1995-08-17 - Cost to Crack Keys

Header Data

From: aba@dcs.exeter.ac.uk
To: tcmay@got.net (Timothy C. May)
Message Hash: eca81a2b3845e213d5683ca74afb7c3d73f766e87be22e86c92bb315700a655d
Message ID: <9285.9508171921@exe.dcs.exeter.ac.uk>
Reply To: N/A
UTC Datetime: 1995-08-17 19:22:10 UTC
Raw Date: Thu, 17 Aug 95 12:22:10 PDT

Raw message

From: aba@dcs.exeter.ac.uk
Date: Thu, 17 Aug 95 12:22:10 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Cost to Crack Keys
Message-ID: <9285.9508171921@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Tim May <tcmay@got.net> writes:
> >Hmm, I don't know about anyone else around here, but my workstation is
> >idle 99% of the time. I could almost certainly get access to all the spare
> >CPU cycles on 120 workstations for free, and I suspect that a lot of
> >people (particularly hackers) could do so as well. There's no need to
> >spend $ 10,000 on renting them.
> 
> But, Mark, estimates of the cost to crack a key _must_ be based on market
> prices, not on opportunistic access to machines. Such access is good for
> occasional, or one-shot, deals, but not for routine use.
> 
> For example, one doesn't say "Hey, I don't see how Hertz can charge $40 a
> day to rent a car...my friend lets me use his for free."
> [...]
> "Standard accounting practices" dictate the way to estimate production costs.

Agreed.

*But* the real cost to a particular organisation, is subsidised by the
amount of idle compute cycles they have.  You can't take this into
account very easily or accurately for a general figure, where raw $
are probably the best figure.

For instance I know someone who works for a large UK newspaper (he's
admin for their unix workstations), and he says there are acres of
RS6000s just sitting there idling most of the time.  They are used for
document preparation only (what a waste all that lovely silicon just
burning cylces, and being occasionally used as a glorified word
processor).

Anyway point being to that particular organisation, if they for some
reason (I dunno but say a big scoop - they need to nefariously break
something to get the low down on a politician - unofficially of
course), their real cost is quite a bit lower than the raw $, perhaps
0 cost even if they can wait long enough for their impromptu farm to
do the job.

This doesn't really affect the raw $ cost as such, people just need to
estimate the amount of wasted $ equivalent of idle compute they
already have in their personal calculations.

It would sound better if various news papers would care to print
something along the lines of "with idle compute powers as many typical
organisations have in abundance".  Papers printing high sounding $
figures is though technically accurate (perhaps not too sure about the
accuracy), mis-leading to general public who probably don't realise
that there is a few $100 tho of idle compute lying around in the
accounts department already!

In summary, yes but it doesn't sound as good, and folks don't equate
idle CPU to $ intuitively.

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365






Thread