Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:Silicon or.... (Score 1) 165 165

Is this memory based on silicon, or something else, like GaAs or Germanium or Graphene or something else?

Given that they've released close to zero technical details on how it works, but stated that it's nonvolatile, has 1000x the endurance of NAND flash while being 1000x faster, is cheaper than DRAM, and will be available in 128GBit capacities any minute now, my guess is that it's based on magic.

Of course it's cheaper than DRAM; DRAM is expensive. TFA says it will be more expensive than NAND and cheaper than DRAM. So, it just adds another point on the continuum... the more speed and write cycles you need, the more it costs. Seems reasonable. And TFA says nothing about availability; not sure where you got that from.

There's no reason to conclude it's magic. There's also no reason to start designing new architectures around it until we see it in the real world.

Comment Re:Moor? (Score 2) 165 165

It's going to cost more than NAND flash.

But it would make a GREAT cache for spinning rust. None of the longevity problems of NAND, 1,000 times faster. Ka-chow.

For that matter, it would be a pretty good cache for NAND SSDs. I could do with most of my writes being 1000X faster.

Comment Re:simple ideas aren't obvious? (Score 4, Insightful) 260 260

Now the modern form over function UX crowd with their hipster indecipherable logos (3 dots for action, 3 lines for menu?) may be heading the wrong direction

To be fair... the largest smartphones are still tiny compared to the screen of any desktop computer. Also, your input is far less precise than keyboard and mouse. You have to make some sacrifices to design an interface suitable for that hardware.

But then came Windows 8, trying to put a mobile interface on the desktop. Now that was just idiotic.

Comment Re:And the NSA? (Score 1) 218 218

Actually, they probably included a few big wrenches to assemble some of the rack systems, so they probably have the tools to break even 1024 bit encryption.

When you say "1024-bit encryption" you're talking about RSA, which is a completely different problem. 1024-bit RSA are too small to be used today and should be replaced.

2048-bit RSA keys, however, are roughly equivalent in security against brute force to a 112-bit symmetric key, and will be secure against anyone for quite some time. 3072-bit RSA keys are equivalent to a 128-bit symmetric key. Excascale, even yottascale, computers won't touch them.

But everyone really should be moving away from RSA anyway. ECC is better in virtually every respect. To get 128-bit security (meaning equivalency to 128-bit symmetric key), you only need a 256-bit EC key.

Comment Re:How do they fare in colder climates? (Score 1) 860 860

Range suffers a bit, not so much because the batteries are affected by cold, but because you use some juice to heat the cabin. As far as performance on snow, they're great. Their center of gravity is low, front wheel drive and the power applied to the wheels is finely controllable.

I drive my Nissan LEAF to the ski resort almost every morning during the winter.

Comment Re:Doubtful (Score 1) 860 860

What complicates this is that whether or not an electric car is cheaper depends heavily on your driving -- and whether or not an electric car is feasible depends on your driving. TOC also depends on the cost of fuel and electricity. When I ran the numbers for myself a few years ago my break-even for a Nissan LEAF was three years, with the federal and state tax credits, or eight years without. That was without taking into consideration the difference in maintenance costs since I didn't know how to estimate them. I did not, however, predict the drop in gas prices. I haven't re-run the numbers, but I expect the lower price of gasoline would push those break-even points out 2-3 years.

Comment Re:And the NSA? (Score 1) 218 218

Probably none at all. If you want to break today's encryption/hashing algorithms you would probably be using ASICs if not those then FPGAs with GPU compute being your last choice.

ASICs, FPGAs and GPUs are all utterly, utterly inadequate to attack today's encryption and hashing algorithms. Unless you have not only tens of billions of dollars but also don't mind waiting millions of years. http://tech.slashdot.org/comme....

Comment Re:And the NSA? (Score 1) 218 218

For that, you would be using custom ASIC hardware, and lots of it.

No, for that you just laugh at the guy asking you to do it, and look for ways to steal the key, rather than brute forcing it. Even if an ASIC solution gets to way beyond exascale, say to yottascale (10^6 times faster than exascale), you're still looking at on the order of a million years to recover a single 128-bit AES key, on average.

Brute force is not how you attack modern cryptosystems. More detail: http://tech.slashdot.org/comme...

Comment Re:And the NSA? (Score 5, Informative) 218 218

What would the existence of an exascale supercomputer mean for today's popular encryption/hashing algorithms?

Nothing, nothing at all.

Suppose, for example that your exascale computer could do exa-AES-ops... 10^18 AES encryptions per second. It would take that computer 1.7E20 seconds to brute force half of the AES-128 key space. That's 5.4E12 years, to achieve a 50% chance of recovering a single key.

And if that weren't the case, you could always step up to 192 or 256-bit keys. In "Applied Cryptography", in the chapter on key length, Bruce Schneier analyzed thermodynamic limitations on brute force key search. He calculated the amount of energy required for a perfectly efficient computer to merely increment a counter through all of its values. That's not to actually do anything useful like perform an AES operation and a comparison to test a particular key, but merely to count through all possible keys. Such a computer, running at the ambient temperature of the universe, would consume 4.4E-6 ergs to set or clear a single bit. Consuming the entire output of our star for a year, and cycling through the states in an order chosen to minimize bit flips rather than just counting sequentially, would provide enough energy for this computer to count through 2^187. The entire output of the sun for 32 years gets us up to 2^192. To run a perfectly-efficient computer through 2^256 states, you'd need to capture all of the energy from approximately 137 billion supernovae[*]. To brute force a 256-bit key you'd need to not only change your counter to each value, you'd then need to perform an AES operation.

Raw computing power is not and never will be the way to break modern crypto systems[**]. To break them you need to either exploit unknown weaknesses in the algorithms (which means you have to be smarter than the world's academic cryptographers), or exploit defects in the implementation (e.g. side channel attacks) or find other ways to get the keys -- attack the key management. The last option is always the best, though implementation defects are also quite productive. Neither of them benefit significantly from having massive computational resources available.

[*] Schneier didn't take into account reversible computing in his calculation. A cleverly-constructed perfectly-efficient computer could make use of reversible circuits everywhere they can work, and a carefully-constructed algorithm could make use of as much reversibility as possible. With that, it might be feasible to lower the energy requirements significantly, maybe even several orders of magnitude (though that would be tough). We're still talking energy requirements involving the total energy output of many supernovae.

[**] Another possibility is to change the question entirely by creating computers that don't operate sequentially, but instead test all possible answers at once. Quantum computers. Their practical application to the complex messiness of block ciphers is questionable, though the mathematical simplicity of public key encryption is easy to implement on QCs. Assuming we ever manage to build them on the necessary scale. If we do, we can expect an intense new focus on protocols built around symmetric cryptography, I expect.

Fools ignore complexity. Pragmatists suffer it. Some can avoid it. Geniuses remove it. -- Perlis's Programming Proverb #58, SIGPLAN Notices, Sept. 1982

Working...