[RC5] Re: rc5-digest V1 #287

John Campbell jcampbel at lynn.ci-n.com
Fri May 28 19:36:24 EDT 1999

On Fri, 28 May 1999, Nico Schmoigl wrote:
> Imagine: PGP currently uses keys with about 2048 bits. That are 32 
> times more than we currently are trying to crack in several years!
	Were it the same encryption protocol, it would actually be 2^1984
times harder to brute-force, because the number of keys to be checked
doubles with every bit added to the key. However, they're not the same
protocol. I believe PGP is easier to break, per bit, than RC5, but provides
advantages in that you can transfer public keys over insecure channels
without compromising your encryption.

> I have not given up yet cracking rc5-blocks. I think the idea, using 
> idle processor time for doing something useful, is good! But the 
> current task is not very useful. In my eyes we have shown that RC5-
> 64 can not be cracked by the bruteforce-methode. 

	It can, and will. It'll just take a while.

> You, as a 
> criminal cracker, can not rely on thousands of cracking maschines 
> running your tasks because an operator would look for what is 
> going on if he/she sees that the CPU is running at 100% of its 
> capacity.
	Honestly, how many people would even notice that their CPU is
running at capacity? Most people don't keep loadmeters up all the time, and,
with a well designed client like d.net's, that's about the only way to tell
that it's running. I've heard tell of ActiveX cracks that use a Win98 box's
own processing power to crack the poorly RC4-encrypted keys stored in its
.PWL files...

> I think it is very high time to move to another task that makes more 
> sense. Sciense task seem to be very useful altough not making any 
> money. 
> >From the current number of retirements you can see that the peak 
> of interest has gone away. Other projects get interest as they seem 
> to be more useful (I do not think that the SETI project is more useful 
> either, because the odds getting a message from Unknown are 
> even less than cracking the RC5 contest).
	Well, since the odds of cracking RC5, eventually, are 100%, you may
be right there. We really don't have any idea, though, what the odds are of
there being alien life out there that we're capable of detecting with
current equipment. I personally can't believe that Earth is the only planet
in the universe that's developed life. The odds of there being intelligent
life that's technically advanced enough to be using radio powerful enough
for us to detect it and close enough for their signals to have reached us is
likely somewhat lower.

	The point is, we don't know, and we can't know... we can't even make
an educated guess, because we have only one data point. SETI is trying to
_find out_, and I find that much more interesting and useful than the RC5
project, which, at this point, is just trying to prove something we already
know. I'm still doing RC5, though, not SETI, because I don't have enough RAM
to sacrifice 20M of it to what's supposed to be an idle-time process.

> These are on my 2 cents, so I expect getting flames :) 
> But what are your ideas about that? Is distributed.net going down 
> slowly?
	I think it is. We still seem to be growing, but the growth curve
doesn't seem to be headed up as sharply as it was. I may be wrong - the
sources of the good hard numbers and pretty, easy-to-read graphs have been
quiet lately - but that's my take on it. It's also open to debate whether
speed will just level off, or start to drop. Either way, the loss of that
exponential growth curve means the disappearance of d.net's ability to smash
progressively longer keys.

John Campbell
jcampbel at lynn.ci-n.com

QotD:  An expert is one who knows more and more about less and less until he
knows absolutely everything about nothing.

To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list