Archive:Article of the Week: Difference between revisions
imported>Milton Beychok No edit summary |
imported>Milton Beychok (Weekly change) |
||
Line 27: | Line 27: | ||
|- | |- | ||
| <!-- article --> | | <!-- article --> | ||
| <!-- supporters --> | | <!-- supporters --> | ||
| <!-- specialist supporters --> | | <!-- specialist supporters --> | ||
| <!-- score --> | | <!-- score --> | ||
|- | |- | ||
Line 73: | Line 73: | ||
Do not edit anything else - the following line changes the Welcome page automatically. | Do not edit anything else - the following line changes the Welcome page automatically. | ||
--> | --> | ||
<onlyinclude>{{Featured Article| | <onlyinclude>{{Featured Article|Brute force attack}}</onlyinclude> | ||
<!-- | <!-- | ||
Move previous winner articles to the next section | Move previous winner articles to the next section |
Revision as of 19:54, 12 August 2009
The Article of the Week is an article chosen by vote among Citizens as exemplifying various qualities we like to see in a Citizendium article; see our article standards.
Add New Nominees Here
To add a new nominee or vote for an existing nominee, click edit for this section and follow the instructions
Nominated article | Supporters | Specialist supporters | Score |
---|---|---|---|
Mauna Kea | Drew R. Smith, Joe Quick | 2 | |
Transclusion of the above nominees (to be done by an Administrator)
- Transclude each of the nominees in the above "Table of Nominees" as per the instructions at Template:Featured Article Candidate.
- Then add the transcluded article to the list in the next section below, using the {{Featured Article Candidate}} template.
View Current Transcluded Nominees (after they have been transcluded by an Administrator)
The next article (or draft) of the week will be the article with the most votes at 1 AM UTC on Thursday, 13 August 2009. The honors were done this time by Milton Beychok 02:19, 6 August 2009 (UTC)
Text in this section is transcluded from the respective Citizendium entries and may change when these are edited.
Nominated article | Supporters | Specialist supporters | Score | |||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Mauna Kea: One of the three main volcanic mountains on Hawaii, the biggest island in Hawaii (U.S. state). [e]
Mauna Kea is a dormant volcano in the U.S. state of Hawaii (U.S. state), one of five volcanoes which together form the island of Hawaiʻi. Mauna kea means "white mountain" in the Hawaiʻian language, a reference to its summit being regularly covered by snow in winter. The peak of Mauna Kea is 13,796 ft (4205 m) above sea level but about 33,000 ft (10000 m) above its base on the floor of the Pacific Ocean. It is the world's tallest mountain by this measure, taller than Mount Everest, which is the highest mountain above sea level. Pu`u Wēkiu is the highest of the numerous cinder cones on the summit plateau. It is also the highest point in the state. Mauna Kea can be reached via the Saddle Road. Physical ResourcesMauna Kea stands approximately 13,796 ft (4205 m), or 33,000 ft (10000 m) from the ocean floor. Three cinder cones (pu`u) make up the summit of Mauna Kea (Pu`u Hau`oki, Pu`u Wēkiu, Pu`u Haukea), collectively referred to as Pu`u o Kūkahau`ula. Mauna Kea is the highest point in the Pacific Basin and the highest island-mountain in the world. Mauna Kea was listed as a National Natural Landmark in 1972. There is also evidence of glaciers that covered nearly 27-square miles of the summit region during the Pleistocene Epoch (Ice Ages) approximately 18,000 years ago. GeologyMagma pushed up through the oceanic crust began building Mauna Kea approximately 750,000 years ago. Throughout its building stages, lava flowed from three main rift zones, forming a volcano resembling a warrior's shield. At the end of the shield stage eruptions became more explosive, discharging magma referred to as tephra. These eruptions created the numerous cinder cones dotted across the highest elevations of Mauna Kea. During the Pleistocene Epoch (Ice Ages) the summit region of Mauna Kea, was covered with glaciers. It is believed that melting of the glaciers was the first source of water for Lake Waiau. ClimateAbove 7,000 ft (2100 m), the upper slopes and summit region of Mauna Kea are classified as high alpine desert, above the trade wind inversion, where the air is dry and cool. During winter months (November-April) low-pressure systems tend to inhibit formation of the inversion layer, permitting increased precipitation, including snowfall at the summit. Annual precipitation ranges from 7-18 inches (18-46 cm) in the summit area to 12-20 inches (30-51 cm) at Hale Pōhaku. Flora and FaunaMauna Kea can generally be divided into two ecosystems; the subalpine ecosystem, which is at 5,600 ft (1700 m) to 9,500 ft (2900 m), and the alpine ecosystem, which is occurs above 9,500 ft (2900 m). Hale Pōhaku occurs in the upper reaches of the subalpine ecosystem, while the Mauna Kea Science Reserve occurs in the alpine ecosystem. Subalpine Flora and Fauna (Hale Pōhaku and Access Road)The subalpine pant life consists of māmane forests and understory plants including; alpine hairgrass, pili uka, `āheahea, pūkiawe, nohoanu, kalamoho, `iwa`iwa, olali`i, littleleaf stenogyne, and mā`ohi`ohi. Hawai`i catchfly, a threatened species under the Endangered Species Act (ESA), has been observed there as well. Invasive weeds