Download Kill Cmos 64 Bits
Violetta Wagganer
In a context involving a block cipher like AES-128, excluding quantum computers, cryptanalytic breakthrough on AES and implementation attacks (poor TRNG, DPA..), and wrench, how confident can we be that by key search, "nobody will crack a 128-bit key" until 2100. Assume business as usual for humanity, use of 1 year worth of global production of electricity, 1 year worth of industrial production for the gear (used over a multi-year period).
Updated: I leave it open if we allow multi-target attacks, where the same known plaintext is available enciphered under many random 128-bit keys. That makes a huge difference, but specifics of the block cipher become less important, which is good.
Note: we have a related question there; but it was considering a 256-bit key size, the methods adequate for that size need not be precise, and have not led to a definitive or even clear conclusion on 128-bit; plus answers are nearly 6 years old, and much more SHA-256 have been performed since then than I would have predicted at the time.
Note: We have another related question there at the 128-bit key level, but it restricts to currently available technology. Here, we must account for foreseeable technology more plausible than quantum computers usable for that cryptanalysis.
Note: 2100 and other limits have been set (instead of the original in the future of humanity as a species) for the sake of making a quantitative answer more falsifiable. Say, global apocalypse on that March 1 because a military subcontractor goofed on the leap year rule.
Obviously predicting is hard especially the future but assuming humanity will not self destruct it will continue to progress and it is not unreasonable to assume it will come close to the limits of what is possible.
Brute forcing a key requires enumerating the keys. And that requires changing bits. Each bit change erases some information and there is a minimal amount of energy required for that. Lauder's limit _principle
For brute forcing a 128 bit at room temperature this comes out 262.7 Twh(the annual electricity consumption of Spain) that is a lot But not something humanity can't achieve. By lowering the temperature we can improve on this. And some say we could build another type of computer which doesn't erase information and this limit won't apply to it. Though such a computer might go against the spirit of the question which excluded quantom computers.
I believe that I can bound the problem based on the current state of semiconductors and classical physics. I mean to exclude quantum computers and quantum devices. We have reached the point where if you want to double the speed, you need to double the power, so modern CMOS is at an end, but you still can tease through a power argument.
Let's assume that it takes a single electron to toggle a gate; however, to have "gain" in a system you need more than a single electron because transistor gain comes from channel shortening (people who draw an inverter as a resistor pair do a disservice). For this reason, I will assume that each transistor takes 3 electrons on 1V. I will further assume a direct bandgap and an infinite capacitance to the substrate for a 1:1 coupling to instantly turn on the gate, so I'm ignoring time of substrate inversion (which is the physically limiting factor)
I now have to make a hardware assumption (sorry), and I'll use AES-128 just because I can bound the problem. I have 5 S-Boxes at 890 electrons per try each (I have an internal S-Box reference that calculates the multiplicative inversion, and I just back calculated this from the gate count). Rcon costs me 112, the another 314 for the rest of the key schedule. The mix columns and cryptoword overhead seems to be about 1480. It costs me 16384 total for the state registers. This gives me a total of 22740 electrons per round, for 10 rounds.
The result is 3.6433e-15 W per attempt. This means it requires 1.2398e+24 Watts to explore the complete key space. That's about 2 years of current world energy creation. Assuming that you need $2^127$, tries that's a total of 6.198e+23 Watts, or one year's worth of world energy. These numbers represent the lower boundary condition with the current behaviors of semiconductors that work by classical physics.
It is complete nonsense to suggest that we'll have to boil lakes or build Dyson Spheres to recover an AES key. All those back of fag packet estimates are for brute forcing a key. It is extremely likely that we won't have to. Differential analysis came along and revolutionized cryptography. Technology and science will inevitably advance further and key recovery will become possible.
It is extremely nave to predict the future with such blind arrogance. Do you remember those doom sayers that prophesied with such certainty that a man's lungs would explode if we travelled above 6 mph? And those German cryptographers who orchestrated the War of the Atlantic confident of total secrecy? Were they wrong!
There is a simple mathematical test to determine whether any encryption can be broken. If (message entropy) > (key entropy), the encryption can be broken theoretically. The longer the message, the greater the redundancy and the lower the theoretical security. Just because we can't recover an AES key today /tomorrow, doesn't preclude it's recovery next week or next decade. If anyone says otherwise, I suggest that they retire from poorly paid cryptography and either go into the stock market to make a killing or Tarrow card reading.
There is an interesting consequence of the breakability formula. True random number generators are relatively simple to build. When the Up side of our Dyson sphere is at war with the Down side, strategic communications may again revert to using ancient one time pads that obey the breakability equation.
I tried to wrap tape around the tip of the Allen wrench that is supposed to get the bolt out to make it have a tighter fit. That didn't work. I tried the next size bigger Allen wrench. That didn't work. Are there some other tricks? Like I mentioned, this is an unwanted shifter, so it can be broken off.
The mounting clamp has a gap. You can use a thin saw to split the bolt there. It might scratch the clamp, but with careful action, the saw blade will not touch the handlebar. After that, you will be able to slide the shifter off the handlebar.
Note that the key to success using it is enough insertion depth for the bit to bite. This means that you will need to drill a hole using a regular smaller drill bit inside the bolt head. Without doing it, the extractor bit would just glide helplessly.
Drilling out the bolt is probably difficult, because handlebars are not easily fixed to something rigid, and you have to drill freehand, in an unusual direction. At least, use some lubrication and a sharp drill bit.
If you know someone with a TIG welder, have them tack weld something to the hex bolt head, with the smallest torch (handset?) at hand. Something like a hex nut standing on one of the six edges, as the new handle to turn the bolt. Cover the shifters with tape before, cut the hex bolt free, then you might be lucky.
That said, these bolts are normally fastened with a torque wrench to 4-6 Nm, in order to not kill the delicate thread in the aluminium or fibre reinforced plastic part. If the hex bolt is completely done, I'd be suspicious of the receiving thread.
I've never done this myself, but I've seen videos of people using torx bits to remove the bolt. Use a hammer until it grips enough top turn the bolt. This could damage the torq nur could be just enough to remove the bolt
b1e95dc632