Why I dont think that we should remove Moo Wrapper! from whitelist

in #gridcoin7 years ago

There was recently a discussion on Reddit (~~~ embed:gridcoin/comments/7qre20/moo_wrapper_is_this_a_scientific_project/) about the scientific aspects of Moo Wrapper, which is the BOINC-version of the RC5-72 challenge. This discussion led to the current poll on the question, whether Moo Wrapper should be removed from the whitelist. In this point I want to bring out some of my points on why we should not remove it from the whitelist. Nevertheless, I agree that the scientific merits of this bruteforcing of a key is not large. reddit metadata:fGdyaWRjb2lufGh0dHBzOi8vd3d3LnJlZGRpdC5jb20vci9ncmlkY29pbi9jb21tZW50cy83cXJlMjAvbW9vX3dyYXBwZXJfaXNfdGhpc19hX3NjaWVudGlmaWNfcHJvamVjdC8pIGFib3V0IHRoZSBzY2llbnRpZmljIGFzcGVjdHMgb2YgTW9vIFdyYXBwZXIsIHdoaWNoIGlzIHRoZSBCT0lOQy12ZXJzaW9uIG9mIHRoZSBSQzUtNzIgY2hhbGxlbmdlLiBUaGlzIGRpc2N1c3Npb24gbGVkIHRvIHRoZSBjdXJyZW50IHBvbGwgb24gdGhlIHF1ZXN0aW9uLCB3aGV0aGVyIE1vbyBXcmFwcGVyIHNob3VsZCBiZSByZW1vdmVkIGZyb20gdGhlIHdoaXRlbGlzdC4gSW4gdGhpcyBwb2ludCBJIHdhbnQgdG8gYnJpbmcgb3V0IHNvbWUgb2YgbXkgcG9pbnRzIG9uIHdoeSB3ZSBzaG91bGQgbm90IHJlbW92ZSBpdCBmcm9tIHRoZSB3aGl0ZWxpc3QuIE5ldmVydGhlbGVzcywgSSBhZ3JlZSB0aGF0IHRoZSBzY2llbnRpZmljIG1lcml0cyBvZiB0aGlzIGJydXRlZm9yY2luZyBvZiBhIGtleSBpcyBub3QgbGFyZ2UufA== ~~~

As I gather, the main point of the RC5-72 challenge is to brute force open a specific 72-bit RC5 key. (more on RC5 here https://en.wikipedia.org/wiki/RC5). This challenge originally runs on the distributed.net-client, which is apparently a similar distributed processing program as BOINC. Moo Wrapper just links BOINC to this project. The challenge was issued by RSA Labs in 2002, and they offer a total of $10 000 prize for solving the key, distributed as follows:

$1000 to the winner
$1000 to the winner's team (or to the winner if not on a team)
$6000 to a non-profit organization chosen by all participants
$2000 to distributed.net for building the network and supplying the code

Although the brute forced key is not very scientific, I think that the process of brute forcing it open using distributed processing ecosystem is, to some extent. Building the client, optimizing the process and linking it all to other programs like BOINC all have some value to them. The process also generates data about which hardware, setups and work package length work best. A clear goal helps coders to focus their work.

According to the stats at http://stats.distributed.net/projects.php?project_id=8, grcpool is the overall fastest cruncher, having 3x blocks per day compared to the next participant. This corresponds to ~13.5% of the total keyrate, just for the pool. The keyrate has doubled since gridcoin was introduced, so I think team gridcoin could easily have 20-50% contribution to the project. The prize money would of course be a nice bonus for gridcoin and/or the pool if we solve it, which could be used for development. Of course, finding the correct key could take tens of years, the max of 132 years (with current speed), or it could be tomorrow.

One aspect that has not been considered that much, is that solving such a hard key would be a historical achievement, which could give gridcoin some nice publicity. We need publicity to grow.

Also, I think its very hard for an average (or even a non-average) gridcoin user to really have the knowledge to decide if a project is "scientific" enough. Delisting Moo Wrapper for being unscientific would mean that being whitelisted is susceptible to the whims of the voters, who may or may not have enough knowledge about the scientific aspects of each project. I think whitelisting should be based on aspects like reliability and technical aspects.

I hope that people will vote for this project to stay in the whitelist. Also a wide discussion and decision about white- or blacklisting needs to be done, to have some consistency about the projects we crunch. I think some good arguments are presented here: https://steemit.com/gridcoin/@nateonthenet/why-gridcoin-whitelisting-must-go

Cryptography is not my field (I'm a PhD researcher in Space Physics myself), so please correct me if I have something wrong.

Happy computing!

Sort:  

You have not convinced me in the slightest. Your arguments are weak and far-fetched. "Historical achievement"? Really? Especially with a challenge that is pretty much long gone and cancelled?

We started this discussion for a reason. Gridcoin exists to reward scientific computations and many of us consider Moo! Wrapper a waste of computational power, that could be put into real use with, for example, Rosetta or MilkyWay. Hell, even Enigma feels more useful, because it can give us insight into history.

If you want to compute for fun and waste energy, then go ahead, mine some bitcoin or ethereum. But please leave gridcoin alone.

As far as I know, breaking a code this hard has not been done, hence the historical part. You are right that it is not quaranteed to be newsworthy.

As a scientist (a big data crunching oriented at that), I really dont have any incentive to promote wasting computational power. My main idea here was just to show that Moo is not necessarily fully unscientific, even if the result will essentially be useless.