such as grasses and common mullein also inhabit the area and appear to be increasing in abundance. Māmane forests once ranged from sea level on the leeward side of Mauna Kea up to the tree line, however they have been pushed back, and greatly decreased due to habitat alteration, and invasive plant and animal species that inhibit the growth of Māmane trees. The subalpine animal life consists of a wide variety of native arthropods (insects, spiders), palila, `amakihi, `apapane, `elepaio, `kiapola`au, `i`iwi, as well as many species of non-native birds and mammals (e.g. cats, rats, barn owls, and mongoose). Alpine Flora and Fauna (Mauna Kea Science Reserve)Alpine plant and animal communities on Mauna Kea begin just above the treeline, at approximately 9,500 ft (2895.6 m), and rise to the summit of the mountain at 13,796 ft (4205 m). The alpine communities can be divided in shrublands, grasslands, and desert, though they all can be described as barren, and no clear line exists between any of the groups. Alpine Shrublands and GrasslandsAlpine shrublands are inhabited mainly by pūkiawe, ōhelo, Mauna Kea dubautia, Hawaiʻian bentgrass, pili uka, Douglas' bladderfern, kalamoho, `olali`i, `iwa`iwa. Now rare, historically common species included `āhinahina (Mauna Kea Silversword), lava dubautia, `ōhelo papa (Hawaiʻian strawberry), `ena `ena, nohoanu and alpine tetramolopium. Non-Native invasive species include hairy cat's ear, sheep sorrel, common mullein, and fireweed. Relatively few animals have been documented to frequent this region. Mauna Kea Summit – Alpine Stone DesertThe plant community at the summit consists of mosses, lichens, and algae, and a limited number of vascular plants, predominantly the same species found in the alpine shrublands and grasslands. Lichens and mosses have the most diversity of any of the plant life found at the summit. A survey of the summit found 21 species of lichens, plus five possible others. Around half of the lichen species found on Mauna Kea are endemic (found only in Hawai`i), two of which (Pseudephebe pubescens and Umbilicaria pacifica) are limited to Mauna Kea alone. Mosses occur where water availability is more consistent, such as under overhanging rocks and in shaded crevices or caves where snow melts slowly. A survey identified approximately 12 species most of which are indigenous to the Hawaiʻian Islands. The animal community at the summit consists almost completely of arthropods. The arthropod community on the summit is highly unusual in that it is mostly made up of predators and scavengers, and there are very few species that rely on plants as their sole food source. Surveys conclude that 21 resident species, and 14 species of undetermined origin have been observed in this region. Cultural SignificanceSacredness of Mauna KeaAs with other cultures throughout the world, early Polynesians believed their highest points of land were the most sacred. In Hawaiʻi, tradition tells us that the highest and most sacred places were Mauna Wai`ale`ale on Kaua`i; Mauna Ka`ala on O`ahu; Mauna Haleakalā on Maui; and Mauna Kea on Hawaiʻi. Mauna Kea, being the highest point throughout the Pacific, has been considered by many to be the most sacred of all. Mauna Kea was host to religious practices, study of the heavens, and tool making in the Keanakāko‘i Adze Quarry. The Highest Portal to the Hawaiʻian UniverseMauna Kea is the mountain altar of Wākea, also known as the celestial father. Wākea is the ancestor of the indigenous Hawaiʻian race. A Sacred Spiritual Burial GroundAccording to traditional accounts, Pu`u Lilinoe, named for the goddess of mists and Lilinoe, was buried in a cave near the summit of Mauna Kea. Aside from this legend, there are many confirmed and suspected burial grounds of Kahuna (chiefs) and Ali`i (priests) on the upper slopes, and the summit platuea of Mauna Kea. The Source of LifeMauna Kea makes up a large part of the islands aquifer. It is believed that Poli`ahu (snow), Lilinoe (mist) and Waiau (ice) are the female waters in perpetual intercourse with Wākea for the furtherance of all life. TelescopesThere are currently thirteen telescopes near the summit of Mauna Kea. Nine of them are for optical and infrared astronomy, three are for submillimeter wavelength astronomy and one for radio astronomy. They include the largest optical/infrared telescopes in the world (the Keck telescopes), the largest dedicated infrared telescope (UKIRT) and the largest submillimeter telescope in the world (the JCMT). Viewing TimeThe University of Hawai`i receives 10 to 15 percent of each telescope’s viewing time in place of a monetary rental fee. This telescope time is allotted to UH scientists to conduct research. Telescope organizations pay for operational and infrastructure development costs on Mauna Kea, such as roadway improvements, installation of fiber optics, operation of the Visitor Information Station, and snow removal. See also
Related ArticlesParent topics
Subtopics
|
Drew R. Smith, Joe Quick | 2
| ||||||||||||||||||||||||
Brute force attack/Draft: Add brief definition or description Brute force attack/Draft (Read more...) |
Meg Ireland, Milton Beychok, Peter Schmitt | Alexander Wiebel, Howard C. Berkowitz | 7
|
Current Winner (to be selected and implemented by an Administrator)
To change, click edit and follow the instructions, or see documentation at {{Featured Article}}.
