
The Internet's first general-purpose distributed computing project - bhaile
http://www.distributed.net
======
segfaultbuserr
We shall remember distributed.net, it was the first large-scale distributed
computing project, and simultaneously, it was a major "armed force" which
leaded us to the victory of the first Crypto War for the security and privacy
of all.

In the first Crypto War around the mid-90s, the U.S. Government initially
repeatedly denied the insecurity of DES algorithm and refused to replace it
with a new standard, and falsely claimed that data encrypted by DES was a
threat to national security. This stance was not only a denial of privacy, but
also a threat to enterprise infosec and e-Commerce. RSA Security, Inc.,
responded by launching the DES cracking challenge to demonstrate its
insecurity.

The first challenge was completed by DESCHALL Project, an university project,
but it mobilized thousands of volunteers and managed to bruteforce the 56-bit
keyspace in 96 days. The distributed computing setup was an ad-hoc one, and
people realized that an infrastructure was needed for more efficient
coordination, and it motivated the creation of distributed.net.

The second challenge was completed by distributed.net in 39 days. Here's parts
of the original announcement.

> _The correct key, 76 9E 8C D9 F2 2F 5D EA, revealed the words which we 've
> been anticipating these past 39 days:_

> _" The secret message is: Many hands make light work."_

> _(If you ask me, this is a nice nod in our direction. Thanks, RSA Labs!)_

> _In addition to proving that 56-bit DES is no longer sufficient for
> protecting valuable information, we 've now also proved that blind luck need
> not be a factor in brute-force decryption attacks._

> _Prospective: If Keys were dollars, we could pay off the U.S. National Debt
> in 6.25 minutes. If Keys were pennies, we could buy 536249385 Mazda Miatas
> each day. If Keys were pennies, we could buy 256728249 Jeep Cherokees each
> day! If you printed a single page to represent each key block as it was
> checked and placed those pages in a stack, it would grow 12.83 inches taller
> every minute. If blocks were liters of Dr. Pepper, we could produce 6381493
> six-packs each day. If Key Blocks were cheeseburgers, fries, and a large Dr.
> Pepper, we could feed the entire city of Toronto, Ontario lunch each day._

Even after DES has been demonstrated to be crackable twice in a row, the FBI
was still denying its insecurity and denying that the NSA was capable of
breaking it.

> _" If we hooked together thousands of computers and worked together for
> months we might, as was recently demonstrated, decrypt one message bit," FBI
> director Louis Freeh told Congress. "That is not going to make a difference
> in a kidnapping case. It is not going to make a difference in a national
> security case. We don't have the technology or the brute force capability to
> get to this information." _

And finally it was the story we all knew.

The EFF funded to build the DES cracker, and collaborated with distributed.net
to crack DES again in 22 hours and 15 minutes, on January 19, 1999. The U.S.
Government was forced to stop using 56-bit encryption as the public encryption
standard, and forced to authorize the NIST to start the AES competition. The
age of modern cryptography has came.

~~~
dannyw
What a great story. Unfortunately, it's really sad that in the past few years,
the RSA was complicit with pushing backdoored algorithms, i.e. Dual EC DRBG,
and even setting it as the default RNG that rendered the entire cryptosystem
crackable to the NSA.

There is no reason to trust RSA whatsoever today. In fact, they should be
actively distrusted. See
[https://en.wikipedia.org/wiki/Dual_EC_DRBG](https://en.wikipedia.org/wiki/Dual_EC_DRBG)

~~~
segfaultbuserr
The way I see it, is that RSA Security, Inc. funded the DES cracking challenge
primarily because secure e-Commence was crucial to business interests, and it
happened to be aligned with civil liberties and privacy issues, but the latter
one was not their motivation. They are not a charity, it's just business. So
it won't be a surprise to me that RSA introduced Dual_EC_DRBG in the latter
days.

A faceless corporation is not something we put trust onto, although sometimes
we can have some cooperation if we share common interests. RSA Security, Inc.
should still be remembered for its role in removing DES and introducing
Dual_EC_DRBG.

------
xvilka
BOINC[1] still alive, not sure how relevant though.

[1] [https://boinc.berkeley.edu/](https://boinc.berkeley.edu/)

~~~
segfaultbuserr
SETI@Home was launched in 1999, BOINC was launched in 2002. I suspect
distributed.net was an inspiration to both. And interestingly, GIMPS started
searching Mersenne Primes in 1997, around the same time when the first DES
challenge was active.

------
_wldu
I think Plan 9 predates this by a good bit.

[https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs](https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs)

~~~
p_l
Plan 9 was a different kind of distributed that doesn't apply here. IF we used
that kind of definition, then JES3 (a spiritual great-great-granddaddy of
kubernetes) would be the first.

