CDR: Re: why should it be trusted?

Kerry L. Bonin kerry at vscape.com
Tue Oct 17 10:22:12 PDT 2000 

At 08:24 AM 10/17/00 -0700, Ray Dillinger wrote:
>
>
>On Tue, 17 Oct 2000, Kerry L. Bonin wrote:
>
>>Extrapolate capabilities from the EFF DES crack project and you are
>>somewhat closer (1536 ASIC w/ 24 cores/ASIC yielded 4.52 days/crack of 56
>>bit keyspace), then take into consideration the advantages of using more
>>sophisticated semiconductor processes (ECL 15 years ago, GaAs on Sapphire
>>today) and the higher clock rates that go with that (40MHz to well > 1GHz),
>>and rerun your numbers.  Instead of a small cabinet, fill floors of
>>buildings with these machines, and you have realtime cracking farms.
>
>You have realtime cracking farms for *some* ciphers.  I have always 
>figured it this way: 
>
>They get two orders of magnitude for being "ahead of the curve"
>   in knowledge and technique.
>They get five orders of magnitude of speed for custom hardware. 
>They get seven orders of magnitude for massively parallel hardware. 
>
>That totals 14 orders of magnitude (and I think that's generous). 
>
>So use keys that are six bytes longer than a "reasonable" opponent 
>could crack.  problem solved. 2048-bit RSA is still way out of 
>their league.  

Unless their approach to factoring is radically different.  I've seen some
extremely clever ideas leak into the non-classified press, like holographic
systems for realtime off-aspect optical pattern matching for targeting
systems.  Simple tricks that reduce the theoritical n-GFLOPS/MIPS of
computing time to a few clocks.  Factoring is such a fundamental operation,
I can't accept that the NFS is the optimal attack.

>>As for my own comments, I wrote layout and design tools used on these NSA
>>custom chips in the mid 80's, certified for use with the "NSA Standard Cell
>>Library" by their chip designers (they were just one of the customers of
>>the CAD/CAM/CAE software I worked on back then...)
>
>Interesting.  I thought that was the sort of thing that you could 
>tell the people who'd done it because they were the ones who weren't 
>allowed to talk about it.

Under some circumstances, I guess they aren't.  In my case, my employment
NDA was conventional and very simple, and we regularily used our
certification as a marketing point with defense contractors.  In this case,
I don't mind mentioning what I did, I just make sure I'm careful not to say
more than we used in marketing.  This doesn't violate anything I signed.

More information about the cypherpunks-legacy mailing list