RSA-130 Falls to NFS - Lenstra Posting to sci.crypt.research

[Jim Gillogly]

"Vladimir Z. Nuri" <vznuri at netcom.com> writes:
>I have been wondering about malicious hackers getting into these
>pools. would it be possible for them to contribute false data
>that screws up the end results? or are such anomalies easily
>discarded or disregarded by the final processes?

The latter, for this application -- unlike the straightforward approach to
RC4 cracking, the partial relations that contributors find for the
factoring exercise are (like the factoring itself) time-consuming to
compute but dead simple to check... and, in fact, each of them is checked
before accepting it.

>it seems to me that in many cases, these collaborative projects
>virtually cannot check the validity of the supplied data without
>repeating the computation effort, although there may be good
>tests that tend to screen out "most" bad data. 

Yes, that's a good point and one we hashed around a bit at the beginning
of the RC4 project, with less than a perfect conclusion -- but some good
ideas.  You need to account for several kinds of people, including people
plaing with less than a full deck of clues; and the target of the cracking
ring allocating and turning in a "not found" report on the actual target
part of the space.

>future implementors of these programs might amuse themselves with
>trying to create such safeguards or anticipate such "attacks" which
>are pretty significant the more the processes become distributed.

Absolutely.

	Jim Gillogly
	Trewesday, 25 Astron S.R. 1996, 21:32