1995-08-17 - Re: Breaking DES anyone? (was: Breaking RC4-40 for less)

Header Data

From: fc@all.net (Dr. Frederick B. Cohen)
To: aba@dcs.exeter.ac.uk
Message Hash: 2e6d954eb1616c6ab056d1d610a2e10bbbe49e74fe1811b92c794515ed66ba5c
Message ID: <9508171825.AA26001@all.net>
Reply To: <8875.9508171811@exe.dcs.exeter.ac.uk>
UTC Datetime: 1995-08-17 18:27:24 UTC
Raw Date: Thu, 17 Aug 95 11:27:24 PDT

Raw message

From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 17 Aug 95 11:27:24 PDT
To: aba@dcs.exeter.ac.uk
Subject: Re: Breaking DES anyone? (was: Breaking RC4-40 for less)
In-Reply-To: <8875.9508171811@exe.dcs.exeter.ac.uk>
Message-ID: <9508171825.AA26001@all.net>
MIME-Version: 1.0
Content-Type: text


> Nice idea and one which works for pure RC4, but unfortunately not for
> 128 bit, 88 bit known + 40 bit unknown "export" SSL.
> 
> Netscape's SSL uses "40 bit keys" that are composed in a strange way:
> you are given 88 bits of known key, and this is combined with the 40
> bit key, to give a 128 bit key.  That key is used to do the
> encryption.  The problem is that this has a unix password salt like
> effect, only this time there are 88 bits of salt rather than 12 bits.
> So this means that you can't precompute anything on the 40 bits as the
> 88 bits are randomly generated, and likely vary with each session.

Ah!!!

Then here's my next alternative attack.

By a 100x100 Transputer (about \$120,000 to make one) and program it to
crack the SSL running 10,000 parallel computations.  If it takes 2 years
for the whole keyspace for each computer, it takes 1.75 hours to span
the whole key space.  Taking a 3 year write-off time and spending
$30,000 per year for maintenance, this comes to $70,000 per year, or
$14.08 per cracked key.  If I do 1,000 keys in parallel, that reduces
the cost to 1.4 cents per key.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




Thread