[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Upcoming DES Challenge



At 10:49 PM 1/7/97, [email protected] wrote:
>Orbital mind control lasers made [email protected] (Mike Duvos) write:
> 
>>Peter Trei ([email protected]) writes:
>>>1. I'm astonished at the low level of reaction RSA's announcement that they 
>>>will be sponsoring a DES Challenge, with a $10,000 cash prize.
>>I'm certainly jumping up and down and cheering.  I said a while back that the 
>>life expectancy of DES would be about two weeks if anyone forked over serious 
>>cash.
> 
>I'm still a bit nervous about what the reaction will be though - won't the 
>US government (and anyone else pushing DES) be able to say "It took 10,000 
>Pentiums several weeks, noone would bother doing that, so it's safe" (with a 
>possible side order of "Safer-SK64 is 256 times as secure, anyone we really 
>like can use that provided they hand over the keys in advance").

This was exactly my concern months ago.  PC's are remarkably _inefficient_ 
systems for attempting to crack codes.  I recall estimating, quite 
approximately, that it might take somewhere about $500,000 of electricity 
cost alone to check all 2**56 possible decrypts, most of which is going to 
power unnecessary components.  (monitors, hard drives, sound cards, modem 
cards, etc, etc, etc.)   By doing the decrypts on PCs (term used 
generically; it applies just as well to Mac's, PowerPC's, DEC Alpha's, etc)  
we make it look like DES is better than it really is.

But I'm under no illusion.  As the saying went, "When the only tool you have 
is a hammer, you treat every problem as if it were a nail.)  People have 
PC's, and will use them.  Let me suggest, however, that somebody familiar 
with the details of DES and FPGA's (or other kinds of high-density 
programmable logic) figure out a ballpark estimate of how much it would cost 
to implement a minimalist DES-cracker in hardware.  Don't do it, just 
estimate it.  Then, when somebody has finally cracked that DES message and 
someone the news media is trying to suggest that this was an expensive 
effort, a more economical figure will be quotable.




Jim Bell
[email protected]