Pages:
Author

Topic: The performance claims and prices are unrealistic - page 2. (Read 5306 times)

legendary
Activity: 1386
Merit: 1004
SHA-256 is used to encrypt data

How does that work? Show me how to decrypt a SHA256 hash back to its original contents.
Step 1, generate random contents
Step 2, hash it
Step 3, compare to a known hash. If matches and random contents makes sense you done, if does not match loop to step 1.
In reality this is an infinite loop that produces no results.  It is more likely that all of the oxygen in the room you are in is distributed poorly and none of it is near you.

I feel generous, so i am going to teach you a little something about hashes. When you create a web account for you online banking, the banks server does not actually store your password. The banks server stores SHA-256 (being extremely optimistic) hash of your password. When you log in the web server compares stored hash to the hash of the password you provided. If the two match, you are in. Now imagine that I hacked the webserver and stole the file which has the hash value of your password. I still can't log in and take your money; i need to find a string which will hash to the same value as the hash of your real password, then use that string to log into the banks server and take your money. There are many strings which would match hash value of your password, but the only way i can find one of them is to start hashing all of the possible strings, until i find one whose hash matches the hash of your password. This is why SHA-256 is under export control. Imagine if i had a super computer doing 1PHps, it would take me less time to randomly find a string which matches your passwords hash. So, US gvt restricts export of SHA-256 to Export Licensed companies. It does not mean it can not be exported, it just means company doing the export/import needs export/import license. Sending SHA-256 cores to china for assembly would require export license.

While you have some of the overall concept there, your attention to detail is lacking. 
newbie
Activity: 35
Merit: 0
SHA-256 is used to encrypt data

How does that work? Show me how to decrypt a SHA256 hash back to its original contents.
Step 1, generate random contents
Step 2, hash it
Step 3, compare to a known hash. If matches and random contents makes sense you done, if does not match loop to step 1.
In reality this is an infinite loop that produces no results.  It is more likely that all of the oxygen in the room you are in is distributed poorly and none of it is near you.
I am going to say that you have made the most elegant comeback I have ever read in a long while.

You are a rising star in my book!

Last I checked, hashing and encryption are two different things. They only barely resemble one another on a superficial level.

Hashing and encryption ARE two different things. In fact though, they are both used when you log into your online banking account.
1. Your computer gets the public RSA key of the server and encrypts the AES key with it.
2. Sends the key to the server together with your password, which is encrypted with AES.
3. Server decrypts AES key, using that key decrypts your password, it hashes your password and compares the resulting hash to its stored hash. If two match, you are authenticated.
Server does not actually store your password, just its hash, this way if hacker steals the list of all password hashes, he still cant log in...
legendary
Activity: 1890
Merit: 1003
SHA-256 is used to encrypt data

How does that work? Show me how to decrypt a SHA256 hash back to its original contents.
Step 1, generate random contents
Step 2, hash it
Step 3, compare to a known hash. If matches and random contents makes sense you done, if does not match loop to step 1.
In reality this is an infinite loop that produces no results.  It is more likely that all of the oxygen in the room you are in is distributed poorly and none of it is near you.
I am going to say that you have made the most elegant comeback I have ever read in a long while.

You are a rising star in my book!

Last I checked, hashing and encryption are two different things. They only barely resemble one another on a superficial level.
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
As a computer engineer (the kind of engineer that actually knows about the topic at hand), I call bullshit on pcm81 having any idea what he's talking about.

Sorry, pcm81, but the other camp's marshmallows are lookin' mighty tasty. I may have to head on over there to make sure they're not using any of my barn wood as fuel. That would piss me off.
full member
Activity: 154
Merit: 100
As a computer engineer (the kind of engineer that actually knows about the topic at hand), I call bullshit on pcm81 having any idea what he's talking about.
donator
Activity: 1617
Merit: 1012
1. SHA-256 capable devices require export license, and no export to China is permitted. So you cant use china as the manufacturing site unless you just build FPGAs and then "convert" them to SHA-256 hashing devices in US.
Regarding export restrictions, I believe Bitsyncom is a US-based company. As such, it should have no problem manufacturing SHA-256 devices at a subsidiary located in China since China is not on the ban list (Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria). In fact, many companies such as Motorola and Cisco manufacture hardware encryption technologies in China.

I can't say for sure whether Avalon is 100% legit in this matter, but I have been involved in a small busines venture where this setup has been done before and it was no big deal.
legendary
Activity: 1274
Merit: 1004
This thread is comedy gold.

I honestly can't see his guy being serious, he has to be trolling. If he is a P.Eng, he should review his licensing body's guidelines on consulting outside his area of expertise.
1. I said i am an engineer, i never said i was a PE. Even if I was a PE, this is internet forum small talk, this does not qualify as consulting. Nice try, but no cigar.
Obviously, but the professional training you should have gone through is usually pretty thorough in driving home the idea of not throwing around your qualifications when it's (blatantly) obvious you have no idea what you're talking about.
sr. member
Activity: 310
Merit: 250
Isn't the guy(s) behind AvalonASIC the same people that delivered Icarus and Carismore FPGAs?

