Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Encryption Security

RC5-64 Project Teeters At The Halfway Mark 118

Posted by timothy from the always-in-the-last-place-you-look dept.
Soft writes: "The RC5-64 statistics page indicates that 49.779% of the keyspace has been exhausted, which means that at the current rate of 0.080% per day, the halfway mark should have been reached by the weekend. Anybody want to speculate on the actual completion date, correlating with the speed plots on the other stats page, the current rate, etc.?"
This discussion has been archived. No new comments can be posted.

RC5-64 Project Teeters At The Halfway Mark More

RC5-64 Project Teeters At The Halfway Mark

Comments Filter:

  • Re:I like D.Net (Score:1)

    by Anonymous Coward
    bragging about how you are running OGR does not bolster your argument that SETI@home is useless. Nor does it refute the counter-argument that RC5-64 is also useless.

  • Re:RSA proved their point ... (Score:1)

    by Anonymous Coward
    For fuck's sake, it's just a counting problem. If you want tangible numbers, you don't need to find the key. The probability of finding the key after time T is just P(T) = T * (keys per unit time) / (size of key space). The size of the key space is fixed (duh) and the number of keys processed per unit time is just a function of the hardware used in the crack attempt. You can measure that easily in a short time; there's no need to actually crack anything. There's only thing unknown at the start of this challenge was how many fools they could sucker into participating in a numerical masturbation session.

  • Re:I like D.Net (Score:1)

    by Anonymous Coward
    ARGHHH! There's no need to actually complete any challenge to establish that you can crack a X bit key in no greater than Y time with Z hardware resources. It's a mathematical certainty. This is like proving that a determined person can count to 1000 if they want to.
  • Ding! I'm right there with you at 1280 days. I may not be the fastest, but I'm damn persistent.
  • While I certainly don't want to disparage efforts to find cures for cancer et all, it's hard not to imagine a better use for spare CPU cycles than SETI, given that the discovery of extraterrestial intelligent life would be the greatest discovery in the history of our species.

    It is doubly important in that - short of them showing up and introducing themselves - this is the *only* way we can carry out this research. There is no SETI analogue to the lab rat.

    In a perfect world, there would be a 100% survey of the electromagnetic spectrum (and the corresponding analysis) going on continuously and in near real-time. Until then, we've got SETI-at-home.

    Why not join in?


  • http://stats.distributed.net/rc5-64/psummary.php3? id=226692
  • Need more hardware...

    I wonder if there's going to be an iPaq client...
  • Nice try, but the results of the request have been boosted by Moore's Law. As CPU power increases, the amount of RC5-64 Blocks that *EACH* computer can process per time "T" also increases. In other words, my AMD K6-300 cranks out about 12 keys per day, whereas my Wife's AMD Thunderbird 750 cranks out aproximately 70 keys per day. As CPU increases, the contest accelerates. When we first took on this contest, we were looking at about 12 years to finish. Now we're looking at 8 years total at the *CURRENT* rate, and this doesn't even make RC5 the default contest for most new clients (OGR's - Optimal Golumb Rulers are the default). Geeks like myself have also kept around older boxes (like Pentiums) to do nothing all day but crack blocks.


    Secret windows code
  • Um... You seem to be a little mis-informed. An optical search has a much smaller chance of success than a radio search, for several reasons.

    1. Our own optical detectors have a pretty limited duty cycle (meaning that high frequency light pulses would be next to impossible to detect...). On the other hand, our RF technology is capable of detecting some pretty weak signals at high frequency. It's much easier to build an array of large radio telescopes with greater signal gathering power that can work together than it is to build an optical counterpart, optical interferometry is still in its infancy.

    2. Interstellar extinction in the optical can be large enough to mask an entire star, so missing an optical signal would be real easy. This is not as big of a problem in the radio.

    3. It's much easier to generate a powerful radio signal than it is a bright light pulse.

    That's just a few reasons, and if I thought about it, I could probably come up with a few more reasons why optical is less likely. There was a guy on here recently trying to make the case that optical was better, but I really didn't find his arguments convincing, and I don't think the scientific comunity in general has really bought into it either. I have yet to hear of anyone getting time on a big telescope to try this out yet.

  • We want to finish what we started.

    I've got 1198 days invested in RC5. At this point, I think I want to finish the job.
  • ... is not welcome on my CPU.

    I _like_ that the RC5/OGR code is optimized for each CPU instruction set. It means a few things:
    • my CPU is being used most efficiently/performantly, which satisfies my deepseated urge for efficency.
    • common algorithms (though implemented optimized per architecture) mean I can get apples/apples benchmarking for this particular problem domain
    • Efficient/optimized code generates more work per watt of electricity. Combining this with a form of throttling would help with energy conservation while still getting good results.


