DES Challenges

The DES Challenges were a series of brute force attack contests created by RSA Security to highlight the lack of security provided by the Data Encryption Standard.

Part of the EFF's DES cracking machine which was used in two of the challenges

The Contests

The first challenge began in 1997 and was solved in 96 days by the DESCHALL Project.[1]

DES Challenge II-1 was solved by distributed.net in 39 days in early 1998. The plaintext message being solved for was "The secret message is: Many hands make light work."[2]

DES Challenge II-2 was solved in just 56 hours in July 1998, by the Electronic Frontier Foundation (EFF), with their purpose-built Deep Crack machine. EFF won $10,000 for their success, although their machine cost $250,000 to build. The contest demonstrated how quickly a rich corporation or government agency, having built a similar machine, could decrypt ciphertext encrypted with DES. The text was revealed to be "The secret message is: It's time for those 128-, 192-, and 256-bit keys."[3]

DES Challenge III was a joint effort between distributed.net and Deep Crack. The key was found in just 22 hours 15 minutes in January 1999, and the plaintext was "See you in Rome (second AES Conference, March 22-23, 1999)".[4]

Reaction

After the DES had been shown to be breakable, FBI director Louis Freeh told Congress, "That is not going to make a difference in a kidnapping case. It is not going to make a difference in a national security case. We don't have the technology or the brute force capability to get to this information."[5]

It was not until special purpose hardware brought the time down below 24 hours that both industry and federal authorities had to admit that the DES was no longer viable. Although the National Institute of Standards and Technology started work on what became the Advanced Encryption Standard in 1997, they continued to endorse the DES as late as October 1999, with FIPS 46-3. However, Triple DES was preferred.

gollark: `allies` contains `lies`. Coincidence? I think not.
gollark: In that case it would probably be more like "print hydroponics system, connect to water, supply random stuff".
gollark: `cat /usr/share/dict/words | grep lies`
gollark: *But* with 3D-printing and stuff, that's reducing slightly, and that could conceivably be extended more to produce most stuff we're used to from a bunch of sand or something via nanofabrication.
gollark: But anyway, currently basically all our technology is tied together in the giant worldwide infrastructure whatsit, and becoming more so.

See also

References

  1. Matt Curtin, Justin Dolske (May 1998). "A Brute Force Search of DES Keyspace". Retrieved 27 February 2014.
  2. David C. McNett (24 February 1998). "The secret message is..." distributed.net. Retrieved 27 February 2014.
  3. DES-II-2 Challenge
  4. David C. McNett (19 January 1999). "US Government's Encryption Standard Broken in Less Than a Day" (PDF). distributed.net. Retrieved 27 February 2014.
  5. "RSA Announces Another DES Cracking Contest". Computergram International. 1998-12-23. Retrieved 2008-09-21.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.