[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Counter Mode Security: Attacks, Storage & a Proposal



On Thu, 21 Nov 2002, Theodore Ts'o wrote:
> The risk actually is probably in the opposite direction; there are
> strong indications that Moore's law will not be able to continue going
> forward.  This is also true for disk drives; the size of a magnetic
> domain on a disk platter has been getting smaller and smaller, and
> it's not clear this can continue.

However, a quick review of similar predictions dating back at least twenty
years ("it is impossible to build 64Kbit DRAMs with optical lithography"
was a particularly infamous one) suggests that you should bet on people
finding ways around those problems.  Developers get really creative when
billions of dollars are at stake. 

> Finally, a further issue which will likely make the TMTO attack remain
> completely intractable is the (lack of) rates of improvement in disk
> read/write speeds...

The same issue comes up for RAM, also.  To some extent you can get around
both with clever algorithms (for example, linear hash-collision resolution
is making a partial comeback -- it is *much* quicker to do a linear search
of the rest of the cache line than to immediately go out to memory
again...), but applications with inherently (quasi)random accesses can't
do that very much.

                                                          Henry Spencer
                                                       henry@spsystems.net