[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL bruting progress

Will Kinney <[email protected]> writes on cpunks:
> > We've not managed to isolate the cause of it, as (two people) have
> > nearly swept the entire keyspace (heh they had a bit of spare compute)
> > and no key has been forthcoming so far.
> Um, if you're going to sweep the whole space yourself before you release
> the code, what's the point in a public sweep? 


Nothing as disappointing as throwing all your spare compute joyfully
into such a fun cpunk project, and then finding no key comes from it.
Witness the RC4 bruting, which lots of folks thought fun, but
unfortunately (well it should have been expected, and it was in part,
as there were no specs, all we knew was microsoft said it was RC4 in
some way, nothing more) no key.

Also the private sweeping wasn't planned, just Eric Young said, hey
I've started at 8000 I'll sweep up from there till you're ready.
(Eric already had his own SSL bruting code).  Then David Byers asked
for a copy of Andrew Roos brute ssl to port to the maspar he has
access to, and next thing he said, hey I got it working at 1.5M
keys/sec and left it running, it'll reach Eric's start in a couple of
days.  As it turned out that they haven't found anything yet, their
keysweeping is going to be very useful to figure out what's wrong.
It's much harder to track down problems, accidentally unswept keyspace
etc, when there are 100s of sweepers.

Anyway, when we're as sure as we can be that it will work, we'll
probably try to persuade Hal for another sample session.  So that it
will be a challenge, that we don't know the answer for.

Perhaps it would be fun to have a regular key crunching ring set up
once it's all verified, and proven to work.  Part of the problem with
this is the legal implications, you probably can't expect to get away
with breaking SSL sessions no questions asked - give us a SSL session
key startup and we'll brute it - at least not openly.  A central key
distribution point kind of blows this, as it gives legal beagles
somebody to go after.

The other key distribution architecture, is an unknown machine out
there somewhere in cyberspace :-) Ie a blacknet style address and 2048
bit public key:

	[email protected]

with a charge levied in anon digital cash.  A sweepstake perhaps, he
who hits the key first gets the anon digital cash remailed to him (tax
free of course).

An architecture resilient to interference on both legal and
ill-meaning key-sweepers sides (the possibility exists for someone to
reserve keyspace and not sweep it) is to just search randomly.  Very
simple architecture, but somewhat wasteful of resources, least likely
to be detected, as there is less communication.  One drop off of 'the
session' to cpunks, and another of the result by the euphoric lucky
person who happened to start in the right place.

HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365