ECC2-109 Winners Certified 133
An anonymous reader writes "The ECC2-109 encryption challenge has now been broken and certified! Certicom announced on Tuesday that the winners, a team from Ars Technica and a member of TeamIMO, will both receive $2500 each for the matching distinguished pairs that has solved the elliptical curve encryption scheme."
Hmmm... (Score:5, Funny)
Re:Hmmm... (Score:4, Funny)
First off (Score:5, Funny)
Re:First off (Score:5, Funny)
Hmmm, I received the same treatment visiting the Neverland Ranch when I was young.
Re:First off (Score:2)
Re:First off (Score:2)
Re:First off (Score:1, Offtopic)
by WwWonka (545303):
Hmmm, I received the same treatment visiting the Neverland Ranch when I was young.
So, WwWonka, we finally discover the inspiration and intent of your evil Chocolate Factory! But dear God man, why the Oompah-Loompahs?
Re:First off (Score:1)
Re:First off (Score:2)
Re:First off (Score:1)
Ether looks fun if its like in Fear and Loathing
Re:Hmmm... (Score:1)
Wow. (Score:1)
That's some pretty hardcore encryption.
Re:Wow. (Score:3, Interesting)
Hmm, 1200 years of CPU time for a commodity PC, or to put it another way, as little as 1.5 weeks with 50,000 PC's - a cost of less than $5,000,000 in total costs to brute-force.
At that price point... (Score:2)
Re:Wow. (Score:5, Informative)
Like it said, the next one is not expected to be cracked for some time because it is far more complicated to brute force.
If it's valuable- determine how valuable it is to others, and encrypt based on that plus some.
For instance, this would work fine for credit cards, seeing as the cost of cracking the number would be far greater than the cost of processing power. Most of the time, however, it is far easier to avoid encryption altogether and hit those who do not bother.
Re:Wow. (Score:4, Interesting)
Re:Wow. (Score:2, Interesting)
How are you going to adjust your encryption when quantum computers will make most encryption schemes obsolete?
Re:Wow. (Score:2)
Why FUD my friend? This just isn't true!
The truth about quantum cryptography is that RSA and DH will be destroyed by quantum cryptography. This is due to the work of Shor [psu.edu] who famously proved that you could factor in cubic time.
This sounds bad but we've already had good success [lanl.gov] in performing quantum key exchanges (that are unbreakable in a theoretical sense).
What does this mean for symme
Re:Wow. (Score:1)
That is for exchanging keys securely at a distance, for secure communication. i.e. the message is destroyed if someone tries to evesdrop on the conversation. Shor's algorithm will still shread current encryption to pieces.
Even more interesting is that if the government, or anyone else, was smart they'd collect all the communcations that are 'secured', or people think th
Or... not. (Score:2)
Re:Wow. (Score:5, Interesting)
Not trolling, just musing. I doubt such a thing would happen in any country.
Re:Wow. (Score:2)
Re:Wow. (Score:1)
RFC3607 "Chinese Lottery Cryptanalysis Revisited:" (Score:3, Interesting)
Wonder no more ...
RFC 3607 - Chinese Lottery Cryptanalysis Revisited: The Internet as a Codebreaking Tool [faqs.org]
Re:Wow. (Score:5, Informative)
If this was used for real data, the key would be much longer and it would take probably a few billion years to solve.
Re:Wow. (Score:2, Interesting)
And screw you, offtopic mods. I'll talk about what I want to talk about. My karma can take it.
PARENT IS COMPLETE AND UTTER NONSENSE (Score:5, Informative)
109 bits was deliberately chosen to be short enough to break. The next challenge is 131 bits, which is also considered breakable (though it will be about 2048 times harder).
After that, you get on to the "Level II" challenges, which are not considered breakable. They start at 163 bits, the least recommended for real use, and would be about 140 billion times harder to break.
I worry about the
Re:Wow. (Score:2)
That's why I gave up on RC5-72. Even if computers continue to double every 2 years, it would still take much over a couple decades before they ever complete the contest. The extra burden it would put on CPU's must amount to several hundreds of thousands of dollars in power consumption. Hardly worth it for a $10,000 price to one individual.
Now, unless someone spends the money to build a custome RC5 decryption hardware using massively parallel p
But... (Score:2)
Re:Wow. (Score:3, Interesting)
bah (Score:5, Informative)
I bet the computing time just to break the code probably costed a wee bit more than $2500.
Re:bah (Score:5, Informative)
So the individuals got $2,500, and whoever put the project together and hosted it got $5,000.
