At 08:24 AM 10/17/00 -0700, Ray Dillinger wrote:
On Tue, 17 Oct 2000, Kerry L. Bonin wrote:
Extrapolate capabilities from the EFF DES crack project and you are somewhat closer (1536 ASIC w/ 24 cores/ASIC yielded 4.52 days/crack of 56 bit keyspace), then take into consideration the advantages of using more sophisticated semiconductor processes (ECL 15 years ago, GaAs on Sapphire today) and the higher clock rates that go with that (40MHz to well > 1GHz), and rerun your numbers. Instead of a small cabinet, fill floors of buildings with these machines, and you have realtime cracking farms.
You have realtime cracking farms for *some* ciphers. I have always figured it this way:
They get two orders of magnitude for being "ahead of the curve" in knowledge and technique. They get five orders of magnitude of speed for custom hardware. They get seven orders of magnitude for massively parallel hardware.
That totals 14 orders of magnitude (and I think that's generous).
So use keys that are six bytes longer than a "reasonable" opponent could crack. problem solved. 2048-bit RSA is still way out of their league.
Unless their approach to factoring is radically different. I've seen some extremely clever ideas leak into the non-classified press, like holographic systems for realtime off-aspect optical pattern matching for targeting systems. Simple tricks that reduce the theoritical n-GFLOPS/MIPS of computing time to a few clocks. Factoring is such a fundamental operation, I can't accept that the NFS is the optimal attack.
As for my own comments, I wrote layout and design tools used on these NSA custom chips in the mid 80's, certified for use with the "NSA Standard Cell Library" by their chip designers (they were just one of the customers of the CAD/CAM/CAE software I worked on back then...)
Interesting. I thought that was the sort of thing that you could tell the people who'd done it because they were the ones who weren't allowed to talk about it.
Under some circumstances, I guess they aren't. In my case, my employment NDA was conventional and very simple, and we regularily used our certification as a marketing point with defense contractors. In this case, I don't mind mentioning what I did, I just make sure I'm careful not to say more than we used in marketing. This doesn't violate anything I signed.
At 10:22 AM -0700 10/17/00, Kerry L. Bonin wrote:
At 08:24 AM 10/17/00 -0700, Ray Dillinger wrote:
That totals 14 orders of magnitude (and I think that's generous).
So use keys that are six bytes longer than a "reasonable" opponent could crack. problem solved. 2048-bit RSA is still way out of their league.
Unless their approach to factoring is radically different. I've seen some extremely clever ideas leak into the non-classified press, like holographic systems for realtime off-aspect optical pattern matching for targeting systems. Simple tricks that reduce the theoritical n-GFLOPS/MIPS of computing time to a few clocks. Factoring is such a fundamental operation, I can't accept that the NFS is the optimal attack.
You still don't get it, do you? A holographic system buys polynomial factors of improvement, not exponential factors. Shamir said as much, of course, with his optical tools he was writing about a few years back. You keep referring to these "tricks" for reducing exptime to "a few clocks." Paranoia is useful, but assuming that the NSA "must" have some selection of tricks which would astound and shake the world, absent any indications that this is so, is beyond paranoia and is into some weird kind of NSA-is-the-Great-Oz worship. As Declan said, extraordinary claims require extraoridinary proof. All you've done so far is to hand wave (and somethingelse-wave) about how custom silicon and unspecified tricks _must_ be useful. As another poster noted, where's the 10^78-fold improvement? (And the 10^200-fold improvement? Etc.) --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.
participants (2)
-
Kerry L. Bonin
-
Tim May