I'm probably confused with FPGA they we behind BUT... they still designed an FPGA that could hash the SHA-256 encryption algorithm that Bitcoin uses.

That had no issues from shipping out of china...

But did they actually program the FPGA in China? I seriously doubt that.

Yes, Plug it in, turn your miner on... and go. Same with all the other FPGA's at the time.

Yes there were better bitstreams coming out to make them go faster, and JTAG was disabled on at least BFL's FPGAs (Not sure on Modminer, Icarus/Carismore.)
newbie
Activity: 35
Merit: 0
This thread is comedy gold.

I honestly can't see his guy being serious, he has to be trolling. If he is a P.Eng, he should review his licensing body's guidelines on consulting outside his area of expertise.
1. I said i am an engineer, i never said i was a PE. Even if I was a PE, this is internet forum small talk, this does not qualify as consulting. Nice try, but no cigar.
newbie
Activity: 35
Merit: 0
Isn't the guy(s) behind AvalonASIC the same people that delivered Icarus and Carismore FPGAs?

I'm probably confused with FPGA they we behind BUT... they still designed an FPGA that could hash the SHA-256 encryption algorithm that Bitcoin uses.

That had no issues from shipping out of china...

But did they actually program the FPGA in China? I seriously doubt that.
sr. member
Activity: 310
Merit: 250
Isn't the guy(s) behind AvalonASIC the same people that delivered Icarus and Carismore FPGAs?

I'm probably confused with FPGA they we behind BUT... they still designed an FPGA that could hash the SHA-256 encryption algorithm that Bitcoin uses.

That had no issues from shipping out of china...
legendary
Activity: 1274
Merit: 1004
This thread is comedy gold.

I honestly can't see his guy being serious, he has to be trolling. If he is a P.Eng, he should review his licensing body's guidelines on consulting outside his area of expertise.
legendary
Activity: 1064
Merit: 1001
ASIC just means Application Specific Integrated Circuit. So, a burned FPGA is ASIC. A very bad one, but it is still ASIC. If you want to design a real, clean ASIC then you need to take SHA-256 cores, or design your own, and wire them up manually on a wafer / pcb etc.

Uhh..what?
So if I light my gate arrays on fire, they spontaneously turn into integrated circuits that can only perform one task? Wish I would have known that before! Could have saved a ton of money on preorders...


Moreover, your example doesn't actually match your bogus claim— searching for a password requires the password to be weak. Finding a random collision would take time proportional to the size of the hash (e.g. on the order of 2^127 invocations of the hash) and you run into problems with their not being enough energy available on earth.

This.

@pcm81 - You have a better chance of winning the Powerball Lottery (if you're in the United States) four times in a row (at 1 / 175,000,000 chance or so) than finding 1 collision.
legendary
Activity: 2128
Merit: 1073
Having extra pads for power kinda makes sense, but I wonder why they have dual I/O lines.
In general, number of pads doesn't have to match the number of pins. One could use a power interposer with one ruddy wire to the pin and many thinner wires to the pads.

Maybe they were given a choice: QFN before New Year or TO-220 after New Year. Example custom packaging from the same site:

http://www.psitechnologies.com/products/custom-packages.php

As far as dual I/O: maybe they used some ready-made serial I/O blocks that operate in a dual ring, sort of like FDDI? There are pins named "bypass", which kinda suggests ring topology interconnect.
legendary
Activity: 2126
Merit: 1001
I consider pcm81 proven wrong in most of his claims.
The question is, uninformed or FUD?
Still, I enjoy the insights given here, as I had little knowledge of all this before Bitcoin.

And I still don't believe in ASIC miners before having definite proof! :-)

/subscribing

Ente
full member
Activity: 196
Merit: 100
The optimal package for bitcoin hasher would be something like TO-220 with 7 leads:

http://www.psitechnologies.com/products/todo220.php

The I/O would be serial, the leads would be VccI/O ClkI/O RxD TxD VccHash ClkHash and Reset. Ground would be provided by the heatsink screw pad. One could even omit reset lead by doing serial reset: hold RxD high over (say) 100 I/O clocks.

Well, from the choice of packages (all with many more pins) one can surmise that none of the Bitcoin ASIC vendors obtained the advice from the power-analog and mixed-signal designers.

https://bitcointalksearch.org/topic/announcement-avalon-asic-development-status-batch-1-120184

Quote
Code:
Chip Specification
Technology Summary:
    TSMC 0.11- micron G process
        5 Metal
Core Voltage: 1.2 V
I/O Voltage: 3.3 V
Core Frequency: 256+ MHz
Number of Pads: 48
    8 Data
    40+1 Power
Package Type: QFN48 -0.5 Pitch
Packaged Chip Size: 7 mm x 7 mm

Chip Interface
Data Pins (8 in total):
Clock                     i
Serial Data In  [2]       i
Serial Data Out [2]       o
Serial Data Bypass [2]    o
Reserved    [1]    -

Having extra pads for power kinda makes sense, but I wonder why they have dual I/O lines.
legendary
Activity: 2128
Merit: 1073
There is nothing special abut ASIC, most ASIC vendors just use a custom programmed FPGA; this is called FPGA to ASIC conversion.