-Adam
Re:bah (Score:5, Informative)
$1000 to the winner
$1000 to the winner's team (or to the winner if not on a team)
$6000 to a non-profit organization chosen by all participants
$2000 to distributed.net for building the network and supplying the code
And as ECC2-109 in being run by the company that owns the process, the costs of running the severs that support the project are not factored into the prize distrobution.
Re:bah (Score:3, Insightful)
--
Retail Retreat [retailretreat.com]
Re:bah (Score:3, Informative)
Re:bah (Score:2)
How to get the prize money up... (Score:4, Funny)
2) Make them wear skimpy clothing
3) get them to compete in small subgames, such as
blow the fish up etc..
4) Get an affable good looking host to..err host..
5) Get cameman to zoom in on their mental games an
anguish as they try their best to out-decrypt the
other contestants.
voila..$1Million Cash Prize
Re:How to get the prize money up... (Score:5, Insightful)
Have you watched any reality TV? It may be reality but its reality for stupid people.
Anything intellectual means immediate ellimination. Dumb as a brick eye-candy stays and rates highly. Hypocrisy, backstabbing, lack of general knowledge and an overinflated ego equate to bonus points.
Pretty + dumb + egotistical + hypocrit + backstabbing = "reality"
Re:How to get the prize money up... (Score:5, Funny)
I think my work place must be a reality show.
Re:How to get the prize money up... (Score:2, Insightful)
You were joking (well, modded funny at least), but my university Swedish teacher said that the reality shows (well, he was talking about the Swedish Expedition Robinson) are interesting because they depict how society in general works: the very best and very wo
Re:How to get the prize money up... (Score:2)
Reality for not just stupid people. Reality for vapid, stupid people.
I'm pretty sure, I mean, at least I think, the last time I was in reality there wasn't a director there telling me "yeah, that's good, do that." Nor a makeup artist touching me up for the "personal" aside.
Re:How to get the prize money up... (Score:2)
I'm certain that it would be exactly like it's "cracked up to be": shit.
If you think tv is entertaining you could definitely get out some more. Your idea of entertainment is sitting numb in front a sign-consumption box? Wow. I want to hang out with you. That sounds like a lot fun.
What emotional bound is it that you have with reality TV that makes you so jaded? Did you recieve your life'
Re:How to get the prize money up... (Score:2)
Re:How to get the prize money up... (Score:1)
Oh, yeah, that's *totally* different from everyday reality. Oh, wait .. no it's not. doh!
So I guess the reality shows *are* realistic after all..
Re:How to get the prize money up...Reality TV? (Score:1, Insightful)
- Donald Trump per episode (first season) 'The Apprentice' $50,000.00
- Donald Trump per episode (next season) 'The Apprentice' $215,000.00
- Britney Spears reality show per episode $1,000,000.00
- Exercises in F2m elliptic curve discrete log computation intended to probe the limits of a particular cryptography system $2,500
Need we say more?
Re:Damn hackers (Score:4, Funny)
The A HREF="http://www.certicom.com/index.php?act (Score:5, Informative)
From the pdf: The 109-bit Level I challenges are feasible using a very large network of computers. The 131-bit Level I challenges are expected to be infeasible against realistic software and hardware attacks, unless of course, a new algorithm for the ECDLP is discovered.
The Level II challenges are infeasible given today's computer technology and knowledge. The elliptic curves for these challenges meet the stringent security requirements imposed by existing and forthcoming ANSI banking standard
Challenge Field-size(in-bits) Estimated-number-of-machine-days Prize(US$)
Elliptic curves over f2^m - Exercises:
ECC2-79 79 352 Handbook of Applied Cryptography & Maple V software
ECC2-89 89 11278 Handbook of Applied Cryptography & Maple V software
ECC2K-95 97 8637 $ 5,000
ECC2-97 97 180448 $ 5,000
Level I challenges:
ECC2K-108 109 1.3 x 10 6 $ 10,000
ECC2-109 109 2.1 x 10 7 $ 10,000
ECC2K-130 131 2.7 x 10 9 $ 20,000
ECC2-131 131 6.6 x 10 10 $ 20,000
Level II challenges:
ECC2-163 163 6.2 x 10 15 $ 30,000
ECC2K-163 163 3.2 x 10 14 $ 30,000
ECC2-191 191 1.0 x 10 20 $ 40,000
ECC2-238 239 2.1 x 10 27 $ 50,000
ECC2K-238 239 9.2 x 10 25 $ 50,000
ECC2-353 359 1.3 x 10 45 $ 100,000
ECC2K-358 359 2.8 x 10 44 $ 100,000
Elliptic curves over Fp - Exercises:
ECCp-79 79 146 Handbook of Applied Cryptography & Maple V software
ECCp-89 89 4360 Handbook of Applied Cryptography & Maple V software
ECCp-97 97 71982 $ 5,000
Level I challenges:
ECCp-109 109 9.0 x 10 6 $ 10,000
ECCp-131 131 2.3 x 10 10 $ 20,000
Level II challenges:
ECCp-163 163 2.3 x 10 15 $ 30,000
ECCp-191 191 4.8 x 10 19 $ 40,000
ECCp-239 239 1.4 x 10 27 $ 50,000
ECCp-359 359 3.7 x 10 45 $ 100,000
Why the challenge? (Score:2, Insightful)
The current scheme does not encourage a better crack. Or expose the method for fully tested.