    SETI does not optimize per platform, thus I will not use it. I can't stand to think that some of my available CPU is being simply wasted. I run AMD CPUs at work: I want 3DNow optimization on those clients. I have a G4 Cube in my bedroom: I want AltiVec optimization on that. Bovine does both IIRC, SETI does neither.

    It's the same to me as the idea that when I buy an Intel product for, say, $200, that a dollar or two might go to those dopey Blue Men. That's why (among many reasons) I don't buy Intel products.

    Your Working Boy,
    - Otis (GAIM: OtisWild)
  • It isn't clear to me that SETI@Home would work even if there was intelligent life transmitting RF out there - the signal levels required for detection would be tremendous. We have no hope of finding accidental signals, and we ourselves could not generate a detectable signal aimed on purpose at the distances involved (and we are not sending them out on any regular basis either).

    I don't buy this "they're gods, so they've got unlimited power". Optical SETI is a much better bet, and more within our technological grasp.
  • optical detectors have a pretty limited duty cycle (meaning that high frequency light pulses would be next to impossible to detect...)

    Hybrid avalanche photodiodes are able to respond to light pulses on a time scale of a few nanoseconds (billionths of a second). The theory of optical SETI is to use lasers with nanosecond ultra-high-power pulses. They are so bright, they will outshine the neighboring star (for a nanosecond) across the entire optical spectrum - no need to look for the right frequency.

    It's much easier to generate a powerful radio signal than it is a bright light pulse

    Uh yeah, petawatt (pulsed) lasers exist, show me a petawatt radio!

    Optical extinction is a problem, but with the powers available, we can detect human-buildable lasers with human-buildable detectors over 1,000 LY. See: Optical SETI home page [harvard.edu].
  • I'll gain $1000 + $1000/(number of active members of my team)!

  • The D.Net client is a really nice client - it just works. I have never had any problems with it.

    People are different, and therefore some people think D.Net is cool and others think Seti is the much more interesting.

    I'm part of the Arstechnica Distributed Computing (DC) team and we have a nice little "portal" [arstechnica.com] (called the Food Court [arstechnica.com]), for all our teams. For each team there is a nice little description about the project.

    I would recommend a visit [arstechnica.com], if you would like to know a bit about the different DC projects that exists.

    You are, of course, more than welcome to join one of our teams if you like ;)

    The projects I personally find most interesting and would recommend if you find D.Net and Seti pointless, are the Folding@Home and Genome@Home projects. An explanation of Folding@Home can be found here [teameggroll.org]. Genome@Home has a similar cause - it's the same people that's behind both projects.

    We also have a pretty cool forum [infopop.net] where your are welcome to ask questions.

    Important note! Our Folding@Home team's website has just changed to a new host, therefore the link on the Food Court page [arstechnica.com] (http://www.teameggroll.com [teameggroll.com]) doesn't work right now! Instead, you should use http://www.teameggroll.org [teameggroll.org].


    Greetings Pointwood

  • Funny - UD teamed up with, yes you guessed it, Distributed.net some time ago - you can find a press release in the D.Net website.

    The UD project is heavily sponsered by Intel and AFAIK that shows - the client is much faster on the P4 than on anything else...


    Greetings Pointwood
  • So fire up the config screen and change the priority. I use RC5,OGR=0,DES=0,CRC=0 so all spare cycles go to RC5.

    command line is dnetc -config, select option 2, then look for Load-work precedence

  • Umm.. you can sleep tights if you assume that there does not exist a break on RC5, and that the implementations you use are safe and sound.

    Personally I find these bruteforcing projects utterly uninteresting. There might have been a political point to be made by breaking single-DES with its small keyspace, proving that even the worst possible attack is effective...

    RC5 however... join Folding/Genome@Home instead, makes much more sense.

  • I agree. I first got into distributed computing when I heard about the SETI@home project. At the time,however, their client wasn't yet available. Their web page had a link to other distributed projects so I followed the one to d.net and started running their client. (Back then it moooed when it completed a block!!) Eventually the SETI client was released and I switched over to that for a while. I don't think it's pointless, but it became apparent right away that they had more than enough people helping out. So I switched back to d.net and have been contributing my cycles to the /. team ever since. Most of my work goes to OGR, though, not RC5.

    If anyone is out there looking to participate in a distributed project, d.net was one of (if not THE) first and still the best in my opinion. The client is lightweight, unobtrusive and just works. They've done a great job with very limited resources and I urge you to donate your cycles to one or more of the d.net projects.
  • If we just maintain the current rate of 165 Gigakeys/sec, the entire key space will be exhausted in 1.79 years (3/29/03). The odds are 50% that we should find the answer before exhausting half the remaining keyspace, and that will take .9 years (5/6/02).

