20080607, 16:16  #1 
I ♥ BOINC!
Oct 2002
Glendale, AZ. (USA)
3×7×53 Posts 
Stop Gpcode!
http://forum.kaspersky.com/index.php?showtopic=71652
Anyone up for a challenge and a possible new DC project ? So we're calling on you: crytographers, governmental and scientific institutions, antivirus companies, independent researchersβ¦join with us to stop Gpcode. This is a unique project β uniting brainpower and resources out of ethical, rather than theoretical or malicious considerations. Here are the public keys used by the authors of Gpcode. The first is used for encryption in Windows XP and higher. Key type: RSA KeyExchange bitlength: 1024 RSA exponent: 00010001 RSA modulus: c0c21d693223d68fb573c5318982595799d2d295ed37da38be41ac8486ef900a ee78b4729668fc920ee15fe0b587d1b61894d1ee15f5793c18e2d2c8cc64b053 9e01d088e41e0eafd85055b6f55d232749ef48cfe6fe905011c197e4ac6498c0 e60567819eab1471cfa4f2f4a27e3275b62d4d1bf0c79c66546782b81e93f85d The second is used for encryption in versions of Windows prior to XP. Key type: RSA KeyExchange bitlength: 1024 RSA exponent: 00010001 RSA modulus: d6046ad6f2773df8dc98b4033a3205f21c44703da73d91631c6523fe73560724 7cc9a5e0f936ed75c75ac7ce5c6ef32fff996e94c01ed301289479d8d7d708b2 c030fb79d225a7e0be2a64e5e46e8336e03e0f6ced482939fc571514b8d7280a b5f4045106b7a4b7fa6bd586c8d26dafb14b3de71ca521432d6538526f308afb The RSA exponent for both keys is 0x10001 (65537). The information above is sufficient to start factoring the key. A specially created utility could be of great help in factoring. 
20080607, 16:25  #2 
Undefined
"The unspeakable one"
Jun 2006
My evil lair
1780_{16} Posts 
Why do we need to crack these two RSA keys? Can you please explain more about what you think Gpcode is and what is so dangerous about it. I found this link (and many other similar websites) that says Gpcode uses simple encryption that is easily reversible.
If it is just a virus that encrypts some of one's files then it is a simple matter to reformat and restore from one's backup. Standard procedure. 
20080607, 16:43  #3 
A Sunny Moo
Aug 2007
USA (GMT5)
3·2,083 Posts 
Hmmm.....both of those are 309 digit numbers, assuming my hexadecimaltodecimal conversion worked right. The fastest known method for factoring numbers of this type would be GNFSthough, unfortunately, even a 180digit GNFS factorization is considered huge with today's resources. (Initial prepwork for such an effort is currently being coordinated in the Factoring forum.)
There's a slim chance that it could be done, with lots of resources and time, though the outlook may even be worse than that. (One of the gurus in the Factoring forum should be able to tell you whether it's even at all possible.) You might have better luck by hiring some hackers to find, and then break into, the virus writer's computer, and get the private key that way. If even one of these numbers was successfully factored, AFAIK it would set a new world record for the largest factorization completed to date! 
20080607, 16:44  #4  
A Sunny Moo
Aug 2007
USA (GMT5)
14151_{8} Posts 
Quote:


20080607, 16:53  #5 
Undefined
"The unspeakable one"
Jun 2006
My evil lair
2^{7}·47 Posts 
There is no point in bothering to crack it. Once some malware takes over your data you can't trust it from then on, encrypted or not, it has been compromised. Even if, by some magic, the factors are found, by then the hacker will likely have tweaked his code to 2048bit, or put in a new key, or switched to ECC, or any number of other things to make the effort futile.

20080607, 21:49  #6  
Bamboozled!
"πΊππ·π·π"
May 2003
Down not across
3×11^{2}×29 Posts 
Quote:
Anyway, factoring kilobit hard integers, whether by GNFS or any other known algorithm, is significantly beyond the current state of the art. It should just about be possible in around ten years time with massive effort  assuming that the last 40 years of progress in integer factorization is a reasonable guide to the next ten. Do not bet too much money on that assumption! Paul 

20080611, 17:48  #7  
Nov 2003
2^{2}·5·373 Posts 
Quote:
computers. We have not had a new algorithm in 20 years. Determining how much more can be squeezed from NFS via faster/bigger computers is problematic. Note that new algorithms alone have not helped. GNFS could not have even been run on computers from (say) 1987. They did not have enough memory. And trying to predict the occurrence of a new algorithm is pure guesswork. Hey Paul! How about a bet? Not too small, Not too big. Say $20 U.S.? I bet that a 1024bit GNFS factorization will NOT be achieved within 10 years. 

20080611, 19:36  #8  
Bamboozled!
"πΊππ·π·π"
May 2003
Down not across
3×11^{2}×29 Posts 
Quote:
However, to hedge against currency fluctuations, I suggest that the amount be USD20 or GBP10, whichever is the greater at the time the bet becomes payable  either 20180612 00:00:01 UTC or when a factorization is announced, whichever is the earlier. Note that at the current exchange rate, GBP10 is worth a few cents more than USD20. Paul 

20080611, 19:58  #9 
Jun 2003
The Texas Hill Country
3^{2}·11^{2} Posts 
Or perhaps a more stable "currency" ...
Like some good "singlemalt" :) 
20080612, 07:37  #10  
Bamboozled!
"πΊππ·π·π"
May 2003
Down not across
3·11^{2}·29 Posts 
Quote:
Same conditions except that there's no requirement that the factorization be performed by GNFS but, rather, is a demonstration of an algorithm and its implementation which is capable of factoring a hard 1024bit (or greater) integer. The quantum computer people, last time I heard (8 years ago) were also predicting "1520 years" for kilobit factorizations by Shor's algorithm. We've no idea (at least, I've no idea) whether a new algorithm will turn up in the near future. If it does, or if the QC people hit their target, it may well be possible to perform a kilobit GNFS within ten years but not costeffective to do so. Compare the situation with 512bit factorizations. It's undoubtedly possible to do one with QS now but there's no real incentive to prove that claim. Paul 

20080612, 13:17  #11  
Nov 2003
2^{2}×5×373 Posts 
Quote:


Thread Tools  
Similar Threads  
Thread  Thread Starter  Forum  Replies  Last Post 
It won't stop giving me ECM, help!  137ben  PrimeNet  5  20120329 12:43 
Sieving: When to stop?  SaneMur  Riesel Prime Search  4  20110718 17:04 
When will it stop?  ThomRuley  Msieve  20  20100519 02:12 
Should we stop at k=249?  jocelynl  15k Search  2  20040710 13:31 
RMA  stop LLR bug  paulunderwood  3*2^n1 Search  8  20040519 07:10 