Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Crypto Question

From: "Philip Duldig" <maninwhite () tpg com au>
Date: Tue, 11 Nov 2003 11:21:00 +1030
quoting from a few sources:


  I have heard a story (not sure if it is true) about DES. That when it
was used with a shorter key (don't remember exact size), there was sort
of a competition who will break it... And when there was a computing
power to crack it in a week, the message was something like: "It is time
to move to a bigger key".


the DES algorithm takes a very short amount of time to brute force (RSA Labs
who runs the contests has strict time limits):
  up to 24 hours to win $10,000
  up to 48 hours to win $5,000
  up to 56 hours to win $1,000
  more than 56 hours - nothing
This is in late '98 mind you. Do the Moore Math.

From my understanding it is a very much scrutinised algorithm (its old.) and

groups such as EFF (www.eff.org) have made specialty hardware to brute force
it (Deep Crack).

Well, RC5 is a tougher one to brute force, this is another symmetric cypher
(that is one that has a single key to encrypt/decrypt --ie: not
public/private).

RSA Labs ran (is running?) contests to brute force a cyphertext with
possible keys to try to find the plaintext message.

The RC5-56 and RC5-64 contests (http://www.distributed.net/) had interesting
messages:

<snip from http://www.distributed.net/>
We know this method works! On 19 October 1997 at 1325 UTC, we found the
correct solution for RSA Labs' 56-bit secret-key challenge. (That's
RC5-32/12/7 56-bit for you stats junkies.) The key was 0x532B744CC20999, and
it took us 250 days to locate. Then, on 14 July 2002 at 0150 UTC we found
the winning key for the 64-bit secret-key challenge. That key was
0x63DE7DC154F4D039 and took us 1,757 days to locate.

RC5-56: 'The unknown message is: It's time to move to a longer key length'
RC5-64: 'The unknown message is: Some things are better left unread'

</snip>

for someone who followed the RC5-64 contest since early high school i found
it pretty interesting how long it took to find a winner.

RC5-72 is currently being hammered and should take quite a bit longer to do.

Philip Duldig



---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: