top | item 8448983

(no title)

jercos | 11 years ago

Considering john the ripper has a plugin that can churn out 50k c/s on a gpg key with a mid-tier GPU without specific optimizations, I'd guess a dedicated team of NSA researchers could get the cost for off-the-shelf hardware down to 5000 c/s/$ (based on a $100 GPU running 50k c/s + 10x speedup from engineering effort and specific optimizations), which makes the cost of the raw GPU hardware for a 1 trillion passphrase GPU cluster a smooth $200 million for a civilian assembling in his basement.

Wanna bet the NSA gets volume discounts from nVidia/AMD?

discuss

michaellosee|11 years ago

When I saw 1 trillion guesses per second I immediately wondered what algorithm was being referenced. My single GTX 780 hash performance varies wildly by algorithm. A few numbers:

  NTLM - 1.2 billion/sec
  MD5(Wordpress)- 600 million/sec
  bcrypt - 1,000/sec

1 trillion hashes/sec on a key stretching algorithm like bcrypt would be pretty horrific and might require quantum computing, while the same performance on MD5 might be achieved with <50k in hardware (very rough estimates).

I've heard rumors of storage technology that can store thousands of petabytes in a home appliance form factor. With that can kind of storage it would make sense to just start making salted rainbow tables. Even without fabled hardware, the Bluffdale NSA facility might have the capacity for it. I haven't even done napkin-based calculations yet to see if this is possible, so if anyone has some idea please speak up :-)

edit: formatting

ynniv|11 years ago

How does gpg encrypt private keys?

dublinben|11 years ago

>Wanna bet the NSA gets volume discounts from nVidia/AMD?

So you think they're actually using off-the-shelf GPUs for their password breaking? I would assume any operation with a budget like theirs would create their own ASIC chips specifically targeting the algorithms they need to run. We've seen this happen for Bitcoin hashing, so I'm sure the NSA is way ahead of them.

termain|11 years ago

Maybe not ASICs, but definitely FPGAs.

ck2|11 years ago

NSA has no budget limits with taxpayer dollars - they have a secret budget so the public can never review - what congressional secret hearing is going to turn down a request for more money by them?

1 trillion was TWO years ago. Assume they doubled that by now.

ChuckMcM|11 years ago

This is incorrect. The entirety of the NSA's budget has to fit "within" the existing government budget. And other departments do use money. So it is not unlimited. Defense and International security assistance is $643B this year [1] not a trillion dollars, and certainly not two trillion.

[1] http://www.cbpp.org/cms/?fa=view&id=1258

uptown|11 years ago

Even if cost ever became a problem, at some point the value of the information they're able to unveil would pay for itself. Think of the raw value of having advanced knowledge of confidential business and political dealings. What could that be worth?

Phlarp|11 years ago

Makes you wonder how many black ops they could fund through insider trading. Even without specific encryption breaking hardware the scope of NSA's programs would serve equally well to front run essentially any major market move.

How easy do you think it would be to scrape a little cream off the top of the HFT latte when/if you could see everyones source code and/or tap the ingress points on the exchanges?

Even precluding outright "cheats" like above, I can't imagine it'd be hard to beat wall street at it's own games. Prop firms like to buy satellite images of Walmart parking lots and count cars to extrapolate earnings, sounds like a technique the NSA would be in a position to improve upon.

sporkenfang|11 years ago

When you're running on taxpayer money, seems like it should be doable.