From: Dale Thorn <dthorn@gte.net>
To: Steve Reid <steve@edmweb.com>
Message Hash: 8c99fc6535feb4c6502fd89904fbd518e44412a50cf69b5ae1929281f1d476bd
Message ID: <32705CB4.50D8@gte.net>
Reply To: <Pine.BSF.3.91.961024162358.314A-100000@bitbucket.edmweb.com>
UTC Datetime: 1996-10-25 06:24:21 UTC
Raw Date: Thu, 24 Oct 1996 23:24:21 -0700 (PDT)
From: Dale Thorn <dthorn@gte.net>
Date: Thu, 24 Oct 1996 23:24:21 -0700 (PDT)
To: Steve Reid <steve@edmweb.com>
Subject: Re: [DES] Random vs Linear Keysearch.
In-Reply-To: <Pine.BSF.3.91.961024162358.314A-100000@bitbucket.edmweb.com>
Message-ID: <32705CB4.50D8@gte.net>
MIME-Version: 1.0
Content-Type: text/plain
Steve Reid wrote:
> > There are methods of protecting against some forms of sabotage:
> > The running XOR of the round 15 output will always ensure that the
> > keyspace has been searched, but requires duplicated work to check,
> > and the half-match method should work well on large blocks; if the
> > half-matches are distributed evenly, there should be a few in each
> > 31 bit chunk.
> Let's consider a worst-case, but entirely possible, scenario:
> The NSA doesn't like what we're doing. They want DES to be seen as strong,
> so they try to disrupt the effort.
> The NSA presumably has a large DES cracking machine. They use this to
> determine the key, then send a message to the servers saying that they've
> searched that space and not found the key. So, because everyone thinks the
> space has already been unsuccessfully searched, that space is avoided and
> the key is never found.
> This not only works for the NSA, but for any organization who can afford
> to brute-force DES and find the key before we do.
> Certainly any organization with a DES cracker wants DES to be considered
> secure. That way, people will continue to use DES and the cracking machine
> will still be of use.
Speaking of the NSA, someone there once said "never underestimate what your enemy is
willing to do to crack your code" (quote approx.), and you can extrapolate from that
"never underestimate the power of disinformation".
Return to October 1996
Return to “Dale Thorn <dthorn@gte.net>”
Unknown thread root