This article may be deleted soon. | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
A brute force or exhaustive search attack is an attempt to break a cipher by trying all possible keys in a systematic manner. Finding a key by brute force testing is theoretically possible, except against a one-time pad, but the search time becomes practical only if the number of keys to be tried is not too large. The size of a number or string key determines, due to combinatorics, the number of keys to be tried, so larger-sized keys generally take longer to test when doing an exhaustive search. Brute force is by no means the only attack against a cipher; there are many other techniques under the general heading of cryptanalysis. Also, the system may be weak in various ways that have little to do with the cipher itself — easily guessed passwords, poorly chosen keys, poorly designed protocols, implementation bugs, and so on. In general, cryptanalytic attacks depend on the specifics of the cipher design. Many of them involve sophisticated mathematics or subtle insights into the cipher's workings. However, brute force is a simple technique that is guaranteed to succeed (eventually!) against any cipher. It requires no subtlety or insights; all the attacker has to do is run test encryptions until he finds the key or gives up. The cost is easily evaluated since it depends only on the size of the key and the cost of test encryptions. Brute force is therefore used as a sort of benchmark in evaluating any other attack. An attack that is more expensive than brute force is of little interest to the theorist, or to the cryptanalyst trying to crack a cipher, since he already knows a cheaper attack. Any attack significantly better than brute force, however, indicates a weakness in the cipher that is certainly of interest to the theorist and may be to the cryptanalyst. For an ideal cipher, there is no attack better than brute force. If the key size is enough to make brute force impractical, then all attacks on such a cipher will be impractical. In practice, the requirement is often reduced to "no known attack significantly better than brute force". In the simplest brute force attack, the attacker has some known plaintext so that he can tell which is the correct key: it encrypts that plaintext to the intercepted ciphertext or decrypts the ciphertext to the plaintext. However, there are variants of the attack based on more limited knowledge of text properties. For example, the attacker might know the plaintext is in the ASCII character set. The top bit of every ASCII byte is zero; only one of 28 keys will give that result in any given byte, so in attacking a block cipher the attacker can quickly immediately eliminate most candidate keys if he knows the plaintext is ASCII. If each block has n bytes, only one key out of 28*n will give zero bits in all the right places. If he also knows that it is English text, additional simple rules can be used to reject possible keys. Some ASCII characters do not appear in English text, so a result containing them can be rejected at once. More heuristic rejection rules can use character frequency or word recognition. It would be quite difficult to get a computer to recognise intelligible English with 100% reliability, but it is quite feasible to get it to reduce the possibilities far enough that a human can easily do the rest. Symmetric ciphersFor a symmetric cipher longer keys protect against brute force attacks. Each extra bit in the key doubles the number of possible keys and therefore doubles the work a brute force attack must do. With an n-bit key, there are 2n possible keys. On average, a brute force attack must test half of them, performing 2n-1 encryptions, to find the key. A large enough key makes any brute force attack wildly impractical. For example, the Electronic Frontier Foundation (EFF)'s DES Cracker [1] (a $200,000 machine specifically designed and built to speed up brute force against the Data Encryption Standard) searched a 56-bit key space in an average of a few days. Assume an attacker that can find a 64-bit key (256 times harder) by brute force search in a second (a few hundred thousand times faster). For a 96-bit key, that attacker needs 232 seconds, about 135 years. Against a 128-bit key, he needs 232 times that, over 500,000,000,000 years. The protected data is then obviously secure against brute force attacks. Even if our estimate of the attacker's speed is off by a factor of a million, it still takes the attacker over 500,000 years to crack a message. This is why single DES with its 56-bit key is now considered dangerously insecure, most of the post-DES generation of block ciphers used a 128-bit or longer key, and Advanced Encryption Standard (AES) ciphers support key sizes 128, 192 and 256 bits. The question of how large a key is "large enough" has been extensively studied. An analysis by a group of well-known people [2] recommended minimum values as of 1996: 75 bits for existing ciphers to be considered secure and 90 bits for any new ciphers deployed. Computers improve roughly in accord with Moore's Law, twice as fast every 18 months, so symmetric ciphers need about one extra bit of key every 18 months to keep up. At that rate, we should stop deploying new 128-bit ciphers around 2050. Public-key SystemsFor public key systems the relation between key size and security is more complex. Here an attacker has the public key, and that is mathematically related to the private key. He need not try all possible keys, only solve a math problem. For example, to break a 256-bit key used in the RSA cryptosystem, he has to factor a 256-bit number. This is not easy, but it is far better for the attacker than a brute force search. The question then is not how big the key needs to be to defeat brute force, but how big it needs to be to make the math problem hard enough for the security requirement. In general, the difficulty of such math problems does not increase exponentially — doubling for each extra key bit — as for symmetric ciphers, but more slowly. Asymmetric keys therefore often need to be larger than symmetric keys for the same security levels. For example, RSA keys of 1024 bits or more are commonly used. Choosing key sizesResisting brute force is the first consideration in choosing the key size for a cipher, but far from the only one. Inadequate key length always indicates a weak cipher but adequate key length does not necessarily indicate a strong cipher. There are many attacks other than brute force, and adequate keylength only guarantees resistance to brute force. Any cipher, whatever its key size, will be weak if design or implementation flaws allow other attacks (see cryptanalysis), and even a strong cipher will not provide security unless it is used correctly. In a famous historical example, the allied ULTRA project read many German ciphers throughout World War II. The Germans wrongly believed their Enigma machine was unbreakable, largely because it involved too many combinations for a brute force attack. They were correct about brute force; the machine was in fact invulnerable to that in an era without computers. However, Enigma fell to a sophisticated mathematical attack, much aided by various procedural errors by German cipher clerks. Once you have adequate key length, adding more key bits make no practical difference, even against brute force. Consider our 128-bit example above that takes 500,000,000,000 years to break by brute force. We really don't care how many zeroes there are on the end of that, as long as the number remains ridiculously large. That is, we don't care exactly how large the key is as long as it is large enough. There may be reasons of convenience in the design of the cipher to support larger keys — for example Blowfish allows up to 576 bits and RC4 up to 2048 — but beyond 100-odd bits it makes no difference to practical security. That said, one might choose to use longer keys, say 256 bits rather than 128, on the principle that this offers some protection against a cryptanalytic attack that might weaken the cipher without completely breaking it. Suppose an attacker discovers a bit of cleverness that reduces the effective key length to half the actual key length. He can break the 128-bit cipher with the cleverness plus a brute force search of the reduced 64-bit key space, clearly feasible for an attacker with large resources. Against a 256-bit key, however he is stymied; even after the cleverness he has a 128-bit space to search and this is thoroughly infeasible. The US government already requires [1] 192 or 256-bit AES keys for top secret data, though 128-bit keys may be used with lower classifications. Related attacksSometimes brute force is used as the final stage of another attack. For example, in the original paper [3] on differential cryptanalysis, the differential attack gives 48 bits of the 56-bit DES key and the remaining 8 are found by brute force. Some ways of combining of ciphers are vulnerable to a meet-in-the-middle attack. Against double DES with two independent 56-bit keys, for example, the attacker need not search among the 2112 possible key combinations; there is a meet-in-the middle attack with cost only 257 if you have enough memory, and not too much more if memory is constrained. This is why triple DES rather than double DES is used in practice; a meet-in-the-middle attack against it needs 2112 operations. In looking for collisions in hash functions, an attacker can use a birthday attack. This works a bit like meet-in-the-middle; instead of trying all possible inputs and looking for one particular result, you do a large number of hashes, store the results and then do more hashes looking for any match. In general, for a hash of 2n bits, only 2n/2 trials are needed. Two other attacks — an algebraic attack and a code book attack — are similar to brute force in that they can, in theory, break any symmetric cipher but in practice they are wildly impractical against any reasonable cipher. References
Previous Winners{{rpl|Cruiser (August 5)
Rules and ProcedureRules
Voting
Ranking
Updating
AdministratorsThese are people who have volunteered to run this program. Their duties are (1) to ensure that this page remains "clean," e.g., as a given article garners more votes, its tally is accurately represented and it moves up the list, and (2) to place the winning article on the front page on a weekly basis. To become an administrator, you need not apply anywhere. Simply add your name below. Administrator duties are open to editors and authors alike. ReferencesSee Also
|