Skip to Content
Skip to Table of Contents

← Previous Article Next Article →

ATPM 3.09
September 1997

Columns

Interview

Segments

How To

Reviews

Download ATPM 3.09

Choose a format:

The Personal Computing Paradigm

by Michael Tsai, mtsai@atpm.com

Crack For Mac


Fears of technology date all the way back to George Orwell's 1984. Luckily for us, 1984 wasn't like 1984 and the personal computing revolution had just the opposite effect of what people expected. Instead of computing power being concentrated in the hands of the few, mysterious governmental agents using it to "check up on" every aspect of our personal lives, the personal computer became a source of individual empowerment. With the advent of BBS's, online services, and the Internet the personal computer has become just as important to communication and free speech as Gutenberg's printing press was half a millennium ago.


The question remains, how safe is your data? For years, computer users have been using encryption software to encode their data from prying-eyes. Once a file is encrypted, it can only be decoded with the original encryptor's key. Keys consist of a string of binary bits (1's or 0's); the longer the key, the more time it takes to encode or decode the data, and the more secure from anyone trying to access the data by brute force (trying key after key to find the right one) it is. One of the most popular algorithms for encoding data is DES, Data Encryption Standard. A more recent, strong and flexible algorithm is known as RC5.


RSA Data Security has announced a series of Secret-Key Challenge to find out just how secure encryption is. Take a look at the challenge page at <http://www.rsa.com/rsalabs/97challenge/>. The challenges consist of one DES challenge, and twelve challenges based on cracking RC5, each with a different length key. To take part in the challenge, you exhaustively test keys until the correct one is found. The first person to find the correct key receives a monetary prize.


Finding the correct key is much easier said than done. It would take many years for a single machine crunching numbers to find the correct key. Of course, as with the classic needle-in-the-haystack problem it's possible, however unlikely, get lucky and stumble across the key early in the game. Still, it's much faster if people work together. Several groups, such as the Infinite Monkeys, Cyberian, and Distributed.Net have done just that. They're organizing people across the Internet to join in a collective search for the key to beat the RC5 Challenge.


For the past two months, I've been working on Distributed.Net's effort to beat the 56-bit RC5 challenge. 56 bits means that there are 256 or 72,057,594,037,927,936 keys that need to be checked (in the worst case) in order to find the correct one. That's a lot of keys, but not too many to make cracking the code unrealistic. 56-bit DES has already been cracked. RC5 is tougher to beat, but it is still possible. It's not difficult for people to encrypt their data with even longer keys, say 128-bit ones, which are exponentially more difficult to crack. However, by sheer inertia, much data is still encrypted with 56-bit keys. The goal of the contests is to show that it's insufficient, that people need to be more careful with sensitive data.


Distributed.Net's Bovine cracking effort takes advantage of several factors:


Distributed, <http://rc5.distributed.net>, has set up a sophisticated network of servers which allow Internet users all over the world to participate in the challenge. Client software that runs on every major operating system (Mac OS, Windows, OS/2, Be OS, various flavors of UNIX, and others) is downloaded to the individual's personal computer. When the client software is launched, one of the Bovine servers gives it a block of 268,435,256 keys to test. The servers keep track of which blocks have already been check to ensure that no work is duplicated. After the client is done checking the keys, it reports back to the server for another assignment.


The Bovine RC5 Client


This is version 2.004 of the Macintosh client. It has some very nice features which include buffering of incoming and completed keys (so your Mac doesn't have to report to the server after every single block), support for multi-processor machines, logging of the number of keys checked, and an excellent graphical user interface. You can tell the client how much of your Mac's processing power to use when it's in the foreground and background. (The more processing time it uses, less is available to other applications.) You can give the client minimal processor time when it's in the background so it doesn't slow down your other applications. When your Mac's been idle for a user-specified amount of time, it will bring itself to front, where it gets a larger share of the processor's time. In this way, you can leave the client running continuously—it takes only 300k of RAM—putting your Mac's idle time to good use.


The client has a preference where you can enter your e-mail address, so that if you're lucky enough to find the winning key, Distributed will know who to give the prize to. The servers keep track of how many blocks each participant processes and display statistics for the top e-mail addresses at <http://rc5stats.distributed.net/>. In addition, they keep track of the operating systems and processor types of computers that submit blocks. This generated lots of competition between users and turned the competition into one of PowerPC versus Pentium in the eyes of many. Of course, the more competition, the more blocks are checked and the faster the keyspace is exhausted.


Even more competitive were the operating system statistics. Mac, OS/2, and Linux users used their disproportionally high (compared to market-share) statistics as bragging rights to prove their superiority to Wintel. As a result, the processor and operating system stats are no longer displayed on the Distributed web site.
On the individual level, people compare the speeds of their machines and fine-tune them to get the best performance, i.e. the most kilo-keys per second. Speeds of clients on various operating systems and processors are available at
<http://www.alde.com/speed.shtml>. 68000 Macs like the Plus and SE complete a few kkeys per second. Apple's PowerMac 9600/350 checks a whopping 1012 kkeys per second.


Groups of friends, corporations, universities, and others formed teams to get themselves into the list of the top 100 e-mail addresses (by total blocks checked). Joining a team is as simple as entering the team's e-mail address in place of your own personal one. Combining 10, 100, or 1000 computers into a team gives that team a much higher chance of finding the winning key than an individual's lone computer cracking away. More importantly, teams foster competition which is good for the RC5 effort.


Three of the most popular teams are Team EvangeList, Team Warped (OS/2), and Team Linux. As soon as a message about the RC5 effort was sent out on Guy Kawasaki's EvangeList, thousands of Mac users took the RC5 challenge as an opportunity to show the power of the Mac. Though starting months later than other teams, Team EvangeList quickly completed more blocks than any other team. It did so at an astounding rate—an order of magnitude higher than any other team. People from other platforms were stunned by the amazing show of unity displayed by <evangelist@apple.com>. Personally, I contributed about 250 billion keys to the effort over a period of about a month. The current Bovine cracking rate is about 5 billion keys per second. The Distributed.Net stats page says that if each key were a drop of water, that would represent 87,100 gallons per second. Nothing like the power of the Internet community to make your own efforts seem insignificant. It made me curious about how such a large amount of computation power could be organized towards a single cause. I found the entire effort intriguing from computing, Mac, and purely human points of view.


Beyond EvangeList there are a number of Mac teams. The headquarters for the Mac RC5 effort is the RC5-Mac web page at <http://www.distributed-mac.net>. Thanks to the generosity of RC5-Mac's editor, Jason Novinger, I had the opportunity to have a number of my questions answered. First, I asked him why so many computer users all over the world would join together to help the RC5 effort.


I think there are number of reasons. Initially the effort started with a group of guys who wanted to show that 56-bit encryption was not strong to be the exportation limit. In the planning of this, the idea of distributed computing blossomed. Distributed computing would harness the raw power of thousand of computers on the Internet that would mount a brute-force attack on RC5.

However, with the Mac OS people it really became a way that the individual user could show just what the Mac could do. It became a way that we could show that the Mac wasn't dead.


Particularly what amazed me was the show of force by the Mac teams. I mean, Macs and the PowerPC are powerful, but there are so few of them compared to everything else out there. In particular, Team EvangeList dwarfed every competing team. Novinger said:


They have the infrastructure of Mac users to call on. I read somewhere that the EvangeList has about 45,000 subscribers. If only half of those run the client then, well, you get the idea. As much crap as Mac users take, we seem to need a way to vent our collective steam.


Mac users are definitely taking the challenge more seriously than other computer users.


If you looked at the stats, when the OS stats were available, they repeatedly showed that Macs contributed about twice as many blocks as Win32 operating systems. Recently, there have even been estimates saying that Macs are contributing more than 50% of the work. I think this was an effort that every Mac user could participate in and by doing so help the Mac OS a little bit.

Unfortunately, the glory days described above were destined to come to an end. On September 2, Andrew Meggs, the man who programmed the Macintosh version of the client in his spare time, withdrew his support for the client and requested that Mac users "turn off their clients." He was enraged by Apple's recent decision to acquire Power Computing and decided to mount a protest of their cloning stance in the best way he knew how. Jason Novinger had this to say:


Since, Andrew made his decision I have thoughts lots of things. First, I thought "Oh, shit." Then it was, "Well, it's his software, I'll respect that." Then the great wall of e-mail hit and I thought "Is this worth it? All over a computer?" Then I came around and said "Hell yes, it's the Mac."

Now, I wish that Andrew hadn't done it, but he did. We need to go on. The Distributed Mac team is trying to pick up the pieces. We are trying to gather a group of Mac developers that are interested in helping to develop an application for distributed computing and the Mac. We plan to help them in any way we can.


