On Thu, Sep 17, 2009 at 03:58:50PM -0400, Michael Holstein wrote: > (basically, all the OP on Rededit was saying, was he's the guy that > writes the microengine code) .. the processors themselves aren't
Not quite -- he explicitly claimed they used custom hardware. Perhaps using network processor macro cells, but custom design was definitely involved. > capable of realtime brute-force decryption ... but they are the sort of There's no such thing, apart from really obsolete cryptosystems. And even there you can't just fish for content as it was cleartext. > thing that can look for signatures/keywords/etc in a stream and act upon > it at wire-speed. That is old news. > As for breaking encryption, this would be a task better suited for a > large farm of purpose-programmed FPGAs, since I'm not aware of any > commercially-produced ASIC that does this (although the NSA does list > jobs for "semiconductor fabrication", so I'm sure they're in that game). I can see large boxes for e.g. offline DES (perhaps even 3DES) cracks, but everything else is probably not cost effective (of course, NSA has demonstrably been decades ahead of open research in some instances, so don't blame me if they waterboard you just because you took this at face value). > IIRC the Russians had purpose-built their own ASICs to break DES when it > was en-vouge .. I'm sure our side of the pond actively does the same. > > Sneakier mice, better mousetraps. > Lather, rinse, repeat. > while(). What I really dread is having to sanitize my entire systems, which effectively means wiping and bootstrapping my entire infrastructure from known good state, establish physical security, secret management including crypto hardware, system hardening, privilege separation, intrusion detection and documentation, periodic review, and the like. This is seriously annoying, and I resent having to go full tinhat monty. In case anyone has pointers or has already done such a thing I very much welcome any documentation. We should publish everthing in the open to make it easily replicable by anybody anywhere, so just to make the annoyance mutual. -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
