Re: DES brute force? (was: Re: Borders *are* transparent)

[shamrock@netcom.com (Lucky Green)]

At 21:28 7/22/96, aba@atlas.ex.ac.uk wrote:

>So ideally for a break you would like the whole thing to be completed
>in say 2 weeks wall clock time, which gives rise to the need for
>~100,000 machines of similar throughput, full-time for two weeks.
>
>Possible?

Perhaps not 100k machines, and perhaps not in two weeks, but is it
possible? You bet.

That would
>Somebody would need to spend a fair bit of effort publicising it on
>USENET, to get a good response.

Sure. There should be at least a two month long campaign on USENET. Plenty
of time to debug the cracking software.

>There may be problems associated with offering prize money... what if
>some employees at DES hardware vendors `borrowed' some time on their
>top of the range DES cruncher?  Perhaps this doesn't matter, as it
>would just make the point even more strongly :-)

I agree. Let's hope some people will help the project with some custom DES
crackers.

>What DES modes are used in typical banking situations?  (I am
>presuming a challenge involving a widely used banking funds transfer
>protocol would be a suitably juicy targets, based on a criteria of
>demonstrating the greatest financial risk).

When picking the target, think publicity. A widely used banking protocol
sounds like a good target. What is being used for the global transactions
that total in the trillions every day? Are at least some of them done in
with single DES?



-- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.