|
<<
^
>>
Date: 1998-08-17
56bit DES crack: Bruce Schneier analysiert
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
q/depesche 98.8.17/1
updating 98.7.21/2
56bit DES crack: Bruce Schneier analysiert
Zum DES/Schlüssel/brechers der Electronic Frontier
Foundation fällt dem Ober/Cypherpunk gleich mehrfach
Despektierliches ein:
Der EFF DEScracker benützt
- alte, fade Chiptechnologie
- Simples Hardwaredesign
- keine besondere Software
- kein Cryptographie/Programm
- ist also kein Meisterwerk der technik sondern ein ziemlich
dummes Geradeaus/Brute/force/Gerät
ABER
- der DESCracker ist hübsch skalierbar
- wobei jede weitere Maschine nur noch ein Viertel der
ersten kosten wird.
Fazit: Wenn eine Bürgerrechtsorganisation mit veralteter
Technologie ein in jeder Hinsicht verbesserungswürdiges
Gerät bauen kann, das immerhin den 56bit DES
Standard/Schlüssel crackt - dann kann die vom FBI hartnäckig
geäusserte Behauptung, die Behörden hätten Schwierigkeiten,
56bit Schlüssel zu entziffern, nur Zeichen von Inkompetenz
und/oder einer Lüge sein.
ceterum/censeo nicht vergessen: Dass 56bit DES der
Online-Banking Standard in Östreeich und Deutschland ist.
-.-.- --.- -.-.- --.- -.-.- --.-
A Hardware DES Cracker
by Bruce Schneier
August 15, 1998 On 17 July the Electronic Frontier
Foundation (EFF) announced the construction of a DES
brute-force hardware cracker. This $220,000 device can
break a DES key in an average of 4.5 days.
The news here is not that DES is insecure, that hardware
algorithm-crackers can be built, or that a 56-bit key length
is too short. We've known all of this already;
cryptographers have been saying it for years. (My book said
it in 1994.) Technological predictions made about the
declining costs of such a machine, made in the late 1970s,
the 1980s, and the early 1990s, turned out to be dead-on.
The news is how long the government has been denying that
these machines were possible. As recently as 8 June 98,
Robert Litt, principal associate deputy attorney general at
the Department of Justice, denied that it was possible for
the FBI to crack DES. "[It is a myth that] we have
supercomputers that can crack anything that is out there,"
Litt said. "Let me put the technical problem in context: It
took 14,000 Pentium computers working for four months to
decrypt a single message.... We are not just talking FBI and
NSA [needing massive computing power], we are talking about
every police department." (See the full story at
http://www.wired.com/news/news/politics/story/12830.html.)
My comment was that the FBI is either incompetent or lying,
or both.
EFF's machine is not cutting-edge engineering. It is not
state-of-the-art cryptography. It is not bleeding-edge
technology. The machine uses old, boring chip technologies,
simple hardware design, not-very-interesting software, and
no cryptography. This is not a marvel of engineering; the
only interesting thing is how straightforward the design
really is.
Moreover, the machine scales nicely. EFF spent $220,000 on
their first machine. Now that the design work is done, they
can build a second for about $50,000. For every doubling of
that price, they can double the speed of the machine (so a
second machine for $250,000 can break DES in less than a
day). And Moore's Law predicts that the same machine will
be either twice as fast or twice as cheap in another 18
months.
The EFF machine broke DES, but it could just as easily have
been designed to break any other encryption algorithm. The
attack was against the key length, not against the algorithm
design. Moreover, a slightly more expensive design would
have used FPGAs, allowing the system to work against a
variety of algorithms and algorithm variants.
The only solution here is to pick an algorithm with a longer
key. DES has a fixed 56-bit key. Triple-DES has a 112-bit
key; there isn't enough silicon in the galaxy or enough time
before the sun burns out to brute-force triple-DES. AES
requires 128-, 192-, and 256-bit keys.
The EFF is a civil liberties group, and this was just a
demonstration project. Government agencies like the FBI and
the NSA would presumably spend a lot more time engineering a
more efficient solution. It is reasonable to assume that
any country with an intelligence budget has built this sort
of machine, probably one a couple of orders of magnitude
faster.
There are undoubtably many, many technical improvements that
can be made to the EFF design to make brute-force search
cheaper and faster. But the fact that a civil liberties
group can use old technology to build something that the
adminstration has denied can be built...that's the real
news.
relayed by Bruce Schneier
http://www.counterpane.com/
related links
EFF's press release: http://www.eff.org/descracker/
Wired News:
http://www.wired.com/news/news/technology/story/13800.html
Cnet:
http://www.news.com/News/Item/0%2C4%2C24322%2C00.html?sas.mail
New York Times story:
http://www.nytimes.com/library/tech/yr/mo/biztech/articles/17encrypt.html.
-.-.- --.- -.-.- --.- -.-.- --.-
TIP
Download free PGP 5.5.3i (Win95/NT & Mac)
http://keyserver.ad.or.at/pgp/download/
-.-.- --.- -.-.- --.- -.-.- --.-
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 1998-08-17
comments to [email protected]
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|