[Hardware] The market of ASICs (One GigaKey / Second?)

Dan Oetting dan_oetting at uswest.net
Tue Aug 10 03:13:25 EDT 2004


On Aug 9, 2004, at 11:37 PM, Elektron wrote:

>
> On 10 Aug, 2004, at 10:09, Dan Oetting wrote:
>
>> I'm still waiting for this or any verification to be implemented and 
>> smile every time I here about bogus clients racking up stat points.
>
> Which is really easy to do.
>
> There's also no easy way to verify bogus results - you could force the 
> client to check for a key in the block which causes the encrypted 
> output to match some 32-bit value specified by the server

If you ask the client to search for a fixed result a bogus client would 
be able to quit once it found that result and on average only search 
half the keyspace. The trick is to ask the client to search for the 
best match to a pattern where the real key is always the very best 
match possible and a second key that the server picked is a known 
pretty good match. A valid client will return either the key selected 
by the server or a better matching key. A bogus client would not know 
when it finds one match if the secondary key known by the server is an 
even better match. The percentage or the keyspace not searched 
corresponds to a probability that the bogus client will  be caught. 
After a sufficient number of blocks any cheater will eventually be 
caught.

The best part is that searching for the pattern requires at most 1 
additional instruction in the main loop and no additional registers.

A side benefit is that returning the real key is no longer a specially 
handled case in the client or any of the secondary servers.

> The current method is probably 'good enough', though. With register 
> usage a concern on the x86 and others, the penalty isn't really worth 
> the trouble, since all blocks are checked twice anyway.

It's a shame to have pushed the last excess cycle out of the client 
only to have the project throw away half the work.



More information about the Hardware mailing list