    If we maintain the current acceleration (151 Megakeys/second/day), then we will finish a little more quickly: exhausting the key space in 1.44 years (11/22/02) and covering half the remaining space in .79 years (3/29/02).
  • You think SETI is pointless but cranking on a problem that is known to have a solution is not? If you want something significant that doesn't have a known outcome, try OGR from d.net or look for large prime numbers [mersenne.org] - at least these projects will create some new knowledge (and OGR actually has some practical applications as well), whereas we already know that given enough time, the RC5-64 key will eventually be found.
  • Just because there isn't a practical application doesn't mean it is pointless. There will be new knowledge created - right now, nobody knows what the next mersenne prime will be - in fact, its not even known for sure that there *will* be a next mersenne prime. If/when it is found, it will provide more information than its mere existence; these large primes are used to give evidence for prime distribution theorems (among other things).

    RC5-64, on the other hand, will create no real new knowledge upon its completion. It is an excercise in futility.

  • > http://stats.distributed.net/rc5-64/psummary.php3? id=226692

    Um,
    http://stats.distributed.net/rc5-64/psummary.php3? id=79812 [distributed.net]

  • Yes, except you are forgetting... (Score:3)

    by barzok ( 26681 ) on Wednesday June 13, 2001 @04:58AM (#155892)
    RC5-64 started 3 1/2 years ago. In that time, more people have joined and computers have gotten much, much more powerful. Even if the number of participants remains steady and 100% of the keyspace has to be searched, the second half will take less than 3 1/2 years.

    RC5-64 is safe today. But maybe not tomorrow.
  • It's certainly possible - maybe not on a Timex, but I don't think there's any reason why someone couldn't port the client to IBM's Linux watch.

  • Half the keyspace... (Score:5)

    by Hobbex ( 41473 ) on Wednesday June 13, 2001 @05:04AM (#155894)
    Or as the pessimist would put it: After four years (or whatever) of intense calculations involving 300.000 computers, they have finally established the single first bit the 64 bit encryption key.

    Or the optimist: They have now managed to cover an entire 63 bit keyspace, showing that a 63 bit key can be cracked, and that just a single bit remains until the goal of cracking rc5-64 is reached.

    It's a good thing our world is linear rather than logarithmic, isn't it? All the bickering about half empty and half full seems pretty harmless in comparison...

  • Re:Best quote in a Slashdot article... (Score:4)

    by wiredog ( 43288 ) on Wednesday June 13, 2001 @05:04AM (#155895) Journal
    It differs because, well, umm, uh, let's see.

    What was the question again?

  • "Public Domain" Distributed Computing (Score:5)

    by Hard_Code ( 49548 ) on Wednesday June 13, 2001 @09:10AM (#155896)
    Some companies have discovered the distributed computing trend and jumped on the bandwagon to get free computing power. If you want to support non-profit, open, public research, instead of closed, for-profit efforts, here are a few projects:

    Seti At Home (yeah, we all knew that)
    http://setiathome.ssl.berkeley.edu/

    Protein Folding At Home
    http://www.stanford.edu/group/pandegroup/Cosm/

    Genome At Home
    http://genomeathome.stanford.edu/

    I'm sure there are others, but those are the ones I run.
  • I don't want to run RC5 clients until the source code is released.
    I'd like to have it run on older computers (Atari ST), and even on my Timex watch so that if I ever win, people read "yeah, the RC5 challenge was found by a watch !" .
    It's unlikely to happen, but it would rock.
  • Hey, nice ranking. What kind of system are you running it on?

    --

  • What is the point of RC5? Everybody mentions the name but nobody says what they're trying to achieve .. the page linked to in the article doesn't explain it either.
  • If you look at the stats it says:

    26,341,821 blocks were completed yesterday 0.038% of the keyspace) at a sustained rate of 81,841,189 KKeys/sec!

    The odds are 1 in 1,309 that we will wrap this thing up in the next 24 hours. (This also means that we'll exhaust the keyspace in 1,309 days at yesterday's rate.)

    There have been 298,204 participants since the beginning of this project.
    32,230 of them were active yesterday and of those, 99 were brand-new participants.

    There are 11,524 registered teams.
    4,308 of them submitted blocks yesterday.
    (4 of them are brand new!)
  • to quote Saturday Night Live:

    "Are you stupid or English?"

    In the time it took for you to "rant" on slashdot you could have clicked 1 link from the dnet stats page to go to www.distributed.net where you would have found everything you need to know.

    You sir, are a moron.
  • Hmm...interesting. I became tired of RC5-64 tests when I realized brute force was not going to break it within a short amount of time (less than a year). Areas where spare cycles should go (or at least where I would put them in no particular order):

    1) Cancer research.
    2) Asteroid scanning.
    3) SETI.
    4) Encryption algorithm testing (non-brute force). How this would work is a good question. I don't know.

