One of the main complaints in the recent push by some to de-list “Moo! Wrapper” from Gridcoin is that the project is not scientific and is not doing any useful work. Today I will seek to provide an example of how this project is actually useful.
First some Background.
What is Gridcoin?
“Gridcoin is an open source cryptocurrency (Ticker: GRC) which securely rewards volunteer computing performed upon the BOINC platform in a decentralized manner on top of proof of stake.
BOINC is an open-source volunteer computing grid which combines the processing power of all individual users for the purposes of scientific research. It's free, production ready and many projects already harness volunteered computing power to attempt to cure cancer/AIDS/Ebola/malaria, map the Milky Way galaxy, crack Enigma machine codes, etc.. “
https://gridcoin.us
What is Moo! Wrapper?
“Moo! Wrapper brings together BOINC volunteer computing network resources and the Distributed.net projects. It allows a BOINC Client to participate in the RC5-72 challenge.”
https://moowrap.net
What is Distributed.net?
”distributed.net was the Internet's first general-purpose distributed computing project.
Founded in 1997, our network has grown to include thousands of volunteers around the world donating the power of their home computers, cell phones and tablets to academic research and public-interest projects. Join us today in this ground-breaking cloud computing experience! We need your help... “
https://www.distributed.net
Onto the Steak (geddit) of the article
First we will go back to 2002 when Wired had this to say about the project
“When Distributed.net set up shop in 1997 to test various forms of encryption by essentially breaking through them, organizers figured it could take 100 years to uncover the RC5-64 sequence due to limited computer power and the fact that so many people would have to participate in the effort. Still, they forged ahead.
"We had confidence the rate would improve and that Moore's Law would help us cut down on that time," said David "Nugget" McNett, president of Distributed.net.”
……
“While the accomplishment of breaking the 64-bit encryption standard is noteworthy, there are even greater challenges ahead for Distributed.net.
Next up is breaking through RC5-72, RSA's next highest encryption key. RSA also has a 128-bit key, but trying to break a key that long is practically impossible because there are so many combinations of keys to consider, McNett said.
"Major advances would have to be made in keyrate processing before that would be even approachable," he said.”
https://www.wired.com/2002/10/codebusters-crack-encryption-key (2002)
Well 15 years later despite those “Major advances in keyrate processing” we are still hacking away at it, even with computers orders of magnitude faster. Back in 1997 they thought that 62bit encryption keys would theoretically take 100 years to crack and then cracked it within 5 years with an applied experiment.
By definition throwing computing power at even this old key, we are disproving that brute force attacks are possible against even modest key lengths even with hardware that would have been difficult to imagine 15 years ago.
Now onto 2006
“Imagine a computer that is the size of a grain of sand that can test keys against some encrypted data. Also imagine that it can test a key in the amount of time it takes light to cross it. Then consider a cluster of these computers, so many that if you covered the earth with them, they would cover the whole planet to the height of 1 meter. The cluster of computers would crack a 128-bit key on average in 1,000 years.”
“However, 2^32 isn't necessarily a very large set of keys when you're performing a brute force attack with a worldwide distributed network of computers. Such as the RC5 distributed computing project. Here's what they've done so far:
• A 56-bit key was cracked in 250 days.
• A 64-bit key was cracked in 1,757 days.
• A 72-bit key is still being cracked; 1,316 days so far with 379,906 days remaining.
The earliest 56-bit challenge, which ended in 1997, tested keys at a rate of 1.6 million per second. The ongoing 72-bit challenge is currently testing keys at the rate of 139.2 million per second. We're testing keys 88 times faster than we were 10 years ago, through natural increases in computing power and additional computers added to the distributed computing network.
And yet the RC5-72 project still has 1,040 years to go before they test the entire keyspace. Remember, that's for a lousy 72-bit key! If we want to double the amount of time the brute force attack will take, all we need to do is tack on one teeny, tiny little bit to our key. 73-bit key? 2,080 years. 74-bit key? 4,160 years.”
https://blog.codinghorror.com/brute-force-key-attacks-are-for-dummies/ (2006)
So Distributed.net and “Moo! Wrapper” are a living breathing experimental proof that this is currently still true. As long as it continues, it continues to prove that today even modest encryption key lengths are realistically as secure against brute force attacks as the longest of bit length keys.
This project still has value, even today it has and is proving that even with the move to GPU computing, for all its increase in performance, it still is not enough. Note that with the GPU computing revolution the key-test rate is now over 492,477 million per second, based on the above quoted article we are capable of testing keys at over 3500 times faster than 12 years ago.
As exponential growth of computing power continues, more powerful computers become available and with step changes in computing power on the horizon (Quantum Computing?) this ongoing project will continue to provide experimental proof of key length resistance to a realistic brute force attack.
Thanks for taking the time to read my ramblings. If you have found this post useful please consider upvoting, resteeming and/or following me.
