From owner-freebsd-hackers@FreeBSD.ORG Thu Mar 3 19:08:02 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B927F16A4CE for ; Thu, 3 Mar 2005 19:08:02 +0000 (GMT) Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0926A43D48 for ; Thu, 3 Mar 2005 19:08:02 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id j23J7u2l010274; Thu, 3 Mar 2005 20:07:56 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: Roland Dowdeswell From: "Poul-Henning Kamp" In-Reply-To: Your message of "Thu, 03 Mar 2005 13:37:46 EST." <20050303183746.DAD403700F@arioch.imrryr.org> Date: Thu, 03 Mar 2005 20:07:56 +0100 Message-ID: <10273.1109876876@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: ALeine cc: tech-security@NetBSD.org cc: hackers@freebsd.org cc: tls@rek.tjls.com cc: crypto@metzdowd.com Subject: Re: FUD about CGD and GBDE X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Mar 2005 19:08:02 -0000 In message <20050303183746.DAD403700F@arioch.imrryr.org>, Roland Dowdeswell writes: >The claim is made that there is at least O(2^256) work to crack a >disk and O(2^384) to crack the disk if the lock sectors are destroyed. Roland, in particular when you get into big numbers you have to pay attention to small details. The O(2^384) number takes the current estimate for the number of atoms in the universe into account. In the absense of a way to store more than one bit on every single hydrogen atom in the universe, you cannot possibly correlate a matrix which is 2^128 on boths sides without repeatedly recalculating the results for one side as you iterate through the results of the other. The fact that you are not even guaranteed to be able to eliminate a single candidate solution until you brute force at least 17 sectors than two does not improve the situation any. Poul-Henning PS: I get a lot of bounces from various lists I'm not on. I put my faith in somebody forwarding my replies faithfully onto those lists ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.