>One question, could d.net be having a negative effect on the perceived
>security of RC5-64? And if not actually having such and effect, how often
>will it be twisted to sound like it is? For example, in the EFF book the
>FBI and NSA are quoted as using d.net's results on RC5-56 to show that it
>is just too hard for them to even crack 56 bits - "But that idea [brute
>force cracking] is simply unworkable, because this kind of brute force
>decryption takes too long to be useful to protect the public safety. For
>example, decrypting a single message that had been encrypted with a 56-bit
>key took 14,000 Pentium-level computers over four months; obviously, these
>kinds of resources are not available tot he FBI..." (see 1-2, 1-3 etc and
>http://www.computerprivacy.org/archive/03171998-4.shtml -- for the entire
>text.)
I can see what you are saying here, and I have seen this reaction from a couple friends
of mine. I think for d.net to properly display the picture that the number of machines
working on the effort should be classed by the CPU type, or relative computing power.
Excuse any ignorance, as I am not even remotely familiar with the inner workings of the
client... but it might be an idea (and I don't even know if this is possible) for the clients
to record the actual amount of CPU time that the client used for the given block (not
how long the client was running to do that block, but the total time the client was active
on the CPU to complete that block), and the CPU type, and have this information
submitted for each block that was "checked in".
I think with more detailed recording, then the picture could be painted better. It might
be an idea to have more comprehensive benchmarks for the different CPU types and
then averages developed (removing the outlyers of course) for each type/category of
CPU. With the definition of a "reference system", the benchmark averages could be
used to define the relative speed, and then have the cracking time expressed say as a
figure in MHz-hrs or something.
This would let d.net express the cracking time results in more favourable formats,
which would help to prevent people from overly generalizing and saying that it to X x
1000 Gigabuster 2 years to crack it... seeing that I think there are a considerable
number of machines working on d.net that are probably not even at todays entry level
system (I know in my case, 4 of the 5 machines I have working are 486-100s).
Just an idea, no flames please :)
David
EMAIL: depaetz@mgl.ca
David
EMAIL: depaetz@mgl.ca
-- To unsubscribe, send 'unsubscribe rc5' to majordomo@lists.distributed.net rc5-digest subscribers replace rc5 with rc5-digest