[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DES-CBC brute forced.

Peter Trei says:
> This is relevant to the issue of selecting
> bulk encryption algorithms for ESP.
> undertaken outside of government."
> ...................
> Using a technique called "brute-force", computers participating in
> the challenge simply began trying every possible decryption key...
> There are over 72 quadrillion keys (72,057,594,037,927,936).  At the
> time the winning key was reported to RSADSI, the DESCHALL effort had
> searched almost 25% of the total.  At its peak over the recent
> weekend, the DESCHALL effort was testing 7 billion keys per second.
> .....One.  This is the first time anyone has publicly shown that they
> can read a message encrypted with DES....................

What to do depends on how close to DEs you want to stay. There
is DES/SK (in which I have personal interest, as this mod was
designed by me and Steve Bellovin) - it will deny brute force
and make diff/lin attacks more difficult (but not impossible).
There's 3DES for those who don't want to change a single bit
of DES spec (which may or may not be wise, considering the
price paid)...
Uri		uri@watson.ibm.com

Follow-Ups: References: