Topic: The performance claims and prices are unrealistic - page 3. (Read 5306 times)

I think you are pulling our leg...
1. 10,000+ posts
2. you are cheering for a guy with IQ 111 (above 110 is considered above average)
...
 and you say you got no clue...

I feel generous, so i am going to teach you a little something about hashes. When you create a web account for you online banking, the banks server does not actually store your password. The banks server stores SHA-256 (being extremely optimistic) hash of your password. When you log in the web server compares stored hash to the hash of the password you provided. If the two match, you are in. Now imagine that I hacked the webserver and stole the file which has the hash value of your password. I still can't log in and take your money; i need to find a string which will hash to the same value as the hash of your real password, then use that string to log into the banks server and take your money. There are many strings which would match hash value of your password, but the only way i can find one of them is to start hashing all of the possible strings, until i find one whose hash matches the hash of your password. This is why SHA-256 is under export control. Imagine if i had a super computer doing 1PHps, it would take me less time to randomly find a string which matches your passwords hash. So, US gvt restricts export of SHA-256 to Export Licensed companies. It does not mean it can not be exported, it just means company doing the export/import needs export/import license. Sending SHA-256 cores to china for assembly would require export license.

Seriously, to prove I ain't got no clue, I'm rooting for the guy, but seeing I may be on the wrong team.

In reality this is an infinite loop that produces no results.  It is more likely that all of the oxygen in the room you are in is distributed poorly and none of it is near you.

You've managed to link to something unrelated to your comment, try again. And, no— I'm quite sure I haven't broken the law.

This thread delivers!

pcm81, please, please keep posting.  I haven't laughed like this in weeks.  Hand drawn ASIC masks, mythological export restrictions.  Can't wait to hear what you think of next.

Congratulations, you may have broken US law.
See item #10
csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf

If SHA algorithm you used was not for 256 bits, it may not have required license.

Albeit not the most technical guy here, I find this thread informative, even believing pcm81, but I see doubters, and am getting confused. I dearly seek the truth on this issue, and hope a civil dialog continues.

Hilarious!

No, I actually produced fab ready images for a particular process that I had access to a cell library for, I was in fact specific about this in my post. Geesh. You're trying my patience

The link you provided is incorrect— or overly generalized. I have exported products to china commercially which implemented HMAC for authentication. It does not require a license.

You have omitted  step [2a] "Has the sun stopped shining yet?" ... what you are describing does not actually work in practice for the same reason that hashes are practically secure.

Step 1, generate random contents
Step 2, hash it
Step 3, compare to a known hash. If matches and random contents makes sense you done, if does not match loop to step 1.

ASIC just means Application Specific Integrated Circuit. So, a burned FPGA is ASIC. A very bad one, but it is still ASIC. If you want to design a real, clean ASIC then you need to take SHA-256 cores, or design your own, and wire them up manually on a wafer / pcb etc. To do this you would need to have SHA-265 cores in existence at one or more steps in the manufacturing process inside of the country you are outsourcing the manufacturing to. This is where the Export of SHA-256 to China comes into play. If you take an FPGA like spartan and have china make PCB for it and send the whole thing back, you do not need export license. If you decide to send the config file to engineer in china to burn on your FPGA or if you send him SHA-256 cores (physical chips or design schematic) to be assembled in china, you are in violation of export.

EDIT:
By violation of export i meant you are breaking US law assuming you have no export license. It does not mean you cant send it, but you would need to have US government grant you export license (Long and tedious process).

How does that work? Show me how to decrypt a SHA256 hash back to its original contents.

 

What?

This doesn't even make any sense.

Congratulations, you programmed an FPGA. This is not the same as designing a true ASIC implementation.

1. In regards to export license, see the link i provided above. SHA-256 requires export license to China. Let's say i am in outside of US fixing a broken tank. Lets say to fix it i need a light bulb from "the tourch" flashlight which is sold in US. I call my boss in US to have him buy the flashlight, take out the bulb and mail it to me. He has to add the bulb to export license, because i am going to use it to fix a tank. SHA-256 is used to encrypt data, just as it is used to authenticate a user. Export license for SHA256 core will be required, just like the export license would be required for the light bulb in example i gave. US does not allow export of cripo technology to china. You can not legally send SHA-256 cores to be assembled into a product in the Chinese factory. You can send an FPGA to china to be added to pcb and then, when it gets to US u can burn the FPGA into ASIC.

I actually did a standard cell design for a miner last year myself, starting from RTL generated off one of the open source HDL designs.  God knows if it would have actually run at an acceptable clock rate— given that I don't really know what I'm doing... but it wasn't that much work to get _something_.  A miner is insanely repetitive. The hash function is very simple. Thank god for design automation.

This is nonsense. In particular, ITAR regulations very specifically exclude authentication. I am now beginning to wonder if you aren't being purposefully dishonest instead of just confused.

Not so— Go look at what a directly wired 32-bit adder looks like compared to what actually gets implemented in an FPGA (in particular all the power lost to running the sram). FPGAs also waste a lot of power running the long wires in the generic routing mesh and waste a lot of power in additional flip-flops needed to make it time out acceptably.  All of these are avoided in a straighforward fixed design.

(I suppose I should note that the asic makers are claiming power efficiencies which are at the extreme upper envelope relative to their claimed processes of what I thought was possible from my designs, but I don't find this especially shocking as presumably they know what they're doing and I do not)

Here is an example:
http://www.cast-inc.com/ip-cores/encryption/sha-256/index.html

I have heard stuff like this a few times now. Is that true? Would that be why Avalon's stuff is just "disappearing", it's actually illegal for it to enter or leave China?

Correct, but there are 2 problems with this:
1. SHA-256 capable devices require export license, and no export to China is permitted. So you cant use china as the manufacturing site unless you just build FPGAs and then "convert" them to SHA-256 hashing devices in US.
2. The power density will not decrease as dramatically as you think. The complexity of the process will not be less, so the amount of work "gate flipping" that ASIC would need to do will be the same as it is for FPGA, the difference is that the "unused" parts of FPGA will not be sucking up power in ASIC design. I doubt that there is 90% of FPGA being currently powered on and unused in existing FPGA designs, this is what it would have to be to get 10x increase in MHPS/W in ASIC vs FPGA. The SHA single still has the power connector. It offers 10.4MH/J but for ASIC we are talking at 1000MH/J so this would mean that 99% of FPGA in the SHA single is powered on but not used for hashing... I doubt that is the case.