Interesting People mailing list archives
IP: Crypto standard finalists; Rosen: SDMI is your friend
From: Dave Farber <farber () cis upenn edu>
Date: Wed, 11 Aug 1999 15:28:09 -0400
Date: Wed, 11 Aug 1999 10:11:34 -0800 From: Henry Schwan <owlswan () eff org> MSNBC (From WIRED) Finalists for crypto standard named U.S. moves closer to finding replacement for DES, naming five finalists for the new Advanced Encryption Standard By Jim Kerstetter, PC Week ZDNN Aug. 9 - DES is a step closer to the dustbin. The U.S. Commerce Department's National Institute of Standards and Technology Monday announced five finalists in the two-year competition to find a replacement for the Data Encryption Standard, which has served as the government's basic encryption standard since 1977. THE REPLACEMENT, TO BE CALLED the Advanced Encryption Standard, should be completed by the summer of 2001, according to NIST. The five finalists include: MARS, developed by IBM in Armonk, NY. IBM researchers also created DES back in the '70s. RC6, developed by Ron Rivest (inventor of the RSA public key algorithm and several other well-known hashing and private key algorithms) and RSA Laboratories in Bedford, Mass. Rijndael, developed by Joan Daemen and Vincent Rijmen of Belgium. Serpent, developed by Ross Anderson, Eli Biham and Lars Knudsen of the United Kingdom, Israel and Norway. Twofish, developed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall and Niels Ferguson of Counterpane Systems in Minneapolis. Schneier also developed the popular Blowfish symmetric algorithm. DES - as well as its replacement, AES - is what cryptographers call a symmetric or private key algorithm. A symmetric algorithm requires that both parties receiving encryption have a copy of the same encryption key in order to read the scrambled data. It is also likely the most widely used encryption algorithm in the world today, supported by most commercial encryption products. But DES has proven to be easy prey for modern technology. It uses keys of 56 bits, which were first broken nearly three years ago. In January 1999, cryptographers using a special DES-cracking machine, along with a nationwide network of PCs, were able to crack DES in less than 24 hours. The crackers used a "brute force" method of attack to solve the mathematical factoring behind DES. In other words, they put a lot of processing horsepower against the algorithm and were able to solve it - something that has been feasible only in the last couple of years because of improvements in chip technology. Enter the AES. NIST first requested proposals for the AES in September 1997. Each of the candidate algorithms supports key sizes of 128, 192 and 256 bits. A 128-bit key cannot be broken using known technology today. Each added bit essentially doubles the key strength. RSA Data Security Inc. CEO Jim Bidzos used the following analogy at the company's conference in January: A 40-bit key is the water that fills a spoon. A 56-bit key is the water that fills a small swimming pool. A 128-bit key would be all of the water on the planet. http://www.msnbc.com/news/298832.asp ________________________________________________________________ Rosen: SDMI is Your Friend by Arik Hesseldahl 1:00 p.m. 10.Aug.99.PDT NEW YORK -- This week's Interactive Music Expo, with its gadgets galore and talking heads, is the latest sign that digital music has come of age. The RIAA's Hilary Rosen defended the Secure Digital Music Initiative, scoffing at the tech world's hoped-for world where musicians would give away their music for free over the Internet and support themselves by touring and selling T-shirts. Rosen delivered a keynote address to open the second day of the Interactive Music Xpo, which continues here through Thursday. But even in the digital age, "artists who invest their time and creativity should be able to determine the fate" of their works, Rosen said. Hence the creation of SDMI, a proposed standard for secure downloadable music. ********************************** And while the number of MP3 music files continues to grow on the Internet, Rosen said her organization isn't interested in prosecuting people who download those files, but rather those who run large Web sites devoted to distributing illegal files. "We will find you," she said. http://www.wired.com/news/news/culture/story/21205.html Henry Schwan 1550 Bryant St. Suite 725 San Francisco, CA 94103 (415)436-9333 Ex. 104 owlswan () eff org
Current thread:
- IP: Crypto standard finalists; Rosen: SDMI is your friend Dave Farber (Aug 11)