Security Basics mailing list archives
Re: Crypto Question
From: "Philip Duldig" <maninwhite () tpg com au>
Date: Tue, 11 Nov 2003 11:21:00 +1030
quoting from a few sources:
I have heard a story (not sure if it is true) about DES. That when it was used with a shorter key (don't remember exact size), there was sort of a competition who will break it... And when there was a computing power to crack it in a week, the message was something like: "It is time to move to a bigger key".
the DES algorithm takes a very short amount of time to brute force (RSA Labs who runs the contests has strict time limits): up to 24 hours to win $10,000 up to 48 hours to win $5,000 up to 56 hours to win $1,000 more than 56 hours - nothing This is in late '98 mind you. Do the Moore Math.
From my understanding it is a very much scrutinised algorithm (its old.) and
groups such as EFF (www.eff.org) have made specialty hardware to brute force it (Deep Crack). Well, RC5 is a tougher one to brute force, this is another symmetric cypher (that is one that has a single key to encrypt/decrypt --ie: not public/private). RSA Labs ran (is running?) contests to brute force a cyphertext with possible keys to try to find the plaintext message. The RC5-56 and RC5-64 contests (http://www.distributed.net/) had interesting messages: <snip from http://www.distributed.net/> We know this method works! On 19 October 1997 at 1325 UTC, we found the correct solution for RSA Labs' 56-bit secret-key challenge. (That's RC5-32/12/7 56-bit for you stats junkies.) The key was 0x532B744CC20999, and it took us 250 days to locate. Then, on 14 July 2002 at 0150 UTC we found the winning key for the 64-bit secret-key challenge. That key was 0x63DE7DC154F4D039 and took us 1,757 days to locate. RC5-56: 'The unknown message is: It's time to move to a longer key length' RC5-64: 'The unknown message is: Some things are better left unread' </snip> for someone who followed the RC5-64 contest since early high school i found it pretty interesting how long it took to find a winner. RC5-72 is currently being hammered and should take quite a bit longer to do. Philip Duldig --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Crypto Question McGill, Lachlan (Nov 07)
- Re: Crypto Question Ted Rolle (Nov 07)
- Re: Crypto Question Ted Rolle (Nov 07)
- Re: Crypto Question John Borwick (Nov 07)
- Re: Crypto Question Francisco Andrades (Nov 07)
- Re: Crypto Question Francisco Andrades (Nov 07)
- Re: Crypto Question Wu Fei Liang (Nov 07)
- Re: Crypto Question Adam Newhard (Nov 07)
- Re: Crypto Question Tomas Wolf (Nov 10)
- Re: Crypto Question Philip Duldig (Nov 11)
- Re: Crypto Question Mitchell Rowton (Nov 17)
- Re: Crypto Question Florian Streck (Nov 17)
- <Possible follow-ups>
- RE: Crypto Question Hagen, Eric (Nov 07)
- RE: Crypto Question Hagen, Eric (Nov 07)
- Re: Crypto Question N407ER (Nov 17)
- RE: Crypto Question Kenneth Buchanan (Nov 07)
- Re[2]: Crypto Question Vishal (Nov 17)
- Re: Crypto Question Chris Berry (Nov 17)