Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:And the NSA? (Score 1) 211 211

Actually, they probably included a few big wrenches to assemble some of the rack systems, so they probably have the tools to break even 1024 bit encryption.

When you say "1024-bit encryption" you're talking about RSA, which is a completely different problem. 1024-bit RSA are too small to be used today and should be replaced.

2048-bit RSA keys, however, are roughly equivalent in security against brute force to a 112-bit symmetric key, and will be secure against anyone for quite some time. 3072-bit RSA keys are equivalent to a 128-bit symmetric key. Excascale, even yottascale, computers won't touch them.

But everyone really should be moving away from RSA anyway. ECC is better in virtually every respect. To get 128-bit security (meaning equivalency to 128-bit symmetric key), you only need a 256-bit EC key.

Comment Re:How do they fare in colder climates? (Score 1) 690 690

Range suffers a bit, not so much because the batteries are affected by cold, but because you use some juice to heat the cabin. As far as performance on snow, they're great. Their center of gravity is low, front wheel drive and the power applied to the wheels is finely controllable.

I drive my Nissan LEAF to the ski resort almost every morning during the winter.

Comment Re:Doubtful (Score 1) 690 690

What complicates this is that whether or not an electric car is cheaper depends heavily on your driving -- and whether or not an electric car is feasible depends on your driving. TOC also depends on the cost of fuel and electricity. When I ran the numbers for myself a few years ago my break-even for a Nissan LEAF was three years, with the federal and state tax credits, or eight years without. That was without taking into consideration the difference in maintenance costs since I didn't know how to estimate them. I did not, however, predict the drop in gas prices. I haven't re-run the numbers, but I expect the lower price of gasoline would push those break-even points out 2-3 years.

Comment Re:And the NSA? (Score 1) 211 211

Probably none at all. If you want to break today's encryption/hashing algorithms you would probably be using ASICs if not those then FPGAs with GPU compute being your last choice.

ASICs, FPGAs and GPUs are all utterly, utterly inadequate to attack today's encryption and hashing algorithms. Unless you have not only tens of billions of dollars but also don't mind waiting millions of years. http://tech.slashdot.org/comme....

Comment Re:And the NSA? (Score 1) 211 211

For that, you would be using custom ASIC hardware, and lots of it.

No, for that you just laugh at the guy asking you to do it, and look for ways to steal the key, rather than brute forcing it. Even if an ASIC solution gets to way beyond exascale, say to yottascale (10^6 times faster than exascale), you're still looking at on the order of a million years to recover a single 128-bit AES key, on average.

Brute force is not how you attack modern cryptosystems. More detail: http://tech.slashdot.org/comme...

Comment Re:And the NSA? (Score 3, Informative) 211 211

What would the existence of an exascale supercomputer mean for today's popular encryption/hashing algorithms?

Nothing, nothing at all.

Suppose, for example that your exascale computer could do exa-AES-ops... 10^18 AES encryptions per second. It would take that computer 1.7E20 seconds to brute force half of the AES-128 key space. That's 5.4E12 years, to achieve a 50% chance of recovering a single key.

And if that weren't the case, you could always step up to 192 or 256-bit keys. In "Applied Cryptography", in the chapter on key length, Bruce Schneier analyzed thermodynamic limitations on brute force key search. He calculated the amount of energy required for a perfectly efficient computer to merely increment a counter through all of its values. That's not to actually do anything useful like perform an AES operation and a comparison to test a particular key, but merely to count through all possible keys. Such a computer, running at the ambient temperature of the universe, would consume 4.4E-6 ergs to set or clear a single bit. Consuming the entire output of our star for a year, and cycling through the states in an order chosen to minimize bit flips rather than just counting sequentially, would provide enough energy for this computer to count through 2^187. The entire output of the sun for 32 years gets us up to 2^192. To run a perfectly-efficient computer through 2^256 states, you'd need to capture all of the energy from approximately 137 billion supernovae[*]. To brute force a 256-bit key you'd need to not only change your counter to each value, you'd then need to perform an AES operation.

Raw computing power is not and never will be the way to break modern crypto systems[**]. To break them you need to either exploit unknown weaknesses in the algorithms (which means you have to be smarter than the world's academic cryptographers), or exploit defects in the implementation (e.g. side channel attacks) or find other ways to get the keys -- attack the key management. The last option is always the best, though implementation defects are also quite productive. Neither of them benefit significantly from having massive computational resources available.

[*] Schneier didn't take into account reversible computing in his calculation. A cleverly-constructed perfectly-efficient computer could make use of reversible circuits everywhere they can work, and a carefully-constructed algorithm could make use of as much reversibility as possible. With that, it might be feasible to lower the energy requirements significantly, maybe even several orders of magnitude (though that would be tough). We're still talking energy requirements involving the total energy output of many supernovae.

[**] Another possibility is to change the question entirely by creating computers that don't operate sequentially, but instead test all possible answers at once. Quantum computers. Their practical application to the complex messiness of block ciphers is questionable, though the mathematical simplicity of public key encryption is easy to implement on QCs. Assuming we ever manage to build them on the necessary scale. If we do, we can expect an intense new focus on protocols built around symmetric cryptography, I expect.

Comment Re:"...the same as trespassing." (Score 1) 1129 1129

Not true, Indiana allows deadly force in defense of property, and there is no duty to retreat. And it includes your vehicle when away from home.


I think you're talking about Indiana's Castle Doctrine law, which gives you the right to assume that you're threatened with death if someone breaks into your house or car (some states also include place of business). But the authorization is for self-defense, not defense of property. The Castle Doctrine just means that the law automatically assumes that you were at risk of death or serious injury in those locations, and you don't have to justify it.

Comment Re:"...the same as trespassing." (Score 1) 1129 1129

If a guy is stealing your car, would you just watch him and let him do it? Or, you could threaten him with the gun, but both you and him know that you can't legally pull the trigger? So he continues to steal your car, and you can't do anything at all to defend your property??

I can use non-lethal force. There are lots of options available.

But, no, I will not kill a man to stop him from taking my stuff. I have insurance. The situation changes dramatically if my kid is in the back seat, of course.

Comment Re:"...the same as trespassing." (Score 1) 1129 1129

Most states allow deadly force for forcible felonies, and include burglary. The rationale there is that the house may not be empty, and so there may be human lives at risk. It's a reasonable choice.

So, in Missouri, not only can you shoot someone for simply breaking into your house while you're home, after January 1, 2017, you can also shoot them in the back as they run away.

This is even more wrong.

If you didn't have to work so hard, you'd have more time to be depressed.