From: gbroiles-nospam@netbox.com (Greg Broiles)
Date: Sun, 23 Feb 1997 17:44:21 -0800 (PST)
To: cryptography@c2.net
Subject: Distributed cracks, law, and cryptoanarchy
Message-ID: <3310e0fa.5573759@library.airnews.net>
MIME-Version: 1.0
Content-Type: text/plain


Some thoughts about the distributed crack/reward distribution thing:

The "you must report results only to the crack organizers" rule can be
enforced if it's made into a contract. Even without a formal contract,
I think it's plausible to argue that pretending to participate in the
distributed crack, *and representing that to the organizers and
thereby gaining access to their private database of already-searched
keyspace*, and using that information for one's own private gain,
could reasonably be construed as fraud. (depending on your
jurisdiction, blah blah blah. But the general pattern - knowing
misrepresentation, foreseeable & intended reliance, loss to one party
is gain for another -  is right at the heart of common-law fraud. 

The "widely distributed computing" approach depends for economic
viability (as opposed to being just an amusing hobby) on preserving
the confidentiality of input and output datasets. This protection can
be (and will be) provided by both law and technology. The
technological side will likely depend on programs distributed as
executables only. This implies a client-side "sandbox" environment
such as Java so that the software can't get to any of the local
hardware (except the processor & display). 

If distributed crack organizers can be confident that they'll be able
to reap the benefits of their organizing, they can offer payments to
unsuccessful participants. This approach (tiny payments for idle
cycles) scales better to real-world distributed computing problems
than the all-or-nothing $10K approach. Because of the need for
confidentiality, real-world distributed computing problems are
unlikely to give participants a chance at a "big win" if they cheat
somehow. (For example, assume Eve  intercepts some ciphertext, and she
knows enough about the structure of it that she can predict some of
its contents (like message headers, or TCP/IP headers) - she will ask
for keys which decrypt [a tiny piece of] the headers, and save the
juicy data for herself. A cheating participant in the distributed
crack gains very little by keeping the winning result to him/herself,
unless she knows more about the context of Eve's interception.)

I'm suspicious of the idea that a lot of people are going to
meaningfully participate in the crack because they've got a "chance"
to win $10K; assuming a wide distribution of client software, the
chances that any particular client will hit the key is unlikely to be
better than 1 in 10,000 or so (and my hunch is it's more like 1 in
100,000) .. which means that the "chance" is worth somewhere between
$1 and $.10. Personally, I'd be more motivated by the idea that the
crack might help kill stupid export control laws. Then again, I'm one
of those people who won't buy lottery tickets.

--
Greg Broiles                | US crypto export control policy in a nutshell:
gbroiles@netbox.com         | 
http://www.io.com/~gbroiles | Export jobs, not crypto.
                            |