Re: [cryptography] How big a speedup through storage?
On Fri, Jun 20, 2014 at 6:35 PM, Jeffrey Goldberg <jeffrey@goldmark.org> wrote:
(I hope it is clear that I do not think of this as anything like a practical threat to AES.
Of course, 8 rounds at 2^unreachable is not practical.
I had just remembered this paper, with its enormous data requirements when I saw original question.)
Any (reliable) estimates on how big?
$10M in drives at consumer pricing will get you a raw 177PB, or 236PB at double the space and power. Or $1B for 17EB. Budget is an issue.
As always, let’s go with the high estimate in the hands of the attacker. We are still far far short of the storage requirements for this particular attack (and all for less than a 2-bit gain).
So I think that it is safe to say that all that data storage is not an attempt to use the particular attack I cited.
I meant as answer 'estimates on how big' question. Take what we know about storage, figure in some good efficiencies for the 'storage only' case. And figure what can be bought and operated year on year per foot. You could hide/support $1B + $1B/year but $10B/yr would be hard given entire intel budget is $80B, or $50+B if you drop mil. So... 1) How big can you get within budget? 2) What can you do with it re: a) crypto, or b) otherwise? https://en.wikipedia.org/wiki/United_States_intelligence_budget https://en.wikipedia.org/wiki/United_States_Intelligence_Community http://www.martingrandjean.ch/data-visualization-top-secret-us-intelligence-...
participants (1)
-
grarpamp