We Cracked the Code!


First Public "Crack" of a DES-Encrypted Message

At the 1997 RSA Conference, RSA Data Security Inc. (now RSA, the Security Division of EMC) launched a series of cryptographic contests. In its DES Challenge, RSA made public the “ciphertext” (encrypted form) of a message encrypted encrypted with DES, the sitting U.S. Government standard for data encryption, used widely throughout banking and other industries in the U.S. and abroad. RSA offered $10,000 to the first person or group that could “crack” the message, correctly telling what the encrypted message actually said.

Rocke Verser led the DESCHALL project and maintains several of his pages as they existed during and immediately after the key search. Justin Dolske, then a graduate student at the Ohio State University and Matt Curtin, then chief scientist at Megasoft Online Inc. assisted Verser in coordination of the project and the hundreds of volunteers who did everything from submitting code to running the clients on their own machines. These pages are maintained by Curtin.

We were the first group ever to crack a DES-encrypted message (at least in public). It worked by having people run “client” software on their machines that tested keys in the machines' idle cycles, coordinated through a key server written and operated by Verser. The project demonstrated that DES could be defeated by a coordinated use of readily-available computing equipment; that expensive and specialized systems were not needed. Protection of data, therefore, required systems with larger keys.


Much has been written about the project. The most comprehensive is Curtin's memoir of the project, Brute Force.

Brute Force: Cracking the Data Encryption Standard
The inside story of how independent cryptographers, civil libertarians, and hobbyists worked together to defeat the sitting U.S. Government standard for data encryption is now a book, published in 2005.
A Brute Force Search of DES Keyspace
Originally intended to be a peer-reviewed paper for the USENIX Security Symposium, this is an article that describes exactly what was done, and how it was done.
A nontechnical consideration of what we did. Especially targeted for reporters and the general public. Includes some easy introductions to principles in cryptography.
Rocke Verser's DES key search method
Rocke Verser's description of his fast DES key search method. There's also a more complete description available.
DESCHALL Frequently Asked Questions
This is now out of date, and should probably be updated one day. Its last update was just before the winning key was found, so its questions are along the lines of how to solve problems participating in an ongoing effort, rather than questions about what we've done.
“Bitslice” DES Key Search
Brief discussion of Biham's bitslicing method for fast DES operations on 64-bit processors and how it was used in DESCHALL. (Also see its footnote.)
The Two-Headed UltraSPARC Client
Darrell Kindred's discussion of how he implemented Biham's fast bitslicing method on 64-bit processors under a 32-bit operating system.


We're finally giving out the client source code!

We're trying to locate Darrell Kindred, whose code made the ultrafast bitslice clients to obtain his permission to release that code and Andrew Meggs for his permission to release the fast code for Macintosh systems.

DESCHALL Mailing List Archive

The mailing list's archive files are available in HTML. Although the list is now closed, we've decided to leave the archives in place, in order to preserve information about the contest, and to let people see how the project went, the problems we faced, our concerns, etc., directly.


DESCHALL T-Shirts were printed; orders are no longer being taken. If you managed to get one, you've got a piece of history!


Errata for my book and some other goodies related to DESCHALL can be found on my personal Web space at ergo-sum.us/brute-force.

DESCHALL Home | DES Crack at RSA | Matt's Home

C Matthew Curtin
Last modified: Thu Feb 8 21:11:51 EST 2007