It will be very dangerous if the I.T. security is based on such a weak test system. Especially when many policy maker buy these security protection without aware of full picture.
In the real world, people grant trust based on the information they got from the media, the more m
Re:Why the challenge? (Score:1)
> Just one crack is enough? Or shall we wait for better crack? To find if the
> method have weakness, we should open for more easy crack forever.
> The current scheme does not encourage a better crack. Or expose the method for
> fully tested.
The system wasn't `cracked` - we've not learned anything which will let us crack similar systems in a few seconds - it was `brute forced`. There's not weakness, any more than using every computer on the internet to brute force a PGP encrypted file
Re:Why the challenge? (Score:1)
The current scheme does not encourage a better crack. Or expose the method for fully tested.
Huh? How is this insightful?
I'm not sure what you mean by "a better crack". What they did was solve a single instance of a mathematical problem. They didn't "crack" anything in the traditional sense of the word.
It sounds like you're complaining that solving a single in
WTF are the mods smokin? (Score:1)
That shit post was about as Insightful as a Fox news commentary on perpetual motion machines.
Bah! I suppose I shouldn't really be surprised though.
That's great, but (Score:4, Funny)
No, not that one, that was Robocop. The other one. He was all robot. He didn't have Robocop's human side. But he did have some cool machine guns.
Re:That's great, but (Score:2)
They did not comply...
Re:That's great, but (Score:3, Funny)
...
You now have 10 seconds to comply...
...
You now have 5 seconds to comply...
...
what's wrong with the world today? (Score:2, Funny)
Re:what's wrong with the world today? (Score:1)
Re:what's wrong with the world today? (Score:1)
Sorry, I don't know what came over me there.
That's a lot of processing (Score:5, Insightful)
Re:That's a lot of processing (Score:5, Funny)
"No."
"Is it 0x000002?"
"No."
"Is it 0x000003?"
"No."
"Is it 0x000004?"
"No."
"Is it 0x0002FD?"
"If I tell you, will you shut up?"
"Yes."
Re:That's a lot of processing (Score:1)
Not even Certicom knows the key (Score:1)
The decrypted message (Score:1, Funny)
You mean ... (Score:1)
Re:You mean ... (Score:1)
But more importantly: (Score:2)
Quick: Serial for turbotax? (Score:2, Funny)
I'v3 G07 14 MiNu735 70 l0@D i7 uP @Nd g37 My 7@X3$ DoNe!
Re:X3WJB-3B2BH-3MPM6-8F6GR-X9HBJ (Score:4, Funny)
Odds are that (Score:4, Funny)
I bet $2500 that the other half of each of the team's "matching distinguished pairs" will:
1. Go shopping for shoes
2. Go shopping for jewelry
3. Go shopping gor shoes AND jewelry
Unless they are single, there is no way this gets spent on hardware.
Re:Odds are that (Score:2)
How many NON-single guys would put that much time into decrypting this thing?
Re:Odds are that (Score:1)
Oh, they don't do this by hand and its an excuse to keep the noisey computer on 24x7 incase you win the prise. Single guys don't need an excuse to keep the computer(s) on 24x7
Brute force (Score:5, Insightful)
Re:Brute force (Score:1)
But seriously, the challenges draw attention to the encryption algorithm being used. The company gets to point at it and say "See, it took ALL THAT power to break our encryption! We're really, really, secure!"
Which probably means a lot more to many managers than "we calculate that breaking the encryption would be THIS hard."
Re:Brute force (Score:2)
It serves a couple of purposes (Score:5, Insightful)
2) It encourages people to try novel types of attacks. Yes, there are those that are just doing a brute attempte and they are there fore reason #1. However there are those that will try to come up with new algorithms, new hardware, or a combination, to defeat your encryption and prove it weak. This is what it's all about. You don't prove encryption strong, you continually prove that it's not weak, lending creedence to the theory that it is strong.
