Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Encryption Security

ECC2-109 Winners Certified 133

Posted by CowboyNeal from the stamp-of-approval dept.
An anonymous reader writes "The ECC2-109 encryption challenge has now been broken and certified! Certicom announced on Tuesday that the winners, a team from Ars Technica and a member of TeamIMO, will both receive $2500 each for the matching distinguished pairs that has solved the elliptical curve encryption scheme."
This discussion has been archived. No new comments can be posted.

ECC2-109 Winners Certified More

ECC2-109 Winners Certified

Comments Filter:

  • Re:Wow. (Score:3, Interesting)

    by joe90 ( 48497 ) on Thursday April 15, 2004 @11:10PM (#8877766) Homepage
    So I guess the moral of the story is to not use this Certicom encryption system for valuable information - it's trivially brute-forceable, for a sufficiently motivated organisation.

    Hmm, 1200 years of CPU time for a commodity PC, or to put it another way, as little as 1.5 weeks with 50,000 PC's - a cost of less than $5,000,000 in total costs to brute-force.

  • Re:Wow. (Score:5, Interesting)

    by Deraj DeZine ( 726641 ) on Thursday April 15, 2004 @11:24PM (#8877880)
    I wonder what would happen if China began requiring all computers in the country to run some unspecified distributed application.

    Not trolling, just musing. I doubt such a thing would happen in any country.

  • A little help? (Score:0, Interesting)

    by Anonymous Coward on Thursday April 15, 2004 @11:28PM (#8877910)
    I just took the asvab and i got a 73 is that good? I havent been told what MOS i got. My mom is scared I will be put in Infantry.

  • Re:Wow. (Score:2, Interesting)

    by rasafras ( 637995 ) <tamas.pha@jhu@edu> on Friday April 16, 2004 @12:19AM (#8878134) Homepage
    My website is open to all. As for the birthday images, that's a negative on the tang. I knew I should've used more lensflare and drop shadow. Honestly, though, I just do those because I often have nothing better to do. And then I can at least make somebody a little happier for a little while?

    And screw you, offtopic mods. I'll talk about what I want to talk about. My karma can take it.

  • Re:Wow. (Score:4, Interesting)

    by timeOday ( 582209 ) on Friday April 16, 2004 @12:46AM (#8878241)
    Better just to use overkill"encryption all the time. EG instead of thinking long and hard about whether it would be worth cracking something encrypted with DES, just use 3DES all the time and save your brainpower for something else.

  • Re:Wow. (Score:2, Interesting)

    by KrisHolland ( 660643 ) on Friday April 16, 2004 @01:57AM (#8878576) Homepage Journal
    "Well, obviously you adjust your encryption to what you think people will be throwing at it. That goes without saying."

    How are you going to adjust your encryption when quantum computers will make most encryption schemes obsolete?

  • Re:Wow. (Score:3, Interesting)

    by spectrokid ( 660550 ) on Friday April 16, 2004 @03:10AM (#8878806) Homepage
    If you count 100 Watts for one of these athlons, you end up with 1025280 kWh of electrical power going in this. Even in Canada, where power is cheap (4.72/kWh) you get a total cost of 48393,216 $ CAN in power consumption alone. Kind of puts things in perspective.

  • Janitors and super computers. (Score:4, Interesting)

    by Wellmont ( 737226 ) on Friday April 16, 2004 @04:28AM (#8879009) Homepage
    These contests were not designed by the encryption companies to have brute force used on them...Thus you have higher level challenges with "realistic" prizes. Sadly there is no reverse engineering when most of these teams think up their strategem, or even basic engineering for that matter. The RSA and eliptical encryption schemes were not thought up for mearly "normal" encryption....OBVIOUSLY if you have the key you have the file, but the underlying code (once encrypted) is meant to resemble nothing noticable, nothing useful to its cracking. Thus you have these contests, battles to see if people have a scheme, not brute force power.

    Chances are they would want to find the one dude who thinks up a program that can hack that encryption to bits in 4 minutes instead of trying every password from here to "timbucktoo" on hundreds of computers at once just because you work the janatorial shift at the San Diego Super Computer Center.

  • The encryption companies want brute force (Score:3, Interesting)

    by dbaigrie ( 219410 ) on Friday April 16, 2004 @08:27AM (#8879785)
    The companies providing these encryption breaking challenges do not wish for someone to come up with some super quick method of breaking their products encryption scheme. Instead what they want is proven statistics that it takes X amount of time to crack their encryption scheme at rediculously low key lengths. This is so they can go around quoting their 1200 years and simillar to crack and sell more of their encryption product.

    Please do not take this as me saying that these encryption systems are or are not any good - I am not a cryptographer. It is just that these competitions are obviously organised from a marketing perspective.

Slashdot Top Deals

Remember to say hello to your bank teller.

Close