[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

40 bit work factors (Re: NSA _likes_ strong crypto?)

To: [email protected]
Subject: 40 bit work factors (Re: NSA _likes_ strong crypto?)
From: [email protected] (Anil Das)
Date: Thu, 15 May 1997 18:17:15 -0700
In-Reply-To: "Peter Trei" <[email protected]> "Re: NSA _likes_ strong crypto?" (May 15, 6:05pm)
References: <[email protected]>
Sender: [email protected]

On May 15,  6:05pm, Peter Trei wrote:
>
> 40 bit encryption is a bad joke = it would take about 2 min on this
> machine for 40 bit DES

	Yes, 40 bit encryption is a joke, but one shouldn't
extrapolate exponontially between 56 bit DES and 40 bit encryption.
The work factor will not be less by a factor of 1/65536, but
rather in the same ballpark.

	DES is generally faster to search than other ciphers
(5-10 times faster than RC5), so if the 40 bit encryption
is not with DES, 10 minutes would be a more accurate estimate.

	As for 40 bit DES, nobody uses DES as is with 16
bits of the key zeroed out. What is more likely is something
like CDMF. A brute force attack on CDMF has about four times
the work the factor of (56 bit DES / 65536). Again 10 minutes
appear more accurate.

	Which is not to say that we are not discussing a joke.

	And talking about Wiener machines, they are much
faster on DES than most other symmetric ciphers, especially
something like RC5, which had reducing the efficiency
of hardware crackers as a design goal. So, one should
be careful about extrapolating from DES key search rates.

--
Anil Das

References:
- Re: NSA _likes_ strong crypto?
  - From: "Peter Trei" <[email protected]>

Prev by Date: Re: Reporting threshold for NY money transfers lowered
Next by Date: Re: Just Say "No" to Congress
Prev by thread: Re: NSA _likes_ strong crypto?
Next by thread: MSNBC poll on crypto
Index(es):
- Date
- Thread