    Basically, I prefer usage for science. Maybe someone can provide a list of the distributed projects out there? Not DDoS! :)
  • Maybe they are? Bwahahahahahaha
  • Distributed.net is good for everybodys privacy.

    While I mostly agree I also beleive that anyone with $1M can build an RC5-64 cracker - I'm sure that the NSA would/will/has/could build one if they want to (a paper design I did a few years back is here [taniwha.com]) - roll on RC5-96

  • That's what it really comes down to, we can go on all day about whether the distro cancer models and methodology have much in common with reality. The same is true with the Pascal wager that is Seti. Out of all the the distro projects out there I think GIMPS and RC5 are the only ones with results. Maybe its best to be on the 'winning team' i.e. something that produces results.

    I think you're just pushing the moral button. What if someone wrote a client to continue the THC tumor shrinking research [ardpark.org] but you are staunchly anti-drugs? If Sally Struthers makes a really pathetic ploy with starving children and all for her distro project (could happen) would you be morally obligated to go with the immediate improving of health of children or wait out for the cancer lottery ticket?

    I don't think people really give a shit either way, they'll download a client and play with it until they get sick of it. Things will change when the multipurpose 'screensaver' is written and lets you pick which project you feel like going with that day or week. Hmm, today I feel like helping the PRC crack some NSA codes, etc.
  • Useless?

    GIMPS has found the largest prime number, its mathematicaly significant and supposedly has applications in the encryption field.

  • Re:Great work! (Score:3)

    by James_G ( 71902 ) <jamesNO@SPAMglobalmegacorp.org> on Wednesday June 13, 2001 @11:18AM (#155907)
    This is good "news". Rougly 3½ year and only halfways. That proves that RC5-64 is fairly "safe" to use

    What absolute nonsense. It's not "news" that this level of encrpytion is safe to use. Given the algorithm used to try and brute force the key, it's always been possible to say "Ok, it would require x number of processors running for y years to break this key".

    rc5-64 proves nothing but the concept of distributed computing. That aside it's nothing but an absolutely immense waste of power (Think of the additional power used by hundreds of thousands of processors running at 100% 24/7 - and no, they're not using the same amount of power just by being on. Almost all modern processors go into power saving mode when they're not being used), and a way to boast about your hardware: "Hey look! My computers do 12MKeys/s! I'm l33t!"

    I know this comes off as a troll or a flame, but this subject irritates me enough as it is without people drawing false conclusions from the results.

  • After they got pants'd on RC4, those bastards probably chose the key "FFFF FFFF FFFF FFFF" for the 64 bit challenge, realizing distributed.net was just gonna chug away at the keys in order...

    ---

  • After four years (or whatever) of intense calculations involving 300.000 computers, they have finally established the single first bit the 64 bit encryption key.

    After they got pants'd on RC4, those bastards probably chose the key "FFFF FFFF FFFF FFFF" for the 64 bit challenge, realizing distributed.net was just gonna chug away at the keys in order...

    ---

  • The keyrate is constantly accelerating, though. The stats listed on the site are for the current keyrate, so the calculation is a bit more involved.

    - Russ
  • I'd have to disagree. The contest was designed to have tangible numbers to show to clueless lawmakers who seem to think that weak encryption is the only safe option for normal people to use.

    The DES challenges (and particularly the EFF's Deep Crack machine) were very effective in showing that 56 bit DES wasn't good enough any more. Believe it or not, many lawmakers will still insist that there's no need for private individuals to have access to anything more powerful.

    The RC5-64 challenge provides some hard evidence about what computing resources a volunteer effort can muster up to attack an encryption key. One should always assume that a government or corporate sponsered effort can accomplish much more using custom hardware and/or more CPUs. A project that takes a few years with idle CPU cycles shows that 64 bit keys are not good enough for data that needs to be safe for years to come. That helps RSA only in that it helps them lobby for less restrictive legistation. Selling 64 bit RC5 is no less profitable to them than selling 128 bit RC5.

    An unfinished challenge is infinitely less useful than a completed challenge. The latter gives positive proof, the former says that a bunch of people tried to break a key for years and failed. Which tells a better story to a Congressman who still has a secretary in the next room typing up letters for him and has no real clue about technology issues?

    Distributed.net is not about RSA Data Corp, it's about privacy and technology in general. We all stand to benefit. I'm still not convinced that finding large prime numbers or OGRs will help life outside of the research community. I have nothing against those efforts and will likely switch to them when the RC5-64 challenge is complete, but for now I see a lot more to gain from RC5-64 than the others.

    - Russ

  • RSA proved their point ... (Score:3)

    by zensonic ( 82242 ) on Wednesday June 13, 2001 @05:06AM (#155912) Homepage
    ... could we please get back to work and use all
    that power on something meaningfull, such as finding mersenne primes [mersenne.org] or Optimal Golomb Rulers [distributed.net].

