COPACOBANA

A Codebreaker for DES and other Ciphers

Frequently asked questions about the hardware, programming issues and commercial aspects of COPACOBANA. This page is subject to frequent changes.

FAQ

Applications

Q: Can COPACOBANA only break DES?
A: No, any symmetric cipher with up to roughly 64 key bits can be attacked with COPACOBANA. Examples include RC5 or GSM A5. Moreover, presumingly strong ciphers with a long theoretical key size can be broken if the number of required steps is less than 2^{64}. This can, for instance, be the case for ciphers with a weak key derivation function, e.g., AES with 8-character keys, etc...

Q: Can I break AES or 3DES with COPACOBANA?
A: No in general. An exceptions is if part of the key is known or if the entropy of the key is less than roughly 2^{64}.

Q: Which mode of operations can be attacked?
A: Since the core modules of COPACOBANA can be reprogrammed, all possible modes can be attacked as long as the control logic does not require much memory. Simple modes such as ECB, CBC, CFB, and CTR are subject to attacks.

Q: Can I break RSA or Diffie-Hellman with COPACOBANA?
A: RSA and DH require quite different attack algorithms than symmetric ciphers. COPACOBANA is not the optimum machine for factoring large numbers or solving discrete logarithms. However, COPACOBANA can make sense as a coprocessor for factoring attacks against RSA, as stated in this paper.

Q: Can I break elliptic curve cryptosystems (ECC) with COPACOBANA?
A: In principle, the architecture of COPACOBANA is well suited for elliptic curve attacks such as the parallel Pollard rho method. However, COPACOBANA can only attack systems with up to roughly 112 bit (unless a part of the key is known). Most ECC implementation in practice use much longer keys, often between 160-256 bits.

Q: Can I run my own application on COPACOBANA?
A: Definetely! COPACOBANA is reprogrammable. Standard VHDL and Verilog code can be compiled and loaded onto COPACOBANA. If you buy a COPACOBANA machine, it comes with a complete communication framework for the FPGA modules, the controller card and the host-PC. Own applications can simply be plugged in the framework.

Q: Can each FPGA be programmed individually?
A: Yes and no: currently, programming can be accomplished only DIMM-wise. All DIMMs can be programmed simultaneously.

Q: How is the code (architecture) on the FPGAs generated?
A: We used VHDL and Xilinx tools to compile the bit file which is loaded onto the FPGAs.

Q: Can I use COPACOBANA for applications other than code breaking/cryptography?
A: Yes, any problem that requires massive parallel computation can, in principle, be solved with COPACOBANA. One example is the Smith-Waterman algorithm for comparing DNA sequences (bio-informatics). However, the communication between the individual processors (FPGAs) is only moderately fast and has a relatively high latency. Many parallel computing problems require frequent interprocess communication, for which COPACOBANA is not optimum.

Q: Can I write my own application for COPACOBANA?
A: Yes! If you buy/ rent COPACOBANA, we provide a full framework for host-to-FPGA communication in which own applications and own code (VHDL for the FPGAs, C++ for the host PC) can be plugged in.

Hardware

Q: What was the objective when building COPACOBANA?
A: COPACOBANA was built with the two main objectives
(1) optimum cost-performace ratio and
(2) flexibility due to reprogrammability,
By using off-the-shelf componentes such as FPGAs, costs were drastically reduced compared to high-performance computers and compared to EFF's DeepCrack. Despite the high computational performance of a single COPACOBANA machine -- e.g., 48 billion DES decryptions per second -- the power supply only requires approx. 600 Watts. The physical dimension of COPACOBANA are pretty small (see gallery page). The beta-version fits into a standard 19" Rack (3 height units).

Q: How far is COPACOBANA different from EFF's DeepCrack?
A: Opposed to DeepCrack, COPACOBANA is entirely built from off-the-shelf components. At its core are reprogrammable hardware devices (FPGAs). A single machine consists of 120 FPGAs (Xilinx Spartan3-1000) and a controller board (Xilinx FPGA with MicroBlaze) and can easily be reprogrammed with custom binary files, compiled from VHDL or Verilog. DeepCrack requires much more than that. The power consumption of COPACOBANA is orders of magnitudes lower than DeepCrack.

Q: How much memory is available on COPACOBANA?
A: On the machine side, there is only the internal memory of the FPGAs and the memory of the controller board available. The usage of the FPGA's internal memory is limited by the actual application running on it. Generally speaking, you will have a few 100Kbit per FPGA. To overcome the memory shortage, some of our architectures use the (global) memory of the host PC (harddisk, RAM, etc...) which has a high latency.

Q: Does COPACOBANA run stable?
A: Yes, it has been extensively tested. It runs at moderate on-chip frequencies (200MHz) and bus frequencies (up to 60MHz, in order to allow for a reliable communication).

Q: What is the power consumption of COPACOBANA?
A: A single machine consumes not more than 600 Watts. The actual power consumption depends on the application which runs on the FPGAs.

Q: Is heat a problem with COPACOBANA?
A: Not at all. The power dissipation is pretty low, the power supply is only 600 Watts. Currrently, only standard fans are used to keep the FPGA's temperature low.

Q: What are the advantages and disadvantages of COPACOBANA compared to commercial super computers such as Cray or SG machines?
A: The optimum cost-performance ratio is the greatest advantage of COPACOBANA. However, it is not suited for all computationally hard problems since it has a comparably low communication bandwidth between individual FPGAs and between FPGAs and host, low local memory, and global memory only on the host PC.

Q: Can I run more than one COPACOBANA in parallel?
A: Yes! In the first version, COPACOBANA's host interface is USB and allows up to 127 COPACOBANA machines per USB interface. I.e., a multiple of 127 COPACOBANA machines per host-PC. In the revised version, COPACOBANA possesses an ethernet interface and is, thus, not limited to 127 devices per USB interface.

Q: What kind of host PC is needed to controls COPACOBANA?
A: A standard PC running Windows or Linux is sufficient. For the first version of COPACOBANA we used Windows with a proprietary USB interface library. The second version can be used with any OS and a library for the network stack.

Miscellaneous

Q: Is there a quick introduction about the capabilities and technology of COPACOBANA?
A: Yes, please have a look at the presentation at CHES 2006. For a brief tutorial on COPACOBANA, you can have a look at the Getting Started guide.

Q: Is COPACOBANA for sale?
A: Yes, please contact The SciEngines Team for more details. You can also rent computing time on COPACOBANA.


COPACOBANA S3-1000
RIVYERA S3-5000, further i n f o r m a t ion