[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Federal Key Registration Agency



Perry E. Metzger wrote:
> 
> Michael Froomkin writes:
> > I have seen the text of the speech.  The wire service accounts wildly,
> > wildly exaggerate.  This is a non-story...except for AG Reno's assertion
> > that it would take the government a year to break one DES message with a
> > "supercomputer".  She presumably believes this.  We know the number for
> > known plaintext attacks, but assuming you don't have a known plaintext,
> > what's a more reasonable assumption?
> 
> Known plaintext isn't needed for any brute force DES attack. Indeed,
> our own Dave Wagner showed in a paper not that long ago how to
> automate the process of detecting a good key.
> 
> The numbers in the Blaze et al paper are very realistic on this. A
> year is total bull -- not even within several orders of magnitude of
> accuracy.

Further, known plaintext is actually a very reasonable assumption. In 
S/MIME, for example, the first 8-byte block of text is almost certain to 
be 43 6f 6e 74 65 6e 74 2d, (i.e. the string "Content-"). This makes the 
process of analyzing the results trivial.

Raph