From: “Perry E. Metzger” <perry@piermont.com>
To: trei@process.com
Message Hash: ac01c39e315bd0ea87daf06181d333027c594d2b893959cb7692dd8ae20e76d4
Message ID: <199610012215.SAA03702@jekyll.piermont.com>
Reply To: <199610012026.NAA28151@toad.com>
UTC Datetime: 1996-10-02 02:57:39 UTC
Raw Date: Wed, 2 Oct 1996 10:57:39 +0800
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 2 Oct 1996 10:57:39 +0800
To: trei@process.com
Subject: Re: Can we kill single DES?
In-Reply-To: <199610012026.NAA28151@toad.com>
Message-ID: <199610012215.SAA03702@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
"Peter Trei" writes:
> Since it looks like the US government will be allowing the export of
> 56 bit espionage-enabled software, it's time to kill single DES.
Double plus agreed.
> On this type of processor, it would still take 9133 years to exhaust
> a 56 bit key space. On the other hand, on 20,000 processors of this
> power it would take less than 6 months. If the target is encrypted
> in a chaining mode with an unknown 8 byte IV, the time more than
> doubles.
>
> Clearly, this goes far beyond the number of cpus available to the
> members of this list (though well within the power of most governments
> and many corporations)
>
> The best idea I've heard for recruiting this many cpu cycles is to create
> a screen saver which does DES-cracking while machines are idle.
> Another incentive is to offer a cash prize to the person(s) who find the
> key.
These are both possibilities.
> 1. Is this a good idea? What will happen if DES becomes perceived
> as insecure?
Well, I believe that we are better off if the general perception
catches up with reality.
> 2. What is the probability of success required to make it worth doing?
We need 50% success in one month to make it reasonably worthwhile.
> 3. What would be the consequences of failure?
I don't think we will fail :)
> 4. What other platforms than NT/Win95/Pentium should be considered?
> I could write a Unix demon version, but unless it's tailored for the
> cpu, a lot of efficency is lost
> (The aggregate number of idle cycles available for testing is the
> crucial number).
Other CPUs: MC68k, PowerPC, SPARC and Alpha versions, in roughly that
order.
> 5. What's a good target?
Good question :)
> Assume that the program will be a Win95/NT screen saver or
> Unix deamon.
An X screen saver would also be good. Lots of
Linux/FreeBSD/NetBSD/BSDI weenies in the world.
Perry
Return to October 1996
Return to ““Peter Trei” <trei@process.com>”