1996-07-24 - Re: Brute-forcing DES

Header Data

From: Steve Reid <root@edmweb.com>
To: tcmay@got.net
Message Hash: f612aba1269c9a4bad33b0090d3871df31a209352de082b66449c49ed0e7b360
Message ID: <Pine.BSF.3.91.960723151253.191A-100000@bitbucket.edmweb.com>
Reply To: N/A
UTC Datetime: 1996-07-24 14:54:05 UTC
Raw Date: Wed, 24 Jul 1996 22:54:05 +0800

Raw message

From: Steve Reid <root@edmweb.com>
Date: Wed, 24 Jul 1996 22:54:05 +0800
To: tcmay@got.net
Subject: Re: Brute-forcing DES
Message-ID: <Pine.BSF.3.91.960723151253.191A-100000@bitbucket.edmweb.com>
MIME-Version: 1.0
Content-Type: text/plain


> Specialized DES-cracker chips have of course been considered. Diffie and
> Hellman's nearly 20-year-old paper on cracking DES considered this.
> Wiener's calculation of a few years ago did more that this: he also
> architected a basic system. And the "how many bits is enough?" (sorry I
> don't have the official name on the tip of my tongue) panel considered such
> designs last year.

Yep, I'm familiar with the issue.

Bottom line is, it'll take thousands of times the CPU power of the RC4-40
crack. Probably not 2^16 times more; I think RC4 has a longer
initialization. 

> But actually building a DES cracker entails a level of commitment very
> difficult to achieve in an informal, volunteer effort. Not exactly
> something that 10 or 20 people can work on usefully.
> The advantage of the cracks done last year, the French and Australian
> cracks, and the MIT cracks, were that the "entry costs" for joining the
> project were low.

I'm not talking about one individual or organization building one big DES
cracker. I'm thinking that DES chips _could_ be used to supliment the PCs
in a distributed crack. People with PCs would feed keyspace through their
PCs and people with DES chips could feed keyspace through their DES chips.
DES chips just happen to have a _lot_ more cracking power than PCs, so
they could make a big difference. Adding one DES chip would be like adding
hundreds of PCs to the effort. PCs will probably still be the main factor
simply because they're ubiquitous. 

Even with a bunch of DES chips and a massive legion of PCs, this is going
to take a long time. Perhaps we should be looking at the thousands of
computers and many months, more like the RSA-129 crack than the RC4-40
crack. 

>From "The Magic Words Are Squeamish Ossifrage":
> We believe that we could acquire 100 thousand machines without 
> superhuman or unethical efforts.

If Lenstra et al know what they're talking about, then WE CAN DO THIS!!!


=====================================================================
| Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/)    |
| Email: steve@edmweb.com   Home Page: http://www.edmweb.com/steve/ |
| PGP (2048/9F317269) Fingerprint: 11C89D1CD67287E68C09EC52443F8830 |
|          -- Disclaimer: JMHO, YMMV, TANSTAAFL, IANAL. --          |
===================================================================:)







Thread