[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Brute Force DES

To: [email protected]
Subject: Re: Brute Force DES
From: [email protected] (Dr.Dimitri Vulis KOTM)
Date: Wed, 24 Jul 96 13:45:05 EDT
Comments: Obscenities forbidden (18 U.S.Code 1462)
In-Reply-To: <[email protected]>
Organization: Brighton Beach Boardwalk BBS, Forest Hills, N.Y.
Sender: [email protected]

"Perry E. Metzger" <[email protected]> writes:

> 
> The Deviant writes:
> > Buy the point is to prove that DES shouldn't be used, not that it CAN
> > be brute forced.  A known-plaintext attack doesn't show that.  We hafta
> > attack something we've never seen. (i.e. talk Netscape, or some other
> > company, into generating a DES'd message, and keeping the keys safe)
> 
> Known plaintext isn't needed. You just need a plaintext with some
> decent statistical properties.

May I suggest that a better demonstration for the public would be to allow any
person take a pre-determined text (such as "cypherpunks"), encrypt it wtih a
key of their choice (40-bir or 56-bit, depending on what we're trying to prove),
(i.e. demonstrating that some 40-bit key scheme is unsafe may be sufficient )
send the cyphertext to a GruborBot via e-mail or Web page, and get back within
reasonable time the key(s) that were used.  I think this is feasible; whether
it's all lookup table or some lookup and some computation is details.

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

References:
- Re: Brute Force DES
  - From: "Perry E. Metzger" <[email protected]>

Prev by Date: Re: FTP Software Licenses Pretty Good Privacy 07/23/96
Next by Date: Re: When books are outlawed
Prev by thread: Re: Brute Force DES
Next by thread: Re: Brute Force DES
Index(es):
- Date
- Thread