FW: [HARDWARE] Mac Questions -

John L. Bass jbass at dmsd.com
Tue Mar 12 13:33:07 EST 2002


	Original post of Trei Peter (that didn't make it to the list) (being a reply to John)

	>> I think that you're forgetting history - specifically the reason that I
	>> persuaded RSA to set up and fund the symmetric key contests
	>> (before I start working here, I might add).

No I'm aware an participated in earlier contests, I choose not to for
RC5-64 for a lot of the reasons stated previously.

	>> The Challenges were an unmitigated success. Within months,
	>> DES had been brute forced repeatedly (most noteably in 23 hours
	>> by a combined EFF(Deep Crack) and dnet team), and it was
	>> dead as a serious cipher. Export liberalization soon followed.

The quickness they were dispatched served the goals outlined.

	>> The challenges and their prizes were never withdrawn, and
	>> dnet started on RC5-64 as soon as they had finished the
	>> previous contest. A couple years ago, I suspect the prizes were
	>> a significant chunk of cash for dnet (which won them regularly).
	>> That may no longer be the case. Also, when the 64 bit contest
	>> started fighting crypto export regulations was a lot more
	>> important than it is now.

However, it was clear from the previous results what the cost would be
for this and later challenges - I don't believe that it's necessary to
complete RC5-64 or the later challenges at this time - the point has been
well made. We do not need to continue to burn non-renewable energy resources
toward this goal - and if Dnet is going to be kept alive, should focus on
goals with a benifit to others besides the RSA stockholders.

	>> So that's why the challenges are there. Far from 'giving RSA
	>> 10-25M$', RSA has shelled out tens of thousands of dollars
	>> on the contests. In return, all RSA has received is a little
	>> publicity (and none since early 2000). On the other hand, every
	>> user of the Internet has benefited from being able to obtain and use
	>> strong cryptography. John: 'global society' has benefited mightily
	>> from the RSA key cracking contests.

Every day of Dnet's solution toward RC5-64 is additional publicity and growing,
this is hardly "none". The cost, in tens of millions will never be repaid by
RSA weak $10,000 prize. The cost, in tens of millions, serves only to keep
RSA's name an image in front of hundreds of thousands of students and professionsals
amounting to free advertising for a company dedicated to locking up crypto
technology with patents for personal and stockholder gain.

	>> OTOH, I'd be very suprised if anyone attacks keys > 64 bits in
	>> the foreseeable future.

My goal, is sure to help people think about what the cost benifit tradeoffs are.

	>> Peter Trei
	>> Cryptoengineer
	>> ptrei at rsasecurity.com

John Bass
--
To unsubscribe, send 'unsubscribe hardware' to majordomo at lists.distributed.net



More information about the Hardware mailing list