|   
From Robert.Harley@inria.fr Fri Dec 19 15:45:18 1997 
Date: Tue, 16 Dec 1997 14:18:54 +0100 (MET) 
From: Robert Harley  
Reply-To: axp-list@redhat.com 
To: axp-list@redhat.com 
Subject: ECC2-79 cracked: Alpha Linux did it. 
Resent-Date: 16 Dec 1997 13:19:42 -0000 
Resent-From: axp-list@redhat.com 
Resent-cc: recipient list not shown: ; 
 
Jus' sent this out. 
 
------------------------------------------------------------------------------ 
This message is copyright Robert J. Harley, 1997. 
If you wish to quote more than one sentence, please quote the whole thing. 
 
To: certicom-ecc-challenge@certicom.com 
 
                                        Robert J. Harley, 
                                        Se`vres, France, 
                                        16th of December, 1997. 
 
Dear Mr. Gallant, 
 
There are two types of communications.  On the one hand are secure 
communications, intelligible only to their intended recipient, and on 
the other are all the rest.  Between them, as Louis Freeh would say, 
there is a "bright line".  On what side of that line does Certicom 
stand? 
 
The solution to your ECC2-79 problem is the residue class of 
276856274258963891889538 modulo 302231454903954479142443.  The work 
was led by a group of Alpha Linux enthusiasts, and the British Telecom 
Labs team joined in too.  We used about 30 Alphas running Linux, from 
UDBs up to 600 MHz workstations.  Jay Estabrook's new 21264 machine 
made a cameo appearance!  There were also 4 Alphas running Digital 
Unix. 
 
Contributors were: 
 
    Andries Brouwer     Andries.Brouwer@cwi.nl 
    Christopher Brown   cbrown@alaska.net 
    Zach Brown          zab@zabbo.net 
    Jay Estabrook       Jay.Estabrook@digital.com 
    Rick Gorton         gorton@amt.tay1.dec.com 
    Oleg Gusev          oleg@usm.uni-muenchen.de 
    Robert Harley       Robert.Harley@inria.fr 
    Richard Holmes      holmes@lanl.gov 
    Andy Isaacson       adi@acm.org 
    Greg Lindahl        lindahl@cs.virginia.edu 
    Jon Nathan          jon@blading.com 
    Dennis Opacki       dopacki@mac-guru.com 
    Vance Petree        vwp@vancpower.com 
    Tim Rowley          tor@cs.brown.edu 
    Michael Sandfort    sandfort@post.cis.smu.edu 
    Jason Shiffer       jshiffer@home.com 
    Aaron Spink         spink@pa.dec.com 
    B.T. Labs Team      jcs@zoo.bt.co.uk 
    Bart-Jan Vrielink   bartjan@mail.de-boulevard.nl 
    Marinos Yannikos    nino@complang.tuwien.ac.at 
    Xiaoguang Zhang     xgz@mn.ms.ornl.gov 
 
    and some anonymous others.   
 
The method we used was a "birthday paradox" algorithm iterating from a 
random initial point (one per machine) with a pseudo-random function 
(the same on all machines) until a collision was detected at 12:47 
today.  A total of 1737410165382 iterations were performed, finding 
1617 "distinguished" points and one collision.  Our source code can be 
downloaded from: 
 
  http://pauillac.inria.fr/~harley/ecdl/ 
 
 
We would like to thank Michael Wiener for sending his paper, 
co-authored with Paul van Oorschot, in which they suggest using 
distinguished points for discrete log calculations.  We used this 
idea to simplify our client program. 
 
Thanks also to John Sager who spotted a broken line of code in one 
version of the program.  We were quickly able to verify that it had 
caused no harm. 
 
If this is the first correct submission, then, well I don't really 
know what you should do with the prize!  Perhaps hold a raffle among 
the contributors? 
 
Thank you, 
  Rob. 
     .-.                     Robert.Harley@inria.fr                    .-. 
    /   \           .-.                                 .-.           /   \ 
   /     \         /   \       .-.     _     .-.       /   \         /     \ 
  /       \       /     \     /   \   / \   /   \     /     \       /       \ 
 /         \     /       \   /     `-'   `-'     \   /       \     /         \ 
            \   /         `-'                     `-'         \   / 
             `-' Linux + 500MHz Alpha + 256MB SDRAM = heaven   `-' 
------------------------------------------------------------------------------. 
 
S'pose that means that Alpha Linux is pretty cool. 
 
Who's up for ECCp-89?   =:-) 
 
 
 
 |