1995-10-11 - Internet, the cracking machine
Header Data
From: Wei Dai <weidai@eskimo.com>
To: Cypherpunks <cypherpunks@toad.com>
Message Hash: a3ca7fc9d8d1acd340b89ffa7e757913c40177150b69f09ca0d9cef4f75f7807
Message ID: <Pine.SUN.3.91.951010185952.22710A-100000@eskimo.com>
Reply To: <9510101354.AA05988@outland>
UTC Datetime: 1995-10-11 08:07:01 UTC
Raw Date: Wed, 11 Oct 95 01:07:01 PDT
Raw message
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 11 Oct 95 01:07:01 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Internet, the cracking machine
In-Reply-To: <9510101354.AA05988@outland>
Message-ID: <Pine.SUN.3.91.951010185952.22710A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain
On Tue, 10 Oct 1995, Mike Fletcher wrote:
>
> Well, security bugs aside (and I've got the sun4.1.3_u1 and Win32 ns2b
> distributions :) has anyone given any thought to using Java to do some
> sort of Chinese Lottery attack. I was re-reading App. Crypto. last
> night and it could be feasable. If you could get your key cruncher
> thread loaded into a good many browsers to run when idle . . . . How
> many estimated copies of NS are there? Anyone want to do the math? :)
Ok, I'll bite. Let's figure out how many MIPS years it takes to brute force
various keylengths (assuming 100 instructions per key):
56: 2e3
64: 6e5
80: 4e10
128: 1e25
Andrew M. Odlyzko in his paper "The Future of Integer Factorization"
estimates the computing power of the Internet at 3e7, and the number of
MIPS years to factor a 1024 RSA key to be 3e11. I think both numbers are
probably off by a factor of 10 - Internet's computing power is probably
closer to 3e8 and MIPS years to factor 1024-bit key may be closer to 3e10.
So assuming that you can get the entire Internet to help you, the amount
of time it takes for various attacks is:
brute force keys of bit
56: 4 minutes
64: 1 day
80: 130 years
128: 3e16 years
factor RSA keys of bit
512: 20 minutes
768: 50 days
1024: 100 years
2048: 1e11 years
If you are reading this from an archive, divide the brute force numbers by
4**(your current year-1995), and the factoring numbers by 8**(your current
year-1995), for a factor of 2 improvement per year in each of the
following: average CPU power, number of computers on the Internet, and
factoring algorithm.
(Note that the above estimates are meant to err on the low side. I would
be VERY surprised if anyone actually manages to accomplish any of the
above attacks in the amount of time given.)
Wei Dai
Thread
Return to October 1995
- Return to “Mike Fletcher <fletch@ain.bls.com>”
Return to “Wei Dai <weidai@eskimo.com>”
- 1995-10-10 (Tue, 10 Oct 95 06:59:31 PDT) - Java idea - Mike Fletcher <fletch@ain.bls.com>
- 1995-10-11 (Wed, 11 Oct 95 01:07:01 PDT) - Internet, the cracking machine - Wei Dai <weidai@eskimo.com>