1994-07-28 - Re: DES Vulnerable, Why?

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: KentBorg@aol.com
Message Hash: 5bc2c38b6b7dcfc14780483506bf16635046b2c776a66d60777eb7fb21d1f3cf
Message ID: <199407281723.KAA10659@netcom13.netcom.com>
Reply To: <9407281012.tn288310@aol.com>
UTC Datetime: 1994-07-28 17:23:41 UTC
Raw Date: Thu, 28 Jul 94 10:23:41 PDT

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 28 Jul 94 10:23:41 PDT
To: KentBorg@aol.com
Subject: Re: DES Vulnerable, Why?
In-Reply-To: <9407281012.tn288310@aol.com>
Message-ID: <199407281723.KAA10659@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Kent Borg writes:

> It seems the TLAs (in a weak moment) let slip that DES was getting old and
> creaky and vulnerable.  The story is that that is what sent the TLAs off on
> their search for a new encryption standard.  (Unfortunately, they got their
> mission reversed and decided the need was to *read* plaintext not encrypt
> it.)

"Can DES be broken?" is of coarse the hoariest of FAQs, so I won't
address it here. Suffice it to say there are literally thousands of
posts in the sci.crypt archives about DES weaknesses, DES-busting
machine designs, etc.

What I want to comment on here is the idea that the TLAs have
_recently_ or _inadvertently_ revealed the weakness of DES. Not so.

Back in 1986-7 there was a major effort to have DES replaced with a
new encryption standard. I don't recall the name for the program, but
it had the support of several chip companies (Intel, AMD, etc.) and
was, I seem to recall, mentioned prominently in the National Computer
Security Act of 1987.

The new standard involved hardware security--thus it was not a new
algorithm per se (but DES is supposed to be done in hardware, too).

Maybe one of you out there remembers the name of this program, and
knows more about why is just fizzled out. I don't want to sort through
old boxes of magazine clippings to find the articles.

The main point is that the chief reason given was that DES was at the
end of its life. Actually, most folks are utterly surprised it's
lasted as long as it has...Diffie and Hellman's paper in the mid- to
late-70s predicted a lifespan of not much more than 10 years.

Triple DES has given it a few more years of breathing room.


--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."




Thread