Re: NSA Spy Machine and DES
It is entirely possible that the Cray SIMD machine will use Xilinxs. The folks at the Supercomputing Research Center in Bowie are also building machines with these Xilinxs. They're known under the name "Splash" and they've built at least two generations. One of the architects told me that the machine was only good for "deeply pipelined" processes. There is one preprint, for instance, that describes how to do text searching with the machine. (Surprise.) Much of this should be public because the folks from the SRC often go to conferences and present information. Two names on the Splash project that I can think of are Buell and Arnold. If anyone can dig up papers on this topic, I would be intrested to read them. That being said, I still don't really see the advantages of Xilinx. But this really could be because I've never programmed the machines nor have I used them for anything. It just seems unlikely to me that DES can be done that much faster. But like I said, what do I know? I would be intrigued if someone could run a back of the envelope calculation on building a machine with Xilinx. How many processes can you do with it? How many testing circuits can you fit on a chip? How fast will these circuits go? What is the big win from pipelining the process? Sure you can build a sixteen stage pipeline, but will you need to put copies of the SBOXes at each stage? How much space will this take? How deep will the gates be? What is the gate delay at each stage? What will be resultant speed? The fact is that for all of DES's bitwise 6-to-4 sboxes and other weird stuff, it isn't that hard to implement in a RISC processor that has XOR, AND, shifts and fast table lookup. Any answers out there? -Peter
On Aug 19, 1:12pm, Peter Wayner wrote:
But like I said, what do I know? I would be intrigued if someone could run a back of the envelope calculation on building a machine with Xilinx. How many processes can you do with it? How many testing circuits can you fit on a chip? How fast will these circuits go? What is the big win from pipelining the process? Sure you can build a sixteen stage pipeline, but will you need to put copies of the SBOXes at each stage? How much space will this take? How deep will the gates be? What is the gate delay at each stage? What will be resultant speed?
You seem to be assuming here that DES cracking is all this machine will do, which is something I really doubt. As Phil Zimmerman pointed out some time ago, there are lots of other interesting applications which SIGINT operations perform. Signals analysis is one he mentioned, and I'd also add the computationally expensive tactical and traffic analysis operations (ie. scanning masses of data items searching for significant correlations). Examples of this might be noticing an increase in the use of enciphered military comms from one country's border, and thus deducing (without necessarily breaking the cipher) that a military buildup is occuring along this border. Sure, this sounds easy, but if your surveillance network intercepts a hundred thousand transmissions worldwide per day, correllating the lot for this sort of information is not a simple task. Amusingly, such mass analysis is now filtering down to the commercial level, and the term which is used is "data mining". You might also like to consider the automated analysis, sorting and indexing of the terrabytes of textual information which the NSA would intercept every day. There is no way they could ever employ enough people to read it all, so it is almost certain that automated sieves are being used for this application. In summary: the NSA does more than breaking codes, and their computers are not only used to run through lists of keys for DES encoded intercepts. Ian.
participants (2)
-
Ian Farquhar -
Peter Wayner