Re: ECDL

Eugene Leitl (eugene.leitl@lrz.uni-muenchen.de)
Mon, 30 Aug 1999 17:03:28 -0700 (PDT)


Rohit Khare writes:

> Wrong. Compared to the miniscule odds of SETI@home, crypto challenges

As I said, SETI@home is pretty pointless.

> *change policy now*. In this case, establishing the security of a new
> cryptosystem -- elliptical curve -- is an essential social good. In a

Brute-force is walking through search space vs. a
cryptoanalysis. There is no point in brute-force, period.

> world dominated by only a few -- or one -- public key cryptosystem,
> we are risking our futures on a single point of failure.

In principle, good point. However, brute-force does not tell much
about the strength of a given cryptosystem we already don't know in
advance.

> Just like the DES Cracker proving once and for all that DES-56 is
> inadequate, Rob's work will have repurcussions.

Every cluebie knew that DES-56 was inadequate for years
before. Whoever uses broken goverment/industry - approved crypto is
himself to blame.

> Run it or don't, that's your choice. I'm just layin' the smack down,
> as Tim would say.

There are certainly much more worthwhile projects to be done (if only
there'd be clients): like searching for a x86 assembly GA mutator
function with GA means (autofeedback) in a x86 emulator sandbox.