Using supercomputers to break interesting ciphers

Sat Sep 1 17:50:10 PDT 2001

Faustine wrote:
Tim wrote:

(snip)

>You are now backpedaling furiously away from your "common to newbies" 
>claim that fast computers might be used to break ciphers. Here's a chunk 
>of dialog from an August 8 post of yours:
>(comments after ">" are from Tim)
> >Except when was the last time you heard of a Cypherpunks-interesting
>>cipher being broken with _any_ amount of computer crunching?
>"Since when did people stop trying? The last time I heard a researcher 
>>talk about trying to break a Cypherpunks-interesting cipher was last 
>>Thursday."
>This, and similar comments you made about the Sandia and IBM 
>supercomputers, clearly imply you think one of the uses of these 
>supercomputers is to "try" to break what I called 
>Cypherpunks-interesting ciphers.

If I had known that to you "computer crunching" is synonymous with "brute 
forcing large keys" I certainly would have expressed myself differently.

>Many who are exposed to crypto to the first time, and who haven't 
>thought about the issue of factoring large numbers, simply "assume" that 
>a worthwhile goal is to "try" ("Since when did people stop trying?") to 
>break such ciphers with faster computers.
>(To be sure, there are interesting projects on faster factoring methods, 
>better quadratic sieves, searches for Mersenne primes, all that good 
>number theory stuff. Some of it is even being done at Sandia. But this 
>is a far cry from the common belief that Cypherpunks-interesting ciphers 
>may fall to attacks with mere supercomputers. Do the math on what a 
>trillion such Sandia computers could do if they ran for a billion 
>years...then realize there are keys already in use today which cannot be 
>attacked by brute-force (or probably any other direct means) with all of 
>the computer power that the universe could ever support. Mind-boggling, 
>but I realized this via some calculations just after starting to look 
>closely at RSA.)
>You are now backpedalling, claiming you never meant this.

Backpedalling has nothing to do with it. "trying to break Cypehrpunks-
interesting ciphers" does not equal "using supercomputers to brute-force 
large keys." "Interesting cryptograhic applications" does not equal "brute-
forcing large keys". Why is this so difficult. 

>Similar to the way you claimed "if someone else is convinced it's 
>interesting enough to be willing to foot the power bill (as I had 
>anticipated would be the case)," well AFTER I posted an article pointing 
>out that the power bill alone for running older Pentiums and G3s would 
>pay for faster new CPUs to make the old DIY machines a waste of time. 
>Fact is, you HADN'T "anticipated" this...you saw my calculations of 
>watts and MIPS and only _then_ did you retroactively "anticipate" that 
>power concerns make such arrays of old machines a lose. Check the 
>archives. 

The "as I had anticipated would be the case" refers to being allowed to 
build it in someone else's facility, on their dime.  I never said the first 
thing about having done any of the calculations mentioned in your post. 
It's their facility, I anticipate they find it interesting enough to let me 
build it there, they foot the power bill. What's so tricky about that. In 
fact, I meant for the passage to serve as a sort of explanation of the 
circumstances in which power costs weren't enough of a central issue for me 
to have considered them. The end of the sentence you omitted, "where's the 
downside?" might make this clearer. Obviously, not clear enough. 

>When some adds a gratuitous "As I had anticipated would be the 
>case" under these circumstances we know we are in the presence of a faker.

You interpreted it as referring to what you thought it ought to in order to 
bolster whatever view you want to have of me. Nothing new.

~Faustine.