[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Breaking DES anyone? (was: Breaking RC4-40 for less)



> Nice idea and one which works for pure RC4, but unfortunately not for
> 128 bit, 88 bit known + 40 bit unknown "export" SSL.
> 
> Netscape's SSL uses "40 bit keys" that are composed in a strange way:
> you are given 88 bits of known key, and this is combined with the 40
> bit key, to give a 128 bit key.  That key is used to do the
> encryption.  The problem is that this has a unix password salt like
> effect, only this time there are 88 bits of salt rather than 12 bits.
> So this means that you can't precompute anything on the 40 bits as the
> 88 bits are randomly generated, and likely vary with each session.

Ah!!!

Then here's my next alternative attack.

By a 100x100 Transputer (about \$120,000 to make one) and program it to
crack the SSL running 10,000 parallel computations.  If it takes 2 years
for the whole keyspace for each computer, it takes 1.75 hours to span
the whole key space.  Taking a 3 year write-off time and spending
$30,000 per year for maintenance, this comes to $70,000 per year, or
$14.08 per cracked key.  If I do 1,000 keys in parallel, that reduces
the cost to 1.4 cents per key.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236