Re:Insecurity of DES?

[VACCINIA@UNCVX1.OIT.UNC.EDU]

-----BEGIN PGP SIGNED MESSAGE-----

Matthew Ghio wrote about a gedanken experiment in breaking DES:

>45.7 years
>Of course, specially-designed hardware would be much faster.

See "Efficient DES Key Search" by Micheal J. Weiner, Bell-Northern Research,
P.O. Box 3511 Station C, Ottawa, Ontario, K1Y4H7, Canada.

Abstract.  Despite recent improvements in analytic techniques for attacking 
the Data Encryption Standard (DES), exhaustive key search remains the most
practical and efficient attack. Key search is becoming alarmingly practical.
We show how to build an exhaustive DES key search machine for $1 million that
can find a key in 3.5 hours on average. The design for such a machine is 
described in detail for the purpose of assessing the resistance of DES to an 
exhaustive attack. This design is based on mature technology to avoid making
guesses about future capabilities.

This manuscript is available by FTP but I don't remember where, does anyone 
else? At least for a known-plaintext attack, specially designed hardware of 
the type described in the paper is, indeed, much faster. The author mentions 
the prudence of using DES in triple-encryption mode. I like BIG keys.

Scott G. Morham            !The First,
VACCINIA@uncvx1.oit.unc.edu!          Second  
PGP Public Keys by Request !                and Third Levels 
                           !      of Information Storage and Retrieval
                           !DNA,
                           !    Biological Neural Nets,
                           !                           Cyberspace


-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLZM1jj2paOMjHHAhAQGeZQP+NVjSVNT2vb5s414pMo3p+drsJYkDObri
7PLy2RNmwww1ZIUArBLwmivKGNoU6mZUBgk425rP7XzMMrYYrYxmrWM97XcC+fmv
gwffcpKOSZ/OcjZ9n1EoD3jqSJR885ywqyY7Bqljx0Mj1YJ9NbJZ05FHrX/Int21
kc8XPiq8iPU=
=90+w
-----END PGP SIGNATURE-----