Gridcoin: Rx5iQUC9fdZkYuxrjW6ySV6Jfttsw5Ub2L
Bitshares: g-uk https://wallet.bitshares.org/?r=g-uk
Ethereum: 0x734E41c433DE29383957A80dc57B8D025dd326b5
There are at least 2 articles reasoning why to remove Moo! and this is the first solid article defending Moo! project - I was waiting for one, my obvious upvote for the quality.
I was hesitating until now, but finally I'm close to my answer. My reasoning is as follows.
There are N keys and one is valid. Moo! is brute testing them one by one.
The long time it takes supposedly shows how safe the method is.
There was however a chance that proper key was at the very beginning of the set and puzzle would've been solved long ago. It could have been the first tested key, too. As such the test would be inconclusive and dismissed.
As we know that there is N keys and only one is valid, to test how long it would take for a computer of type T to find it, we can just run a quick test, measure the average time to test one key and using basic math we can calculate mean time and maximum time required. Process can be repeated each year within one day on the new generation computer.
My conclusion is: why to run hundreds (or thousands) of computers for many years, if we can use one computer for one hour once a year and achieve the same or even better result?
I can add all natural numbers from 1 to 1 000 000 on a piece of paper within seconds (using a clever method) instead of weeks or years and tons of paper (adding each number one by one).
If there is a better and much quicker method to solve the problem we should use it instead of brute-force method.
Good point, I accept it and it is a valid point. Thank You.
I would say though that gives you the theoretical time to crack, this project gives you an applied proof of that theory and is a great tool to demonstrate and benchmark just what the realistic compute power is required for even simple bit lengths with contemporary hardware.
This article was an attempt to answer the biggest complaint I have heard about Moo! Wrapper, I have also outlined several other concerns over on the official CCT thread.
https://cryptocurrencytalk.com/topic/49533-moowrap/?do=findComment&comment=429200
This is a very good point regarding voting process.
Good thing about Moo!-gate is that it clearly shows we lack several policies and criteria for decision making. Apart of technical criteria you have covered in your whitelist-greylist proposal, non technical once are also needed.
If the project complies with technical requirements:
If you want to make sure your say is recorded, I would appreciate if you post it here:
https://github.com/gridcoin-community/Gridcoin-Tasks/issues/201
I split the de-listing out of the current proposal as it obviously needed more work with the current controversy.
I feel the need to say that I'm not in favor of constantly second-guessing every boinc project. IMHO if it's BOINC it's good as long as it fits in the whitelist criteria under vote right now (https://github.com/gridcoin-community/Gridcoin-Tasks/issues/194).
Let the users determine usefulness. As long as a BOINC project exists and as long as they are fair on their point distribution (not gaming the system), let it be.
BOINC is just a software platform. It doesn't feel like good enough criterion for whitelisting. Should a website be endorsed just because it's built on Wordpress platform? The question is whether / what criteria to use apart of technical once.
Moo! Wrapper gives unfair magnitude advantage, as documented by a user working on it
You are overstating and misappropriating that comment.
is moo gaming the system?
No, The total daily mint of GRC is equally split by project.
Moo can be run on much less powerful systems hence can be a good starter for people.
The projects cannot change the amount of mag they generate, this is fixed by design of the blockchain. The entire point is FUD.
Edit: To expand high end hardware tends to be put to use on other GPU projects where low end hardware is either unsupported or just not competitive, therefore running Moo, or Collatz or another project that supports low end hardware means they are mainly competing against similar low end hardware.
I mean running old hardware is power inefficient anyway. at current, whats to gain?
Most people running Boinc projects don't do it for the money. They do it as they are interested in the subjects, like the competition, believe in what a project is doing etc
Gridcoin helps such people offset electricity costs and encourages more people to give it a go.
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://blog.codinghorror.com/brute-force-key-attacks-are-for-dummies/
Yes cheetah, that would be why I quoted and linked to it.
lol
I also find this vote rather strange. There are others Projects which are even more questionable like Collatz - there is no properly maintained list about all investigated numbers. And it will never proove something. It seems more that People vote based on there individual RAC.
Congratulations @guk! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Award for the number of comments received
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP
Congratulations @guk! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
You got your First payout
Award for the total payout received
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP
Congratulations @guk! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Dear reader, we are Gridcoin Liberation Front, we urge you to consider the other side of the debate. Don't sell your future for short term gains. Vote to Remove the Moo! Wrapper project.
https://steemit.com/gridcoin/@grc-lib-front/gridcoin-liberation-front-call-for-action-on-the-moo-wrapper-vote
The only whale to vote so far has voted to remove the project, dutch will vote that way as well according to his posts. Kind of makes a mockery of your minnows vs whales narrative especially as I am far closer to a minnow than a whale.
what's a minnows and what's a whale?
whale millions of grc? minnows like a few hundred? what do you call those in the middle?
Here on Steemit they are called Dolphins.
It's just one of those terms that grows as shorthand for things on the internet.
so long, and thanks for all the fish