    RSA wanted to prove that neither 56 bit and 64 bit encryption isn't enough and that it is possible for a small crack senstive information protected by 56 or 64 bit encryption.

    It will take som time to finish the 64-bit RC5 challenge, but it can be done.

    Question is should it be finished? Not in my oppinion! Sure they will win $10.000, but that's about the only positive I can see in this. Used wast amount of power and computing time in doing so, only to give RSA reason to sell 128-bit RC5 and argue that it really is secure.

    Wote with your CPU power and switch to something we all can benefit from. Larger primes and OGRs are candidates, but I'm sure there are others.
  • Well, I'm a mathematician, and I could easily think of lots of mathematical problems that would be far more interesting to try to attack with distributed computing than the Collatz conjecture. The Collatz conjecture is very artificial and not many mathematicians would be that interested in finding a counterexample. A proof on the other hand could be interesting (depending on whether it contains new ideas that can be generalized).
  • ...or at least that's my prediction. Call me cynical (hiya, Cynical), but there are a quite a few people running a hacked RC5 client who aren't interested in breaking encryption -- they're interested in being number one on the list; screw winning $10K -- seeing one's name in lights is far more important. Although distributed.net has caught people doing this in the past, there's still a chance that the correct key was glossed over in the rush to be first.
  • ...Too bad there's no linux client for the UD project.
  • Now I'm putting all my CPU time towards finding a cure for cancer. IMO, United Devices' client is much better, too.

    you have to be kidding me. The UD client is ram hungry, doesn't do multiple CPUs, and is windows only. The d.net client uses 600k of ram, handles as many cpus as you've got, and has a client for just about every OS/architecture there is.

    Besides, UD is a for-profit company...

  • I started over a year ago with the CSC challenge, and now I've moved onto the RC5-64 challenge because I have nothing better to do with my spare CPU cycles. Personally, I think SETI is pointless. And it doesn't hurt me at all that if my machine happens to find the key that I get $2000. I just see it as a way for my existing CPU to potentially help pay for my next one.

  • [T]ry OGR from d.net..

    I have my D.Net clients rotates between RC5-64 and OGR so it's not a complete exercise in (your perceived) futility. My desktop (a Duron 750) is holding about 2 Teranodes of OGR-25 and cranks out 6 meganodes/sec. Too bad it has no connectivity.

  • ...only install this on machines that you have permission (written - always) to install it on.

    I lost my job due to someone claiming it was a "hacking tool" and the stupid boss believing him (I'd rattled this guys cage a few times).

    Mind you, the contract biz is quite lucrative for me at the moment so maybe I should thank him for making me get on with it ;)

    hardcode
  • It boggles my mind that even though there is a distributed project to look for drugs used to treat cancer [ud.com], people still insist on donating their CPU cycles to endeavours like SETI and "crack a really big key" contests. Why?

    The cancer drug client is Windows only, but I'd hazard a guess that at least half of the CPU cycles donated to the encryption contest come from Windows machines. Use your machine for a good, useful purpose!

  • Actually, it would be 51/49 * time spent until now.
  • Source code is at the public source repository [distributed.net] and has been there for the past 2 years or so.

    Read Operational Code Authentication [distributed.net] before you start ranting that it's not the complete source.

    Leto
    (ivo at distributed.net)

  • "Anybody want to speculate...?"

    And this differs from a typical slashdot set of comments how?

  • Slashdot actually remembered the RC5 contest.

    Consider how much CPU power we're actually talking about. I've got something like 500 PIII's, and a flotilla of PII's working on this thing, pushing through two maxxed out personal proxies, and I'm only #5 on the super-l33t top 100 overall participants list.

    Crikey. Can anyone send me 200 thunderbirds?
  • Incorrect. The rate of CPU's cracking will only increase over time, so theoretically, the crack will be found faster. Apply Moore's law, the average rate of new people cracking, the increase in computation speed, and you get a *very rough* guess.

    *very*!
  • Heh. The advantages of being a university sysadmin: http://stats.distributed.net/rc5/psummary.php3?id= 73053 [distributed.net]

  • Great work! (Score:4)

    by kaunio ( 125290 ) on Wednesday June 13, 2001 @04:42AM (#155927) Homepage
    This is good "news". Rougly 3½ year and only halfways. That proves that RC5-64 is fairly "safe" to use, so I can sleep well and know that people would have some really hard problems deciphering my secure data.

    Distributed.net is good for everybodys privacy.
  • Yes.

    What I really meant to say (but admittedly didn't) was that I guess the key is found within the next 669 days. Under the assumption of constant search speed, the chance that this happens is 50%.