The main achievement of this project has probably been the advancement of distributed computing at the time when this challenge came out. I agree that it has lived out most of its usefulness, and I totally understand if/when the vote will pass to remove it from whitelist.

My main point here was just to bring out some arguments for the project and the philosphical questions this raises while also acknowledging the faults. Just trying to breed discussion, no need to be hostile about it.

I'm very interested in advancing gridcoin. The useless hashing of other cryptos is a huge waste, that could be utilized by science. Maybe some day I'll bring out a BOINC project that crunches Solar and Heliospheric data that will help to understand our solar system better.

I am not being hostile, even though my comment might have looked like that. As you said, you wanted to breed discussion, and you did - I stated my point of view using strong words in order to demonstrate how much against this project I am. I find it absolutely pointless and I am not going to back off in the slightest.

No worries, no hate here :) Cheers.

Yeah no problem. Maybe the "leave gridcoin alone" was the bit that throwed me off, you probably meant that "useless hashing leave grc alone" and not me. There's always a challenge intrepreting the tone of text messages. :)

As far as I know, breaking a code this hard has not been done

It was actually done by the same project. They have already decrypted two messages at shorter key lengths, the only difference for the third message being that the key length is even longer. We could, in theory, continue to increase the key length forever.

I guess you're not very interested in having secure encryption then, which is odd since gridcoin is built upon it. The whole point of the RC5 challenges is to ensure that cryptographic algorithms are secure. If someone can brute force any encryption algorithm in a reasonable time, especially in a distributed manner, then it is no longer useful.

So you might see it as a waste of energy, but it's actually demonstrating that the algorithm is secure.

And since it has no scientific merit, clearly the challenge hasn't been spawning research into the topic, like such http://ieeexplore.ieee.org/document/4380736/?reload=true

But it's actually demonstrating that the algorithm is secure.

Except, we already know exactly how secure the algorithm is. The breaking of this code will effective yield a single data point on a known statistical distribution of the compute power (or time) required to decrypt the message.

Are you sure the prize would still be paid? Didn't the challenge already end and they are only crunching on it for fun?

According to this, yes: "In May 2007, RSA Labs announced that Secret Key Challenge would be discontinued. Fortunately, due to the continued interest in our RC5-72 project we have decided to privately sponsor the prize and operate the RC5-72 project as before." (http://www.distributed.net/RC5) :)

It will still be paid out, but the prize distribution has changed from the original challenge. As per the link @fortex posted, it is now:

$1000 to the winner
$1000 to the winner's team (or to the winner if not on a team)
$6000 to a non-profit organization chosen by all participants
$2000 to distributed.net for building the network and supplying the code

The arguments you bring to support moo are weak/trivial. I also agree with @artstein.

  • Distributed computing
    All of the BOINC projects have in some way helped to advance distributed computing. That is hardly the point here, rendering animation can also do the same but it has nothing to do with GRC.
  • Publicity
    Your argument that cracking the code will might bring extra publicity is self defeating, since you previously stated that more useful projects do exist. If the moo power was diverted to, even a very far fetched but still scientific project like seti, the publicity gain would be far greater. Hence your argument is actually for removal if you follow it through consistently.
  • Whitelisting is up to the whims of the voter
    Similarly in this argument you argue that community members can't be trusted to pass judgments, yet you finish by suggesting your own judgment for consideration. There exist many studies which show that aggregating weak learners results in information gain (wisdom of the crowd) hence I would prefer voting over single amplified opinions.

Lastly, if you are going to bring credentials in to this discussion (you mention you are phd researcher, in your reply to artstein you write "as a scientist") you should do so fully. In other words, if you hold a masters/phd degree you cite your thesis and the institution where you defended. This is important because titles alone do not necessarily mean universal expertise or proficiency. For instance if I tell you I am a doctor (hold a phd) and try to give you medical advice you should ask me what kind of doctor I am, since I might be a doctor of liberal arts. Hence I would suggest withholding your credentials unless they are very specifically involved with the discussed topic.

These are good points. Most of the pioneering work for distributed computing has been done at the start of this RC5 project and the RC5 project before. My point was just that this project as a whole has had some value. It is true that its speculative if it will have this kind of impact in the future.

On the second point, a result from Seti is not quaranteed. For Moo! there is a clear goal, which will ultimately end the project, and possibly bring some publicity.

Of course since the topic is up to vote now, I want to bring out some points to influence it. My main question here is, should whitelisting just be a matter of individual votings, or should there be a semi-automic system where if a project passes certain rules, it should be accepted?.

The reason for mentioning my academic career is to tell that I have a good knowledge of the scientific process and academic research. I mention that cryptography is not my field, so I'm not trying to step in with my topic knowledge. On my bio you can find that I'm a PhD researcher in Space Physics. My PhD topic is about the Sun's Heliosphere and cosmic ray modulation. I'm working at University of Oulu, Finland, but I want to stress that I'm not officially representing my institute in any way here.

i don't think the moo project has enough in common with the scientific process. that was actually how this whole discussion started:

i agree with you that an automatic system would be better, but then you should elaborate more on the objective rules governing this system.

I think the black/graylisting presented in the post I linked has good ideas, but many aspects like scientificity is hard to automatize.

As I've said, the results of moo wont be scientific, but the process can (and has) be studied.