ALL Clipper(II) based Key Escrow functionality in silicon (the easy part) AND allow for simultaneous decrypt and surveil of 'who knows how many' Clipper based data streams.

Huh? First, what evidence do you have for this claim? Second, who cares? Implementing Clipper in a Cray Computer machine--why bother? As to the claim that a million-processor machine could do this, you need to work out the math. (If a backdoor exists, or the LEAF has been gotten, a supercomputer is not needed....)

2) Implement general RSA based Prime Factoring functionality in silicon (the not so easy part) AND allow massively parallel decrypt and surveil of 'who knows how many' RSA/etc. based data streams.

Prime Factoring? Primes are easy to factor, of course. (Hint: Every prime has two factors.) If you mean using supercomputers to brute force the general factoring of an RSA modulus, this is nonsense. While there may be math shortcuts we don't yet publically know about which make factoring easier than we currently think it is, a mere million or even a billion processors will not make a dent in the factoring of, say, a 700-digit modulus. See the tables in Schneier and elsewhere for some estimates of factoring efforts needed.

3) Implement it all, AND 'on-line' transaction based surveillance via the FBI's 1% capacity infrastructure.

Let's see some numbers. (On second thought, let's not.)

Chilling... Who needs key escrow (or RSA private keys) when you've got a massively parallel prime factoring machine. What if GAK was to become a 'non-issue'? How fast do you think a machine such as this could factor RSA 129?

Well, do the math. The MIPS-years for the RSA-129 crack were publicized, so the computation for a million SPARC-equivalent (or even UltraSPARC-equivalent) can be done. When you've done this, and concluded that RSA-129 could be done in, say, X minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT group), and on to the 1024- and 2048-bit keys. Tell us how many years or centuries it will take. (Hint: Rivest and Schneier have done these calculations....) --Tim May, who fears that he's just been trolled by Derek Atkins Views here are not the views of my Internet Service Provider or Government. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 | black markets, collapse of governments. "National borders are just speed bumps on the information superhighway."