1997-01-24 - [DES] DES Key Recovery Project, Progress Report #7

Header Data

From: Peter Trei <ptrei@ACM.ORG>
To: cryptography@c2.net
Message Hash: e586b5749aba7203085f6c2697fafa15de34a8afea3f7cc0cdca6247415a5ee9
Message ID: <199701241856.KAA03668@toad.com>
Reply To: N/A
UTC Datetime: 1997-01-24 18:56:52 UTC
Raw Date: Fri, 24 Jan 1997 10:56:52 -0800 (PST)

Raw message

From: Peter Trei <ptrei@ACM.ORG>
Date: Fri, 24 Jan 1997 10:56:52 -0800 (PST)
To: cryptography@c2.net
Subject: [DES] DES Key Recovery Project, Progress Report #7
Message-ID: <199701241856.KAA03668@toad.com>
MIME-Version: 1.0
Content-Type: text/plain

DES Key Recovery Project, Progress Report #7
Friday, Jan 23 1997
Peter Trei

Next Tuesday morning, 9AM, RSA is scheduled to release 
the 'real' $10,000 DES challenge data. 

My software is in a state where it can be used for the
challenge, though there is room for improvement. 

It currently tests about 185,000 keys/sec on my 90MHz
machine. This translates to about 205,000 keys/sec on
a 100 MHz machine. I still have to replace my DES round,
which takes 25 clock cycles, with Svend Mikkelsen's, which
takes only 18. Since the DES rounds are well over 80% of
the work,  this should boost the speed to over 
250,000 keys/sec at 100 MHz. If I'm lucky, I'll perform
this conversion over the weekend.

I've sent out early betas to a few people for porting,
but have had no feedback yet.

I've approached several restricted FTP sites as possible
distribution sites, and have had some positive responses,
but nothing definitive yet. I'm being pretty strict in
my interpretation of EAR for this purpose.

In advance of the challenge, I'm willing to email copies
as a ~100k uuencoded zip file to people, but to do so, you must
comply with the following:

1. Send the request to ptrei@acm.org, NOT trei@process.com.
   I won't be able to read the latter for the next 10 days.

2. Include your 'true name' and residence address, as
   well as the email address to which it should be sent,
3. A statement of your nationality. I'll mail it only
   to US Citizens, Canadian citizens, and US Green Card 
   holders, residing in the US or Canada.

4. A statement to the effect that you understand that this
   is restricted code, and that cannot be exported or 
   given to non-US/Canadian citizens

I'm going to hold this information in strict confidence, and
will surrender it only to a valid court order. It's similar
to what you have to go through to download the domestic
version of Netscape Navigator or PGP from MIT.

You are free to distribute the software further. If you've
complied with the requirements above, I believe that at that
point I've done more than due diligence under ITAR/EAR.

My software gets it's challenge data either from a text
file cut-and-pasted from the RSA page, or from internally
stored data. Tuesday night, I'll recompile the program with
the real challenge data, and redistribute.

My version runs on WinNT or Win95, on 486's and above. It's
set up as a console app, which can run in background. I don't
yet have a version for Win 3.1 or below 486, but may do in
the future.

The software is set up in such a way that it can be used
either on a standalone system, or in a LAN environment with
shared disks.  The latter has a slightly more complex setup, 
but will allow many machines to share one executable and
results file. 

I envisage people installing one copy on a shared disk in
their workplace, and then adding the appropriate commands
to the autoexec.bat file of every machine they can, so the 
program will start running whenever the machine is booted.
(I HOPE you get permission!).

The distribution includes both source and the Win32 executable.
The source includes both fast Intel assembler, and much slower
generic 'C'. There's nothing that's really Microsoft specific
in the code - it should be easy to port to other systems with
32 bit or better processors. I'm attempting to do a 'PGP style' 
distribution with a signed, nested zip file.

The signing key I'm using is available at
(I hope I've done this right).

I'm only going to send out signed archives. If you get one
where the signature fails, or one lacking a signature, I
repudiate it - and you should be suspicous of it.

I'll be trying to set up that URL as a page describing the
project, with info on other efforts, and FAQs. 

Once the challenge starts, I hope you'll all evangelize it
to your friends and acquaintences. I'd like to see 100,000
machines trying for the $10,000.

All next week I'm in the San Francisco area (I'm flying out in
a couple hours). I'll be attending the Verisign Partner's Day on
Monday, and I'll be at the RSA Data Security Conference Tuesday
through Friday. I'll be trying to read cypherpunks and coderpunks
at least once a day, along with checking mail to ptrei@acm.org.
I can't read cryptography@c2.net from an archive, so I will not
see it unless it cc's ptrei@acm.org (Perry, could you temporarily
subscribe ptrei@acm.org?)

Happy hunting!

Peter Trei