In message <20050303183746.DAD403700F@arioch.imrryr.org>, Roland Dowdeswell writes:

>The claim is made that there is at least O(2^256) work to crack a
>disk and O(2^384) to crack the disk if the lock sectors are destroyed.

Roland, in particular when you get into big numbers you have to
pay attention to small details.

The O(2^384) number takes the current estimate for the number of
atoms in the universe into account.

In the absense of a way to store more than one bit on every single
hydrogen atom in the universe, you cannot possibly correlate a
matrix which is 2^128 on boths sides without repeatedly recalculating
the results for one side as you iterate through the results of the
other.

The fact that you are not even guaranteed to be able to eliminate
a single candidate solution until you brute force at least 17 sectors
than two does not improve the situation any.

Poul-Henning

PS: I get a lot of bounces from various lists I'm not on.  I put
my faith in somebody forwarding my replies faithfully onto those
lists ?

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.