To get an FPGA/ASIC project of this scale done you will need 2 very good engineers forking full time for a year.
The original post has multiple false premises and therefore makes false conclusions. I'm going to address just the above two.

Bitcoin hasher is a spectacular example where full-custom ASIC implementation will be much better than the FPGA implementation.

SHA-2 is a rather rare digital circuit that is completely self-testable and observable. All the standard JTAG testing logic required in majority of digital circuits can be omitted. In fact vast majority of the internal D-type flip-flops in the hasher core don't even need the reset signal connected. Order of magnitude less power than FPGA will be easy.

Because of self-testability of SHA-2 and repetativeness of brute force hasher the overall design could be done over a couple of lunch breaks by a single engineer familiar with mixed-signal design and with access to the appropriate software tools. In addition to the above the chip is almost completely solipsist: it really doesn't have to obey any well-known interfacing standard, not even with a second copy of itself. It is sufficient to just communicate between the hashing chip and the I/O controller.

The "mixed-signal" is a key point here. Although the Bitcoin doesn't by itself use analog signals; the hashing chip is limited primarily by (1) power dissipation and (2) simultaneous switching noise. Because of the above two limitation mixed-signal experience would be a key to designing a chip that will be both efficient and will work on the first tapeout.

The optimal package for bitcoin hasher would be something like TO-220 with 7 leads:

http://www.psitechnologies.com/products/todo220.php

The I/O would be serial, the leads would be VccI/O ClkI/O RxD TxD VccHash ClkHash and Reset. Ground would be provided by the heatsink screw pad. One could even omit reset lead by doing serial reset: hold RxD high over (say) 100 I/O clocks.

Well, from the choice of packages (all with many more pins) one can surmise that none of the Bitcoin ASIC vendors obtained the advice from the power-analog and mixed-signal designers.

I'm not familiar with the commercial toolchains used in ASIC development; but from my past experience with R&D in digital and mixed signal design I'm positive that the main stumbling block would be the learning curve required to understand and learn the tools required. This is a time-to-market or time-to-mine issue.

pcm81 didn't make any manufacturing yield claims, but other people did. The Bitcoin hasher is so repetitive that if correctly designed, with a trivial set of clock-disable-bits, the overall yield would be nearly 100% useable chips. Only the chips with faults in the I/O or clock circuitry would have to be rejected.

Some other people also made wild claims about testing effort and expense. Well, SHA-2 is essentially self-testing: it either fully works or fails nearly every test. There are no hidden states  or data-conditional decision making in the algorithm. The test plan for the chip would be as trivial as it gets.

The "millions of dollars" price tags for NRE are just flights of fancy. This really is a project that could be done by a single ASIC engineer over a series of lunch breaks provided that he has both access to and experience with the required toolchain.
donator
Activity: 1731
Merit: 1008
I know little about import laws of crypto IPs but this is what make sense to me.

Since bitcoin mining ASICs simply cannot be used to encrypt or decrypt anything....
I would then wonder if having an SHA core isolated from interconnects on the chip would cause concern.

The hash comparison is done against a specific hash mask of X difficulty level. Not some fixed hashes and even less a list of hashes.
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
Seriously, to prove I ain't got no clue, I'm rooting for the guy, but seeing I may be on the wrong team.

I think you are pulling our leg...
1. 10,000+ posts
2. you are cheering for a guy with IQ 111 (above 110 is considered above average)
...
 and you say you got no clue...

I'm serious, pcm81. When it comes to this stuff, I'm lost. BTW, the guy I'm cheering for is you, not some other. Currently, I'm in your camp till better tasting marshmallows are provided at the other(s).
staff
Activity: 4242
Merit: 8672
Now imagine that I hacked the webserver and stole the file which has the hash value of your password. I still can't log in and take your money; i need to find a string which will hash to the same value as the hash of your real password, then use that string to log into the banks server and take your money. There are many strings which would match hash value of your password, but the only way i can find one of them is to start hashing all of the possible strings, until i find one whose hash matches the hash of your password. This is why SHA-256 is under export control.
Password stretching is a very niche use-case of hash functions— one that is better done with specialized hard to compute functions instead of generic hash functions, only incompetent software uses a plain cryptographic hash—   and it is not an application which is of general interest to the US government and certantly not one of interest for the export restrictions, which — as I have pointed out to you, _specifically_ exempt authentication (what you're talking about).

Quote from: US Government
(I'd link to the actual regulations but they're spread out across four places and their updated and appendices)

Moreover, your example doesn't actually match your bogus claim— searching for a password requires the password to be weak. Finding a random collision would take time proportional to the size of the hash (e.g. on the order of 2^127 invocations of the hash) and you run into problems with their not being enough energy available on earth. The idea that you think that this is a method for general _decryption_ is why people are laughing at you.

Nevermind the fact that at least one of the companies is doing the design _in_ china— sha256 is, after all, a well documented standard (and the export of cryptographic source code _can_ _not_ be restricted, see bernstein v. us).
Pages:
Jump to: