[RC5] [RC5-Mac] the DEATH of d.net?

Greg Delisle gdelisle at indiana.edu
Mon Jul 27 14:58:41 EDT 1998


> You're both off base WRT Moore's Law.   Moore's Law is irrelevant here,
> esp. for RC5.

Perhaps I am a little off base, but I don't think I am completely off. Nor
do I think that Moore's Law is irrelevant. Let me try to answer you.

> 1) The EFF computer was very highly specialized for DES cracking, and is
>    incapable of RC5 cracking.   A complete $220,000+ redesign would be
>    required to make a similar machine for RC5 cracking.

Yes, but you're assuming that such a redesign is out of the question
because it is so expensive. It seems to me that such a redesign is
inevitable because it is so inexpensive. No, I don't have $220,000 lying
around, but the EFF does, and so do many many other organizations,
corporations and governments that can own the blueprints for Deep Crack by
purchasing the EFF book. Also, compare the cost of Deep Crack to the total
value of all the clients and servers of d.net, and you'll see that Deep
Crack is cheaper by far.

On the other hand, I've heard in the last week that RC5 is less susceptible
to hardware-based cracking than DES. This issue is further clouded by the
question of motive -- that is, "Is there a point to cracking RC5 now that
DES is so very dead?" I'll leave that one for now.


> 2) d.net is not itself immune to Moore's Law.   Participants upgrade.  New
>    participants are using more powerful CPU's than 2 years ago.  d.net is
>    also growing and taking advantage of Moore's Law.  You cannot claim that
>    Moore's Law is causing us to be outpaced, since our firepower is also
>    increasing due to it.

Indeed, d.net is not immune to Moore's Law, but it *is* causing us to be
outpaced, and I'll tell you how. Many of the machines on d.net are "old"
machines that gain their strength in numbers. Vast farms of Pentium 100s,
68k Macs and so on. These machines are not going to be upgraded. New
machines will be *added* to d.net, but the existing processor base will not
upgrade. That means that our acceleration curve is less than exponential,
until one figures in the rate at which new participants are added. It is my
bald assertion that the rate of new participants will slow, eventually to
become equal to the number that leave the project, and perhaps even dipping
below it, in which case d.net will shrink. At that point, our acceleration
will be linear at best, while Moore's Law will continue to help the
competition at a faster rate than it helps us.

> 3) Moore's law doesn't really apply to Deep Crack.   It will NOT double in
>    processor power for the same price in a year, because it is a custom
>    machine.  Moore's law applies only to mass-produced CPU's, where the
>    research dollars required to keep up with it are worth it.

Assuming that the EFF (or some other motivated souls) bother to do it, they
will in fact benefit from Moore's Law. Speed/price doubles every 18 months,
so the hypothetical new machine will not be ready for DES-II-3, but since
it is a hardware solution, the custom chips used in Deep Crack will be able
to take advantage of new technologies in semiconductor design. Smaller die
size, smoother silicon, copper interconnects and so on. And if Gilmore says
that it's worth it, then it's worth it -- it was worth it for this machine.
At the same time, distributed.net's farms of Pentium 100s will still be
Pentium 100s. Sure, new machines faster than our present ones will be
added, but I believe I've already addressed this above.


> Certainly, there is something to be said for the fact that small-key
> encryption has recently been proven woefully inadequate, both by d.net and
> the EFF.   But don't claim that Moore's Law has made us obsolete....it just
> isn't true.  d.net is still nearly as fast as Deep Crack.

Yes, we are nearly as fast -- but who got the headlines? :) If Deep Crack
shows up for DES-II-3, then d.net will probably beat it, since we will be
2.6 times faster while it will only be as fast as it is currently. Unless
the winning key lies within the first day or two of the keyspace, in which
case Deep Crack will reach it before we ramp up, and therein lies the
problem. We may beat Deep Crack in the next DES, but we will probably never
beat our own ramp-up problems which are inherent to our structure. A Deep
Crack-like machine will always be faster out of the gate, and d.net will be
faster to the exhaustion of the keyspace. But the faster the Deep Crack
machines get, the less time there will be for d.net to catch up before the
contest is over. Also, since the Deep Crack machine(s) use a branching
algorithm to search more intelligently than us, that increases the chance
that the key will be found in the first 33-50% of the keys checked, which
is where we are most likely to be beaten.

-Greg Delisle
Indiana University Press Journals
http://www.indiana.edu/~iupress/journals/


--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list