[Hardware] GPU-based RC5 cracking

[John L. Bass]

GPU cards aren't free either, and a number of the ones that have some
serious potential, are rather high end and pricey, not that different
than FGPA prices. The biggest difference I see, is that they are still
sequential processors and scale in small board increments. I don't
happen to own one, as I'm not into high end gaming, and a vanilla 2D
card that runs X11 for a browser and Xterm isn't usable.

If I were to get excited, it would probably be about gutting PS3's for
the Cell Processors, memory and glue chips. There is some serious CPU
power, relatively speaking.

Any way I do the math, the current algorithms and processors are not
serious challenges to actually cracking the remaining RC5 challenges
until Moores Law takes a few more steps. Even innovative FPGA choices
are not a serious performance gain. The best you can do is seriously
limited by the algorithm, which was specifically designed to be serial.
After you have unrolled and pipelined it to best hardware performance,
then it scales linearly, and not that impressively, to offset the
computational complexity step of 2^8 = 256 times the previous challenge
which took several years. Since HW performance remains in lock step
with Moore's Law, that suggests we are something better than a decade
away from a solution. A good FPGA implementation is just advancing a
couple Moore's steps early. Given the real costs of energy, and the
dramtic rises in energy costs, I don't see the extra power cost incurred
to solve the next RC5 challenges a good use of that precious resource.
There are many other problems that would actually generate tangable
results for society that I think DNet needs to be seriously courting.

Personally, the RSA factoring challenges seem much more tractable,
especially for attack with FPGAs using some innovative algorithm
advancements.