CDR: Codebreaking with a multi-Teraflops network: one technique

[Ray Dillinger]

Let's say you're a high-level spook, and you've got a bunch of 
encrypted intercepts of uncertain origin.  Gigabytes and gigabytes 
of them. Maybe they came with partial keys, maybe they are only 
40-bit or 56-bit keyed in the first place.  Maybe you have partial 
keys on some of them (from the "work reduction fields" or whatever 
on lotus notes for example).  You don't have any knowledge that 
would link a particular one of these with a particular case, but 
you strongly suspect that somewhere in there are a few dozen that 
bear on cases you're investigating, and maybe a few dozen more 
that would be good leads into cases you ought to investigate.

You'd like to focus a few dozen Teraflops of processing power on 
it, but most of your machines are taken up with higher-priority 
projects pertaining to identifiable cases, or to projects that 
have better odds of near-term success. What can you do?  

It should be childs play to set up a "front", as a scientific or 
charitable organization.  Dream up a CPU-intensive task that engages 
people's imagination or sense of wonder, but which nobody would 
expect results from anytime soon.  Write pages and pages about 
having written the kind of software you'd need to run to work on 
that problem -- the Great Idea, the problems, the triumphs and 
tribulations, the agonizing decisions and occasional design 
compromises and limitations, and the satisfaction with the end 
result.  All fiction, but hey, this is just a front, right? 

Now, take your code breaking software and add some pretty graphics 
to it.  Graphics and messages that have to do with the fake project 
you dreamed up.  Arrange it so it runs as a screensaver.  Set up a 
server that breaks the keyspaces and intercepts you need to check 
into chunks, and let people download chunks to work on and upload 
results.  Set up elaborate tracking stuff that tells how many CPU-
hours, how many work units, etc, each contributor has contributed.  

Hire a bunch of people at the front organization who sincerely 
believe that all these cycles are expended on the fake project, 
and let them effusively thank all the people who download and run 
the software.  Explain that you can't release the source, because 
then people would modify it and your scientific data might be 
corrupted.  

It could work.  

>From the outside, it would look a lot like the SetiAtHome project.

Just a thought.  

				Bear