[RC5] [RC5-Mac] the DEATH of d.net?
jwoods at delta.com
Tue Jul 28 09:58:27 EDT 1998
At 01:58 PM 7/27/98 -0500, you wrote:
>Yes, but you're assuming that such a redesign is out of the question
>because it is so expensive. It seems to me that such a redesign is
>inevitable because it is so inexpensive. No, I don't have $220,000 lying
>around, but the EFF does, and so do many many other organizations,
>corporations and governments that can own the blueprints for Deep Crack by
>purchasing the EFF book. Also, compare the cost of Deep Crack to the total
>value of all the clients and servers of d.net, and you'll see that Deep
>Crack is cheaper by far.
Collectively, yes. Individually, no. How much EXTRA did it cost you to
add your computer to d.net? The NET cost of d.net is actually ZERO or
very close to it, since relatively few computers were purchased for the
SOLE purpose of running them for d.net. Yes, some of us run our older
machines as nothing BUT d.net crackers, but they weren't BOUGHT for that
purpose.... they're just getting a little extra useful life....
>On the other hand, I've heard in the last week that RC5 is less susceptible
>to hardware-based cracking than DES. This issue is further clouded by the
>question of motive -- that is, "Is there a point to cracking RC5 now that
>DES is so very dead?" I'll leave that one for now.
Absolutely. Yes, RC5 is less susceptible to hardware cracking (twelve
rounds of rotation/encryption, plus longer keys), but we need to prove that
even 64-bit keys are insufficient, as opposed to DES's 40. We need tokeep
on RC5-64 to make this point, that even the tougher RC5 encryption is
inadequate without a sufficiently long key.
>Indeed, d.net is not immune to Moore's Law, but it *is* causing us to be
>outpaced, and I'll tell you how. Many of the machines on d.net are "old"
>machines that gain their strength in numbers. Vast farms of Pentium 100s,
>68k Macs and so on. These machines are not going to be upgraded.
No, but they WILL be REPLACED in many cases. For example, I just added a
new machine here at our office, a P-II-333. I installed the client on it.
The machine it replaces, a Pentium-200, is still running d.net software,
too. Net cost to add it: ZERO, since I was going to buy the machine
anyway. Net ADDITION to d.net: About 900 kkeys/sec for RC5-64. When
NEW machines get purchased, they are typically higher end machines. Yes,
older machines join, too. (I have several 486-66's cracking, plus several
Pentium-100's). New machines are what makes the difference, and SOMEONE
is buying them. Check out Intel's profits!
>Yes, we are nearly as fast -- but who got the headlines? :)
>problem. We may beat Deep Crack in the next DES, but we will probably never
>beat our own ramp-up problems which are inherent to our structure.
I tried to address this a few days ago, got a resounding THUD.... We need
to make sure that in the days leading up to DES-II-3, that all RC5 buffers
on permanently connected machines or machines to personal proxys are set to
1:1, and that proxys don't cache keys very deep. We need 75% switchover
within the HOUR the data is posted to have any chance. To do that, we need
SHORT buffers on RC5 machines, so that they finish the one block they have,
and then download another, getting a large chunbk of DES blocks in return.
>contest is over. Also, since the Deep Crack machine(s) use a branching
>algorithm to search more intelligently than us, that increases the chance
>that the key will be found in the first 33-50% of the keys checked, which
>is where we are most likely to be beaten.
Please explain this. Branch all you want, but unless you've found a
weakness in DES itself (and I don't recall any claim that they had -- Deep
Crack is still just a brute force cracker AFAIK), they're statistically
likely to find the key at exactly the midpoint, no sooner or later,
regardless of how they "branch".
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest
More information about the rc5