From: Vin McLellan <vin@shore.net>
Date: Thu, 6 Feb 1997 13:17:04 -0800 (PST)
To: cypherpunks@toad.com
Subject: 40-bit RC5 crack meaningless??
Message-ID: <v03007806af1ff955a4a2@[198.115.179.81]>
MIME-Version: 1.0
Content-Type: text/plain


(A gem off sci.crypt. Schwartau's mailing list is turning into the most
amazing source of misinformation or disinformation about cryptography on
the Net.  And he's probably got the most influential audience in Washington
re crypto policy. Go figure;-)
----------------
Subject: 40-bit RC5 crack meaningless??
 Date: 6 Feb 1997 11:43:58 -0500
 From: nobody@REPLAY.COM (Anonymous)
Organization: Replay and Company UnLimited
Newsgroups:  sci.crypt


Strassmann, the author of this denunciation of RSADS and
Ian Goldberg, is the former Director of Defense Information
(i.e., CIO,) of the Bush DoD and an often-insightful commentator
on business culture and computing.  Strange is the logic that
channels the mind of the American Defense Intellectual... or,
maybe he just doesn't know squat about cryptography???

(Reposted from Infowar Digest, Winn Schwartau's
moderated mailing list <mail to: infowar@infowar.com>
without permission.)

>Date: Thu, 30 Jan 1997 20:10:36 -0500
>To: "Wright Larry" <Wright_Larry@bah.com>
>From: "Paul A. Strassmann" <paul@strassmann.com>
>Subject: Further to Goldberg's Cracking Accomplishments
>Gentlemen:
>
>As I suspected (see earlier private comment), the
>highly promoted RSA cracking contest offered
>a number of clues that ordinarly would not be
>volunteered by  info-terrorists or info-criminals to
>IW Defense teams.
>
>These clues made the cracking significantly easier,
>because it made it possible to eliminate an enormous
>range of possible searches.
>
>The following was extracted verbatim from the
><The RSA Data Security Secret-Key Challenge>
>posted on <http://www.rsa.com/rsalabs/97challenge/>:
>
>Clue #1:
>
>  " ...all the RC5 contests posted as part of the RSA Secret-Key Challenge
>will use 12-round RC5 with a 32-bit word size. "
>
>Clue #2:
>
>  " ...The first RC5 contest will consist of some unknown plaintext
>encrypted using a 40-bit key;."
>
>Clue #3: (a  giveway!)
>
> " ... For each contest, the unknown plaintext message is preceded by three
>   known blocks of text that contain the 24-character phrase "The
>   unknown message is:  .....".
>
>In summary: The claim of exportable cryptography being totally
>insecure, because it can be cracked in 3.5 hours is not
>realistic. The three clues announced in the contest
>would not apply  under infowar conditions.
>
>What other clues may have been provided to Goldberg
>to  support private agendas and gain shrill headlines
>is also a matter of speculation, but I rest my case.
>
>I certainly cannot assert that a 40 bit key cannot be decyphered.
>However, I do not think that the RSA unqualified claims
>offer full and appropriate disclosure.
>
>Paul
>
>At 10:21 AM -0500 1/30/97, Wright Larry wrote:
>>Following provided for your information.
>>
>>
>>EXPORTABLE CRYPTOGRAPHY TOTALLY INSECURE: CHALLENGE
>>CIPHER BROKEN IMMEDIATELY
>>
>>January 28, 1997 - Ian Goldberg, a UC Berkeley graduate
>>student, announced today that he had successfully
>>cracked RSA Data Security Inc.'s 40-bit challenge cipher
>>in just under 3.5 hours.
>>
>>RSA challenged scientists to break their encryption
>>technology, offering a $1000 award for breaking the
>>weakest version of the code.  Their offering was
>>designed to stimulate research and practical experience
>>with the security of today's codes.
>>
>>The number of bits in a cipher is an indication of the
>>maximum level of security the cipher can provide.  Each
>>additional bit doubles the potential security level of
>>the cipher.  A recent panel of experts recommended
>>using 90-bit ciphers, and 128-bit ciphers are commonly
>>used throughout the world, but US government regulations
>>restrict exportable US products to a mere 40 bits.
>>
>>Goldberg's announcement, which came just three and a
>>half hours after RSA started their contest, provides
>>very strong evidence that 40-bit ciphers are totally
>>unsuitable for practical security.  "This is the
>>final proof of what we've known for years: 40-bit
>>encryption technology is obsolete," Goldberg said.

<...Rest of the nnouncement from UC Berkeley snipped>

>Paul A. Strassmann
>55 Talmadge Hill Road, New Canaan, CT. 06840
>Telephone: 203-966-5505; Fax: 203-966-5506
>INTERNET:                  paul@strassmann.com
>WorldwideWeb:           http://www.strassmann.com
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>