I don't know if Steve Jobs and Apple's leadership got the message. Probably not, but Mac users all over the world did. Many, like Jason and I, were distressed at first. By now, though, I think most of us have come around to respect Mr. Meggs' wishes. Many have switched to version 1 of the client, which doesn't contain his code. Others have switched from EvangeList to different teams. Probably many have stopped altogether. Since the announcement, blocks-per-day for Team EvangeList has fallen to about 50% of its previous level.


[Editor's Note: At press time, Mr. Meggs released version 2.005 of the Mac client, which he says "everyone at Bovine can run." Still, I doubt he's any happier about the clone situation now than he was when he began his protest.]


An outspoken member of the RC5-Mac mailing list, Dan Grassi, formed a team called Clones4Mac, <clones4mac@aol.com>. This team is a group of people who support Macintosh cloning, in protest of Apple's recent actions. The hope is that diverting a significant chunk of Team EvangeList's computing power will make a statement to Apple and the world that Mac users want clones. So far, the effort seems to be working. In only about two weeks of existence, the team moved into the top 100 for total keys checked and the top 10 for key rate.


I support Clones4Mac because I care about the future of Macintosh. I believe that cloning was killed at the wrong time for the wrong reasons. I've seen lots of numbers, and I don't believe that clones were were cannibalizing Apple. Rather, I believe that without clones there would be fewer Mac users now. Although the decision to kill cloning may have some short-term benefits for Apple's balance sheet, I don't think it outweighs the enormous long-term benefit clones provide. Users and developers like the presence of clones. Apple should have adapted to meet their needs. Furthermore, CHRP—which promised to increase performance relative to price, allow more companies to build Mac-compatible systems, and free Apple from having to supply circuit board designs to cloners—was just on the horizon. I sincerely hope it sees the light of day.


Perhaps, though, this Mac-centric perspective is missing the point. The RC5 competition is bigger than the Mac. The client runs on more than twenty platforms. Most participants couldn't care less about which operating system does the work. What matters is that it gets done. What matters is that millions of computer-hours are being concentrated on a single cause. Though the RC5 effort is important, when you get down to the bottom of it, RC5 isn't what matters either. Jason Novinger agrees:


I think that RC5 is an important project because it is a stepping stone to other distributed computing projects. There are already other efforts underway like:


I think RC5 will be remembered as the father of public distributed computing.


He's right. The RC5 effort demonstrates the future of distributed computing. To a large extent, this is the future of computing. Right now, the RC5 effort is a loosely-organized group of computer enthusiasts trying show that 56-bit encryption is horribly insufficient. At the current rate, the entire 56-bit keyspace will be searched before the end of this year.


Remember that in the scheme of all the computers in the world, the number of people participating in the RC5 effort is very small. In the future, I predict that distributed computing projects like RC5 will be common and widespread. Users will have a choice of which worthy cause to donate their idle-time CPU cycles to. With increasingly powerful and more widely networked personal computers, CPU idle-time will become a commodity. First it was the property of AfterDark, then PointCast. Soon, I think, corporations and institutions will want to buy it. Or if you're using their hardware, they'll simply take it, to apply to whatever computing project needs to be done. I like to think of it as a form of recycling. You may think that one computer's idle minutes are insignificant, but every little bit helps.


That's the future, or at least my prediction of it. In the meantime, I request that you visit <http://www.distributed-mac.net> to participate in the RC5 effort. There's a code out there that needs cracking. Crack for data-security. Crack for the future of distributed computing. Crack for Mac.


Blue Apple"The Personal Computing Paradigm" is © 1997 by Michael Tsai, <mtsai@atpm.com>. Michael is still searching for the ultimate answer to the ultimate question of life, the universe and everything. 

Also in This Series

Reader Comments (2)

Yaser · December 1, 2001 - 05:00 EST #1
I need to know where I can get the Adobe Acrobat software for Mac. I need to make PDF files and need to be able to rad them on an IBM computer. Can you tell me where I can get the free software on the internet and also if it will work to be able to make PDFs from the Mac and use them on the IBM?
Michael Tsai (ATPM Staff) · December 1, 2001 - 10:47 EST #2
Only Acrobat Reader is free; it's available from Adobe's site. To make PDFs, there are a bunch of free and shareware utilities such as PrintToPDF and MacGhostView. If you're using Mac OS X, you can create PDFs from the Print dialog.

Add A Comment





 E-mail me new comments on this article