lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 28 Feb 2014 17:06:13 -0000
From: pornin@...et.org
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Future CPUs and GPUs?

> So how much further can Intel go?  My physics geek friend has told me
> for decades that the answer is 10nm wires.  That's when electrons stop
> ignoring each other and start lining up single file.  It it possible
> to shrink below 10nm process node?

When wires are too close to each other, electrons begin to jump from one
wire to another through quantum tunnelling effect in non-negligible
amounts.

Quantum tunnelling, by definition, is about how systems, at the "quantum
level", appear to be able to achieve seemingly impossible transitions
because of an adverse potential barrier, as long as the end result is
energetically possible by itself. The analogy is that if you are in front
of a high hill and lack the energy to run/jump over it, there is still a
probability that you can find yourself on the other side, at the same
altitude than previously, so the total energy is balanced. It is as if you
found a tunnel going through the hill and simply walked it. An alternative
description is that you can "borrow" energy from thin air as long as you
give it back promptly. Theory has it that the probability of the borrowing
to occur rises when the payback delay shortens.

Within a CPU, electrons from distinct wires are isolated from each other:
the substrate is not a conductor, and thus is a "barrier of potential".
Electrons would need some extra energy to jump through it (in the same way
that air is not a conductor, but lightning can still occur, given enough
power). When the wires become thinner and closer, the amount of needed
energy decreases (less isolating substrate to punch through) and the
duration of the borrowing decreases as well (the journey is shorter),
making the quantum tunnelling more probable.

Quantum tunnelling always occurs, but below 10nm it occurs too often to be
ignored. It is as if the wires became "leaky".

Back in 2002, IBM announced having successfully operated a 6nm gate, but
it was leaky as Hell, and this could not be turned into a 6nm working CPU:
http://www.thefreelibrary.com/IBM+Announces+World's+Smallest+Working+Silicon+Transistor.-a095085978

Besides putting more gates per silicon area, performance can also be
improved by making gates which run faster (thus higher clock rate),
lowering average distance between two successive gates (extra layers can
help in making wires "straighter", hence shorter), using less energy
(energy consumption and its corollary, heat dissipation, are a
bottleneck)... There used to be a lot of work on purely optical circuits,
based on the ideas that optical gates could switch way faster than
electronic gates, and that photon "wires" could be straight beams which
travel at the speed of light (duh...) and can harmlessly cross. I am not
sure this still is an active research area (though it has military usages:
a pure optical circuit is supposed to resist the EMP from a nuclear
blast).


> Now for password crackers... there will be a winner of the PHC.  Most
> likely, Solar Designer's schemes will either be the winner directly,
> or heavily influence the winner, meaning current GPU attacks are
> toast.

"Don't sell the skin till you have caught the bear." Right now, nobody
knows what candidates will be submitted. The discussions occurring in this
mailing-list cannot claim exhaustivity (e.g. I did not discuss my own
submission). I think a prior message to this list claimed that there
should be about 10 or 12 candidates, but that's just an estimate and there
could be dozens of submissions from people who never actively participated
to this list.


        --Thomas Pornin


Powered by blists - more mailing lists