  • 669 days (Score:3)

    by BlueWonder ( 130989 ) on Wednesday June 13, 2001 @04:47AM (#155929)
    Each of the remaining keys is equally likely to be the right one, so I would assume the best guess is that the correct key is found after searching half of the remaining keyspace. That would be 669 days (if I have calculated correctly).

  • Re:Great work! (Score:3)

    by BlueWonder ( 130989 ) on Wednesday June 13, 2001 @05:05AM (#155930)
    If it takes 7 years to search the whole keyspace, that means an adversary with the same computation power has a one in a thousand chance to find the correct key in less than 3 days, or a one in a hundred chance to find it in less than a month.
  • I thought we were working on RC5-128 now. hmm.
  • Yeah, now you are correct. Statistics is fascinating to me. And obviously most people don't understand it, like whoever modded down Mark3's comment. But I guess he was kind of wrong because with each key tried, all the others are more likely to be the solution. Hmmm
  • Here is a link [distributed.net] which describes RC5-64 pretty clearly. Basically it is a romp through 64-bit numbers.

    Did you miss out on the Dotcom Bubble [peakprogramming.com]

  • Now I'm putting all my CPU time towards finding a cure for cancer. IMO, United Devices' client is much better, too.

    http://members.ud.com/home.htm [ud.com]
    I'm a member of the Sitepoint team [sitepointforums.com].

    Dnetc didn't seem to run on my computer very well, and it didn't provide tangible results. With this, it shows you what you're working on in a lot of detail.
    ------------
  • Yes it would but the reason that OGR is first is that is is a useful project.
    See the distributed net site for details, but in essance a new, larger Optimal G... Rulers can be used to improve the efficancy of solutions to a range of scientific and engineering problem.

    RC5 is now just meant to be a fallback if there are no more useful projects to do. I reasonable sure the only reason that it still has such a large keyrate is all the network / machine with ancient clients on them that know nothing about the newer challenges.

    --
    Amiga RC5/OGR Team
  • True, but that is a hell of a lot of computing power for anyone to come up with.

    Actually, since computing power has advanced quite a bit, the odds a probably a bit better than that.
  • I put GPL'd source out over a year ago for all the RC5 Challenges (40-128):

    CryptNET RC5 Attacks [cryptnet.net]

    Why the hell isn't your Timex watch running it, slacker?
  • 625 days from now. 1 year, 260 days, of waiting; given no speed increase/decrease. $.02
  • I really don't know all that much about RSA encryption, but I figure that the rate at which the project approaches completion is time-varient. It's likely that it slows down when it gets close to the end. What this means, of course, is that the stat saying that "we'll exhaust the keyspace in 1,309 days at yesterday's rate" is an underprediction of how long this'll actually take. All of that said, it'll probably speed up at the same time since there'll likely be a fairly large increase in the number of people with the client installed. (especially now that it's had a prop from /. (probably not the first time, eh?)) Allan
  • yes, it annoyed me too. Rather than wine, I looked for links. try these: http://www.distributed.net/rc5/ http://n0cgi.distributed.net/faq/cache/28.html
  • Dnet is the SlashDot effect in the eco sphere.

    With all the "extra" "spare" "old" machines left on with nothing better to do than raise the owners ranking - it's simply not suprising that we have a power shortage. I wonder how many acre feet of hydro are wasted, how many tons of toxic soot pumped into the air, and wonder if they have built enough power transmission lines to handle the extra load.

    The 24hr 40MW power drain is enough to power a good sized city or a couple small towns - something in the range of about $3M/mo in billing. If the machines were turned off at the end of the day, that would really be conservation of a figure that would mean something.

    Actually, I think somebody should run an eco friendly campaign against them for the waste of nearly $40M/yr in scarce natural resources. For what?? just to win $2K - hell the local lottery has MUCH better odds, and a real payback that if donated to a program would really make a difference.

    Of course, wadda I know ... it's just chump change. And for a valuable research cause at that. Heck - we should just buy a lotto ticket and donate a few $$$'s each to RSA and thank them for the wonderful experience. It would make a lot more sense.
  • Try something in the range of 200,000 machines for 3 years at roughly 200 watts each. That is 200000*24*365*3*200/1000 = 1,051,200,000 kilo-watt hours. At $0.10/kwh we are talking about rougthly $100 million for the solution, that a lot of could probably be saved by turning a lot of machines off at night and when not otherwise in use. The people running several extra machines just to boost stats really contribute to a significant waste of resources.

    Add to that the cycles being burned by SETI and other projects, and we are talking about a huge was of resources. All these projected should be run out of town by the ECO movement.

