[ISN] DES code cracked in record time, 01/20/99

From: mea culpa (jerichoat_private)
Date: Thu Jan 21 1999 - 10:48:21 PST

  • Next message: mea culpa: "[ISN] A Net home for hackers"

    Forwarded From: darek milewski <darekmat_private>
    
    http://www.nwfusion.com/news/1999/0120cracked.html
    DES code cracked in record time
    By Jason Meserve
    Network World, 01/20/99
    
    Records are made to be broken. 
    
    Proving that the world record for deciphering a DES-encoded message is no
    different, a global team of computer users yesterday grabbed the
    less-than-year-old title. 
    
    The distributed.net team, a non-profit organization of computer hobbyists,
    deciphered a DES-encoded message in just over 22 hours as part of the RSA
    Data Security's DES Challenge III. 
    
    With an estimated 100,000 computers in the distributed.net network and a
    customized code-cracking computer from the Electronic Frontier Foundation
    (EFF), the crew smashed the previous record of 56 hours set back in July
    1998 by EFF's "Deep Cracker." Therefore, security company RSA, the
    contest's sponsor, will award the group $10,000. 
    
    "We're obviously quite pleased of our accomplishments," says David McNett,
    co-founder of distributed.net. "We've gone further in proving the [Data
    Encryption Standard] and 56-bit cryptography are dead." 
    
    DES is a private-key encryption standard developed by IBM and adopted by
    the government in 1977. 
    
    RSA has sponsored three such contests to prove to the government that
    56-bit encryption technology is too weak and that encryption export
    restrictions must be lifted. Currently, encryption technology stronger
    than
    
    56-bit cannot be exported outside the U.S. 
    
    For DES Crack III, RSA placed a 56-hour time restriction on the contest,
    with a $10,000 prize for cracking the code in less than 24 hours, $5,000
    for less than 48 hours and $1,000 for less than 56 hours. The stringent
    time constraints help prompt the previous two contest winners to join
    together. 
    
    Deep Cracker ultimately uncovered the plain text message "See you in Rome
    (second AES Conference, March 22-23, 1999)." The message is a plug for the
    proposed Advanced Encryption Standard initiative that is being proposed by
    the government in conjunction with private companies as a replacement for
    DES. 
    
    EFF's Deep Cracker was built using a standard PC and some 1,500 custom
    chips for cracking DES encryption by John Gilmore, EFF co-founder and
    project leader. 
    
    Adding Deep Cracker's processing power, distributed.net uses the
    idle-process time of standard
    
    PCs that are connected to the Internet. The organization advertised its
    need for computing power on its Web site and through its members'
    newsletter. People wishing to participate in the contest with
    distributed.net needed only to download a special client that ran in the
    background, crunching away at assigned blocks of DES keys using a method
    of brute force - testing every possible combination until the message was
    uncovered.  Keys were distributed to clients via 22 keyservers located
    around the world. A single keymaster oversaw the entire operation. 
    
    Combined, the two systems were processing some 245 billion keys per second
    and had covered 22.2% of the available keyspace - some 72 quadrillion
    keys. Luck is somewhat involved in such a process, as the key could have
    been in the latter percentage of the keyspace, as it was in the first DES
    Crack contest when 91% of the keyspace had been tested before a solution
    was found, McNett says. 
    
    "[This type of system] allows the average person, who cannot purchase some
    outstanding machine like a Cray supercomputer, to combine their computer's
    power with others to handle extraordinary complex problems," says
    
    Daniel Baker, distributed.net's chief operations officer. 
    
    Baker and McNett see the power of distributed computing spreading to more
    complex problems in the future, not just cracking cryptography codes.
    "This is the killer app for the Internet - distributed computing,"  McNett
    says. 
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:16:33 PDT