At the 1997 RSA Conference, RSA Data Security Inc. (now RSA, the Security Division of EMC) launched a series of cryptographic contests. In its DES Challenge, RSA made public the “ciphertext” (encrypted form) of a message encrypted encrypted with DES, the sitting U.S. Government standard for data encryption, used widely throughout banking and other industries in the U.S. and abroad. RSA offered $10,000 to the first person or group that could “crack” the message, correctly telling what the encrypted message actually said.
Rocke Verser led the DESCHALL project and maintains several of his pages as they existed during and immediately after the key search. Justin Dolske, then a graduate student at the Ohio State University and Matt Curtin, then chief scientist at Megasoft Online Inc. assisted Verser in coordination of the project and the hundreds of volunteers who did everything from submitting code to running the clients on their own machines. These pages are maintained by Curtin.
We were the first group ever to crack a DES-encrypted message (at least in public). It worked by having people run “client” software on their machines that tested keys in the machines' idle cycles, coordinated through a key server written and operated by Verser. The project demonstrated that DES could be defeated by a coordinated use of readily-available computing equipment; that expensive and specialized systems were not needed. Protection of data, therefore, required systems with larger keys.
Much has been written about the project. The most comprehensive is Curtin's memoir of the project, Brute Force.
We're finally giving out the client source code!
We're trying to locate Darrell Kindred, whose code made the ultrafast bitslice clients to obtain his permission to release that code and Andrew Meggs for his permission to release the fast code for Macintosh systems.
The mailing list's archive files are available in HTML. Although the list is now closed, we've decided to leave the archives in place, in order to preserve information about the contest, and to let people see how the project went, the problems we faced, our concerns, etc., directly.
DESCHALL T-Shirts were printed; orders are no longer being taken. If you managed to get one, you've got a piece of history!
Errata for my book and some other goodies related to DESCHALL can be found on my personal Web space at ergo-sum.us/brute-force.