    The sad part is a huge number of these people are probably pro-cycle, anti-car, and otherwise normally eco friendly.
  • I am running Genome@home now, and have designed over 40 genes! Its pretty neat for a biology nerd like myself. This [nyx.net] Is a great collection of all known distributed computing projects. Neat ones are Golem@home and SaferMarkets and MoneyBee.
  • There is a major reason for the RC5 effort that you seem to be overlooking. Prior to the 24 hour DES crack, it was illegal to use DES in France. Shortly afterwards, France decided that DES was legal. I don't think that was coincidental. The RC5-64 crack effort is partly an effort to encourage governments to permit broader use of strong cryptography, or in the case of the United States, export stronger cryptography.

    Cracking challenges also encourage people to look heavily at implementations of cryptographic algorithms to see if they can find shortcuts. That is research. It may be unlikely to result in much return, but there has been more than one example of a cryptographic implementation that had problems.
  • I think you're on to something with the Distributed MMORPG, with this caveat:

    Integrate the other problems into the game and allow characters to choose to sell their processor cycles for some sort of game credit. For instance, whenever your character is inactive, she prays to the goddess of SETI (which is the game representation of using cpu cycles for the SETI@HOME project), and she slowly accumulates extra gold or hit points or something.

    A convergence like this would generate a lot of good press and interest in your game, not to mention generating interest in distributed computing projects. Might be just the thing to push one of those many GPL MMORPG projects to completion.

    Man I have an idea like every two seconds, I wish they were all this good :P

    Bryguy
  • Code cracking challenges are a waste of processing time. Their processing cycles would be better put to use in either Research or Distributed Dynamic Massively Multiplayer RPGs.

    a) There is a finite number of people who are interested enough to install distributed processing software.

    b) Research is the only way that the human society advances.

    c) The next avenue of research is taking place in solving NP problems.

    d) NP Problems are brute force problems.

    e) Those millions of people who support distributed code cracking could be more usefull by supporting research than cracking competitions which achieve _NOTHING_.

    f) At least they could be usefull in processing some Distributed Dynamic Massively Multiplayer Online RPG. Atleast others would benifit from this massive generated game world, it'd be more entertaining. Research would even be usefull.
  • Is there going to be a "guess the time it cracks" contest?

  • Who runs that one? (Score:5)

    by briggsb ( 217215 ) on Wednesday June 13, 2001 @04:39AM (#155949)
    Who bothers with RC5 anymore? All my systems are busy cranking away at calculating the number [bbspot.com] of bugs in Windows 2000 with the W2KB client.
  • the RC5-* challenges are designed to show their weakness, and show that anyone determined enough to crack them, would be able to

    if you actually read up a little, you'd see it's not futile at all.
  • It's likely that it slows down when it gets close to the end

    Probably yes, but not because of what you think. Every key requires a pretty fixed amount of time to be tested, so the speed shouldn't change.
    Anyway, the network syncronization (sp?) will get more and more difficult, as slow nodes begin chomping packets that will return after the end of the contest, and there will be a lot of re-issues, effectively doubling or tripling the amount of work for the last 2-3% of the keyspace (exactly as happened at the end of RC5-56)
  • I thought we were working on RC5-128 now. hmm.

    That's impossible, for now. RC5-64 started some years ago, when distributed.net finished RC5-56. The difference between the two is a factor of 256, and many people said that even RC5-64 was too difficult. Maybe they had a point... 3+ years for half of the keyspace is long enough.
    RC5-128 would be 2^64 times longer that RC-64, and that's about 16.000.000.000.000.000.000 times longer.
    If Moore's law keeps pumping, computers will have sufficent power in maybe 100 years...
  • Do you know what always gets me? If you look at your microwave clock at a random time, as a mathematician you expect the minute field to change after 30 seconds.
    ~
  • The d.net project will produce results, it will say that 64-bit encryption is useless. Anyway, if you read their site, they say the whole point of d.net was to produce a stable, cross-platform distributed computing client...not factor prime numbers or what have you. The method is more important than the message.
  • If their previous CSC is any indication, I would project that d.net will finish one they reach about %125 coverage. (Even though logic would dictate that the expected time of finishing is now at the 75% mark.)
  • My guess: x days from now. I'm not too sure, I am afraid. ;)
  • In oh-so-typical fashion, neither the Slashdot post or even distributed.net came right out and told me what the RC5 and Keyspace actually IS. I figured it out, eventually. But it is exceedingly arrogant and presumptive to simply assume that your audience knows what this stuff is! A short "distributed.net is a ..." description along with a short "RC5 is a ..." description would have been exceedingly useful to us non-uber-geek types who actually have stinking JOBS to do and don't have 16 hours a day to dig into the nooks and crannies of the internet in our PJ's!!!

    End of Rant.
  • OK buddy reality check: Go to www.distributed.net and read the page and ask yourself "Did it answer the question: 'What is distributed.net?"? and ask yourself "Did it answer the question: 'What is RC5?'?"

