From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 22 Jun 1996 05:40:52 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: Federal Key Registration Agency
In-Reply-To: <Pine.SUN.3.94.960620211746.20271D-100000@viper.law.miami.edu>
Message-ID: <199606211154.HAA02180@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Froomkin writes:
> I have seen the text of the speech.  The wire service accounts wildly,
> wildly exaggerate.  This is a non-story...except for AG Reno's assertion
> that it would take the government a year to break one DES message with a
> "supercomputer".  She presumably believes this.  We know the number for
> known plaintext attacks, but assuming you don't have a known plaintext,
> what's a more reasonable assumption? 

Known plaintext isn't needed for any brute force DES attack. Indeed,
our own Dave Wagner showed in a paper not that long ago how to
automate the process of detecting a good key.

The numbers in the Blaze et al paper are very realistic on this. A
year is total bull -- not even within several orders of magnitude of
accuracy.

Perry