From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Tue, 12 Oct 93 10:21:49 PDT
To: cypherpunks@toad.com
Subject: Re: Breaking DES
In-Reply-To: <9310121637.AA21284@netcom6.netcom.com>
Message-ID: <9310121721.AA25429@snark.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain



Doug Merritt says:
> > pmetzger@lehman.com said:
> >Doug Merritt says:
> >> 2^56 bytes equals 10^7 gigabytes.
> >
> >First off, you are forgetting a factor of eight.
> 
> No, I'm not.

Look, I'll repeat the calculation again for anyone who cares to see
it, ok?

(2^56)*8 = 576,460,752,303,423,488

(2^56)*8*1000/(10^9) = 576,460,752,303

Assuming your very own figure of $1000 per gigabyte, the total comes
to $576 BILLION dollars, just for disk storage, without anything else.
You can scream your head off and the calculations still will come out
the same way.

> > and if you use disk storage your whole device is going
> >to run far, far, far slower.
> 
> Untrue. The disks will be used in a predictably serial fashion,

Lets think for a moment, shall we? You are encrypting every possible
block with DES, which results in lots of random blocks. You really
want to search through the lot of them serially without any indexing
whatsoever? Seems like you haven't thought this out.

Oh, now I just realized -- you are going to have to store each source
block with each output block. That means that even if you don't do any
indexing, you are going to need twice the disk space I just mentioned,
or over $1 TRILLION in disk for a very slow DES cracker.

Sorry, but you lose.

> and therefore
> read-ahead can be arranged such that everything is in RAM by the time
> the algorithm is ready to use it, so the whole thing runs at RAM speeds.

Never designed a disk system, have you? Sorry, but you can't actually
read a disk as fast as you can read RAM. Caching only works if you
have frequently accessed blocks -- if you are reading a whole disk you
can't go faster than the disk transfer rate no matter how many gods
you pray to. Your technical credibility is rapidly plunging.

> >however, and have to factor in the cost of the rest of the equipment,
> >like power supplies, enclosures, controller cards, computers to run
> >the whole thing, I'd say we are talking a trillion dollars, give or
> >take a factor of 20%.
> 
> It's true I didn't factor in the cost of the systems, but that doesn't
> give more than a factor of 2 to 5 in cost (depending on assumptions about
> the precise kind of pc clone used), where you seem to have come up
> with a factor of 100.

Guess you can't read my calculations, can you?

And I was off by a factor of two as well, which I just discovered. My
current estimate for real cost is about 1.5 Trillion, which is over
the national federal budget.

> >> Or say there's a quantity discount in orders totalling a million
> >> units,
> >
> >Say that my aunt was a Greyhound Bus if you like. You're dreaming, bub.
> 
> Skip the sarcasm and pick a different quantity discount. If you don't
> like my 90% discount for quantity 1 million disk drives, pick another
> one.

Sort of like saying "if you don't like the laws of physics, pick
different laws"? 

Perry