    The answer to both questions is: "No".

    Geek documentation is full of details. But it all too frequently fails to answer the question "What is it?" Because geeks, so utterly consumed with themselves and their own little world, make the erroneous assumption that EVERYBODY knows what 'it' is. www.distributed.net is no exception. "What is RC5?" is a pretty major piece of information. I shouldn't have to click on a half dozen web pages or "infer" or "deduce" it's meaning. It should be right there in plain ol' english: "RC5 is ..." in terms my mother could understand.

    And easy does it with the name calling, OK? Completely unnecessary.

  • RC5's biggest contribution (Score:5)

    by ryanvm ( 247662 ) on Wednesday June 13, 2001 @05:32AM (#155959)
    What's really interesting about the RC5-64 project is that it's biggest contribution to computer science has absolutely nothing to do with encryption.

    This was the project that ignited massively distributed computing. The biggest projects are obviously SETI@Home and the handful of protein folding clients, but we've only seen the tip of the iceberg. This is still such an untapped resource that we will undoubtedly see some really incredible stuff in the near future. And the folks at RC5 were the ones that got the ball rolling.

    Thanks.

  • RC5 press room, Circa 2004

    contest organizer - The final results are in.

    press - That's great! People are asking, how much of the keyspace was searched?

    contest organizer - Actually, 100% was searched.

    press - That's Amazing! What are the chances of exhausting the keyspace and finding the winner on the very last key? They must be mindbogglingly low!

    contest organizer - Well, heh.. actually it's about 100%, because there was a tiny bug in the client. We'll have to start over.

  • SETI would be Specially pointless if ET is using RC5-2048...
  • Well, thats the idea isn't it? Every one of these distributed computing projects is really a trojan, picking away at old russian stuff and pretending its something else. How long before the NSA *openly* starts a distributed computing project, I wonder...

  • And don't forget that over the next couple of years, processor speeds will increase, so all the RC5 geeks who upgrade will be able to crack more blocks faster than today.
  • I wouldn't say it's a better client. Almost every time my computer crashes, it starts over completely on the part I was working on. Since my computer crashes a lot, this means I have done about 3 days of work in 20+ days. Needs some work.

  • Re:RC5-64 seems a little out of date... (Score:3)

    by Magumbo ( 414471 ) on Wednesday June 13, 2001 @07:14AM (#155982)
    Heh. Reminds me of a thing in Bruce Shneier's Applied Cryptography:

    "One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information."

    "An ideal computer running at 3.2 degrees Kelvin [temperature of the cosmic background radiation of the universe] would consume 4.4*10^-16 ergs every time it set or cleared a bit."

    "If we built a Dyson sphere around the sun and captured all of its energy for 32 years, without any loss, we could power a computer to count up to 2^192."

    "These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than mattter and occupy something other than space."

    Damn I love that. Bring on the cryptanalytic algae!

    --

  • Personally, I think SETI is pointless. And it doesn't hurt me at all that if my machine happens to find the key that I get $2000. I just see it as a way for my existing CPU to potentially help pay for my next one.

    Why not be a real altruist and fight cancer [ud.com] with your spare cycles? The United Devices project does what I consider the most useful work of any distributed computing effort:it simulates interactions between thousands of molecules and cancer causing proteins to try to find possible cancer treatments and/or cures. The only real downside to it is that the client is Windows only, which means there is a lot of untapped computing power from other operating systems. Still, I'm disapointed that more people want to look for ET than to fight one of the worst illnesses on our own planet.

  • now I've moved onto the RC5-64 challenge because I have nothing better to do with my spare CPU cycles.

    But there are better things you can do with your CPU cycles. There are several actually useful distributed computing projects out there, like the protein folding project [stanford.edu] others here have mentioned. Or maybe you would prefer to help dseign new genes [stanford.edu]. Or surely you could find something [google.com] you might like.

    Personally, I think SETI is pointless

    It may be unlikely, but least it is theoretically possible for SETI@Home to produce significant results. However, the RC5-64 is guarenteed not to produce any useful (or even interesting) results. It will teach us nothing we don't know already.

    it doesn't hurt me at all that if my machine happens to find the key that I get $2000

    If you want a shot at winning a prize, you could try looking for huge prime numbers [mersenne.org]. While that doesn't seem to be particulary useful, at least the money is better. And more importantly, you won't spend years searching for something we already know.

  • Would be faster? (Score:3)

    by dthree ( 458263 ) <chaoslite.hotmail@com> on Wednesday June 13, 2001 @04:47AM (#155985) Homepage
    The default priority puts OGR first. Wouldn't RC5 go faster if it was first?

Slashdot Top Deals

Today is a good day for information-gathering. Read someone else's mail file.

Close