[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RSA-130 Falls to NFS - Lenstra Posting to sci.crypt.research



On Tue, 16 Apr 1996, Vladimir Z. Nuri wrote:

> >On Mon, 15 Apr 1996, Vladimir Z. Nuri wrote:

> >    I guess I would have to ask you why you think hackers would be 
> >interested in these projects in the first place?  Your typical hacker 
> >would care very little about such a project and in fact may be interested 
> >in seeing it succeed.  
> 
> the malicious type of hacker has the psychology of taking
> great glee in tearing anything meaningful down. they don't
> necessarily need a plausible reason. the purpose of destruction
> alone can be a powerful motivating force. those who destroy
> carefully constructed things for fun obtain a sense of power from it.

	True.  Yet, my estimate as to the number of 'malicious hackers' 
that would take interest in disturbing such a project (and have the 
ability to do so) is very low.  

	That number would increase though if you were the NSA or any other 
agency perceived as Big Brother, since the hackers would probably see 
your efforts as a threat. 

> >    However, I do feel that you may have a valid point when switching 
> >"hackers" to "opponents of the research."  Anyone with an interest in 
> >preventing or slowing down the progress in such a project would be more 
> >dangerous in my mind than your average hacker.  

> the point is, when you are sharing your project among a lot of 
> elements "out there" on a network, you have to worry more and 
> more about "safe computing". when you are working on a purely
> voluntary basis, what is your guarantee that everyone who volunteers
> is actually on your side? again, a bigger problem the more a 
> task is decentralized. one interesting argument in favor of centralized 
> computing (I'm not saying it is a definitive argument, quite far
> from that of course-- just pointing out that Distribution is
> not necessarily the Panacea to All Problems).

	In every aspect of life we have to deal with the threat of 
someone working to counteract our efforts.  However, to continue 
functioning we rate these threats as probable or inprobable and deal with 
them accordingly.  I don't see skewed results, due to falsifying or 
tampering with records, as being a very probable threat in the present 
especially when you are dealing with volunteers.  That threat would 
increase in magnitude when you start paying people for computer time (as 
they typically have less of a loyalty bond to you than volunteers would) 
or if a person would benefit by corrupting the data (such as in the 
case of a competition).

Bruce Marshall