1995-12-21 - Re: What ever happened to… Cray Comp/NSA co-development

Header Data

From: anon-remailer@utopia.hacktic.nl (Anonymous)
To: cypherpunks@toad.com
Message Hash: 7d5276ecfd1fe2c912c9a00ec85354430da4b172b759071dc32cc9f2a9bc1805
Message ID: <199512210053.TAA11344@bb.hks.net>
Reply To: N/A
UTC Datetime: 1995-12-21 00:55:57 UTC
Raw Date: Wed, 20 Dec 95 16:55:57 PST

Raw message

From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 20 Dec 95 16:55:57 PST
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <199512210053.TAA11344@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

First, thanks for the obvious 'kind' thoughts Tim... It's heartening that
you took the time to add some substantial info to the thread. However...

> On 12/18/95 At 12:36 AM -0500, Timothy C. May wrote:

> >What caught my attention was the architecture.
> >
> >A "hybrid design linking two supercomputer processors with an
> >array of HALF A MILLION inexpensive processors" that were
> >designed by the U.S. government laboratory affiliated with the
> >NSA. The same chip house that brought us Clipper.

> First, half a million chips is not that big a deal...the Connection Machine
> had up to 64,000. Very few cryptographic problems of interest to us will be
> affected by a mere factor of a million or so.

O.K. Just a factor of 16 increase over the CM architecture right? Not knowing
the computational capabilities of the individual processors, it might be
difficult to say what the machine is capable of. Wouldn't that have some
bearing?

> Second, there was work on a "processor-in-memory" architecture, in
> conjunction with a Bowie, Maryland spook-connected company. Perhaps this is
> what you are thinking of?

I didn't mention a 'processor-in-memory' architecture and neither did the NYT
article. Don't know about any other company involvement, just CCC and NSA.

> Third, all avenues of continued funding having fallen through, Cray
> Computer (not Cray Research, of course) was shut down and assets
> liquidated. I haven't heard what's become of Seymour, though. (He is
> undoubtedly an asset, buy I doubt the Agency would have him liquidated.)

You mean the avenues that are of PUBLIC record. The possibility could always
exist that the development continues 'in-house'. It wouldn't be the first time
that sort of move has been played.

> >I've not kept up with the "ultimate" demise that eventually
> >befell Cray Computer Company, but the October 16 FBI filing
> >on capacity for Digital Telephony got me thinking back to this
> >article. 1% seems like a rather huge need for horsepower. And
> >what if GAK doesn't fly? And the widespread use of hard crypto
> >just keeps increasing?

> The tightly-coupled supercomputers are hardly needed for these sorts of
> problems.

You mean the problem of data collection? Well, it's true that this would be a
misuse of a supercomputer's specialized talents.

> >This kind of machine could, in theory:
> >
> >1) Implement ALL Clipper(II) based Key Escrow functionality in
> >   silicon (the easy part) AND allow for simultaneous decrypt and
> >   surveil of 'who knows how many' Clipper based data streams.

> Huh? First, what evidence do you have for this claim? Second, who cares?
> Implementing Clipper in a Cray Computer machine--why bother?

[Rant mode on]
Speculation Tim... I'm SPECULATING. Could, in theory... AND my kind of theory
probably has holes you could drive a FLEET of Mack trucks through. I have NO
evidence. I'm not sure WHO would care. I'M A PARANOID DILLUSIONAL PSYCHOPATH!
O.K. well maybe not that last part... but I'm asking the questions, remember?
I said I'm new here, so if your going to blow holes in my pet theories, then
do me the 'kindness' of using an accurate weapon... that's why I posted...

> As to the claim that a million-processor machine could do this, you need to
> work out the math. (If a backdoor exists, or the LEAF has been gotten, a
> supercomputer is not needed....)

Again... I claimed NOTHING! SPECULATED MUCH! Now it's your turn... Why would
YOU build a machine like this? What could POSSIBLY be it's capabilities?
Speculate with me for a moment... *_take a chance_*.

> >2) Implement general RSA based Prime Factoring functionality in
> >   silicon (the not so easy part) AND allow massively parallel
> >   decrypt and surveil of 'who knows how many' RSA/etc. based
> >   data streams.

> Prime Factoring? Primes are easy to factor, of course. (Hint: Every prime
> has two factors.)

Yes, my terminology sucks! But you get the drift don't you? Math is not a
strength of mine, I only know in very general terms what is involved (why,
then, am I even bothering to bring this up?). Because I AM however, VERY
concerned in the continual erosion of privacy rights in all forms
communications, electronic and otherwise.
[Rant mode off]

> If you mean using supercomputers to brute force the general factoring of an
> RSA modulus, this is nonsense. While there may be math shortcuts we don't
> yet publically know about which make factoring easier than we currently
> think it is, a mere million or even a billion processors will not make a
> dent in the factoring of, say, a 700-digit modulus. See the tables in
> Schneier and elsewhere for some estimates of factoring efforts needed.

Nonsense? Is that 700 decimal digits or 700 binary digits? I don't have the
tables that you refer to. Where may I find them? (LOL)

> >3) Implement it all, AND 'on-line' transaction based surveillance
> >   via the FBI's 1% capacity infrastructure.

> Let's see some numbers. (On second thought, let's not.)

No, I've already said that math is not a strength I possess. I've wondered
about the ability of the FBI to count on ten fingers and ten toes given some
of the justification that I've read for this capacity figure...

> >Chilling... Who needs key escrow (or RSA private keys) when
> >you've got a massively parallel prime factoring machine. What if
> >GAK was to become a 'non-issue'? How fast do you think a machine
> >such as this could factor RSA 129?

> Well, do the math. The MIPS-years for the RSA-129 crack were publicized, so
> the computation for a million SPARC-equivalent (or even
> UltraSPARC-equivalent) can be done.

Sorry... I asked the question... and your speculation is (I would hope) MUCH
more accurate than mine. Again, math is not a strength of mine.

> When you've done this, and concluded that RSA-129 could be done in, say, X
> minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT
> group), and on to the 1024- and 2048-bit keys. Tell us how many years or
> centuries it will take. (Hint: Rivest and Schneier have done these
> calculations....)

Yes, I believe that I've read Rivest's paper on the statistical probabilities.
I've never really believed in statistics, AND I'm sure you don't have the time
to convince me Tim (I'm sorry if I've been less than reverencial about this,
but I'm from Illinois which is right next door to Missouri).

> --Tim May, who fears that he's just been trolled by Derek Atkins

No Tim, you have not... but on another note...

> It'll be _many_ years before a 384-decimal-digit number is factored, I
> suspect. Let alone a 600-digit modulus, with or without the mysterious
> "transphaser" technology mentioned by Anitro.

The "transphaser" is an optical equivalent to the transistor. It is a quantum
threshold optical switch, but it is not a 'mystery'. You should read Scientific
American more often ;>

O.K. I'm done with this line of discussion, you may however, continue to
     elaborate as I will, no doubt, continue to read...

Anitro

"I have a little shadow that goes in and out with me,
 And what can be the use of him is more than I can see" R. L. Stevenson




- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMNiv8SoZzwIn1bdtAQHyewF+OXlM8KueHrCynKGhjqXy8eHLSonn12Df
vcAdDoaajoi5t7CfY9lP/+FNeO2JKE+v
=SIKC
-----END PGP SIGNATURE-----





Thread