Re:Brute force (Score:2)
Re:Brute force (Score:1)
Thaat would be www.grid.org [grid.org]. You can download it from this page [grid.org]. It does several projects, including the cancer one. For me, it seems to switch between smallpox an
Re:Brute force (Score:1)
Re:Brute force (Score:1)
1,200 years of cpu time! (Score:1, Funny)
- Would that theoretical uptime be 1,200 years running Linux?
If this computer is running Windows, I think it needs to be put back on the Area 51 shelf next to the perpetual motion machines, hen's teeth and Tesla weapons.
You can do better stuff with CPU time! (Score:5, Insightful)
More importantly there are more useful distributed computing projects. Here is a pretty good index [aspenleaf.com]. For example there's Folding@Home [stanford.edu] which furthers our onderstanding of proteins, which are so important in so many life processes and diseases, and fightAIDS@home [scripps.edu] which has already found a promising new drug [aspenleaf.com]. Or how about SETI@home [berkeley.edu]? Trying to crack encryption by brute force seems like such a waste in comparison to these.
Perhaps the encryption contests are so popular just because you can win money. It's like a lottery. Maybe the only thing that could be done would be to have a cash prize for significant findings in other projects, or if who did it can't be defined due to the nature of the algorithm, maybe even just an ordinary lottery?
Re:You can do better stuff with CPU time! (Score:1)
Today on a list someone was talking about AES and DES and pulled some info off some web page that said AES would take a trillion years to crack if you could crack 256 keys a second. This sort of thing shows that people can crack random obscure systems in a few months and most of the sanke-oil encryption is worthless.
Re:You can do better stuff with CPU time! (Score:1)
SeventeenOrBust (Score:2)
Re:You can do better stuff with CPU time! (Score:1)
People should only devote their personal computers to projects that you deem important, not projects in which they are interested.
Re:You can do better stuff with CPU time! (Score:2)
Folding@home [standford.edu] has an even nobler goal, is much more competently run, and by participating you are really causing an immediate effect on current scientific projects and helping further our scientific understandin
Re:You can do better stuff with CPU time! (Score:2, Informative)
Sorry.
You bastards! (Score:2)
Is this what /. has become? (Score:1, Insightful)
Brief explanation of elliptic curves (Score:5, Informative)
What makes all of this junk more interesting to computer people is that if you use a field with finitely many elements, you end up with some tools that can be used for things like factoring and other problems in number theory.
Elliptic curve cryptography is based around the discrete log problem. That is, you are given two elements of the group, a and b, you want to find what value of k makes a^k=b. This problem can be solved in polynomial time in some cyclic groups, but elliptic curve groups lack certain niceties that make solving the problem for them tough.
It is believed that elliptic curve cryptography will allow one to use significantly smaller keys than those needed by RSA without a loss of security.
Re:Brief explanation of elliptic curves (Score:1)
two operations which behave like multiplication and division are defined
Aren't these two operations supposed to be the same one ? ... : - |
Shouldn't it be multiplication and addition like in R(+,*) ?
Maybe i'm wrong, this is sooo far away
Re:Brief explanation of elliptic curves (Score:1)
Ellipticalifragilistical (Score:2)
Ahem; that should be elliptic.
just being pedantical.
Janitors and super computers. (Score:4, Interesting)
Chances are they would want to find the one dude who thinks up a program that can hack that encryption to bits in 4 minutes instead of trying every password from here to "timbucktoo" on hundreds of computers at once just because you work the janatorial shift at the San Diego Super Computer Center.
Re:Janitors and super computers. (Score:2)
The encryption companies want brute force (Score:3, Interesting)
Please do not take this as me saying that these encryption systems are or are not any good - I am not a cryptographer. It is just that these competitions are obviously organised from a marketing perspective.
Wonderful lost opportunity by organisers. (Score:2)
Make the suckers decrypt the new message to find out who the winners where in the last competition.
I wonder how long it took the NSA to crack it... (Score:2)
Another interesting link here [thinkquest.org]
Paper: "Architectural considerations for [berkeley.edu]
Re:A question about keys (Score:2, Informative)
Yes.
> How large a file or how many files do I have to decrypt to be assured that I have uniquely identified the private key?
If it decrypts the encrypted file (that is, you run the decrypting algorithm with the "key" you found and you get the un-encrypted text back exactly), then one. If the encryption system is good, the file doesn't have to be too big, but it should probably be a few kilo