Re: DRAFT: Press Release

Andrew James Alan Welty (
Mon, 31 Mar 1997 20:54:48 -0400

Comments, please... I want to release this on Wednesday of this
week. If it requires more time to fix up, then I'd like to have it
out as soon after that as possible.

Looks good so far.

DESCHALL Group Searches for DES Key

[DRAFT] (will say ``for immediate release'' here one day) [DRAFT]

In answer to RSA Data Security, Inc.'s ``crypto challenge,'' a group
of students, hobbyists, and professionals of all varieties is looking
for a needle in a proverbial haystack. The ``needle'' is the
cryptographic key used to encrypt a given message, and the
``haystack'' is the huge pile of possible keys:
72,057,594,037,927,936 of them.

Might want to explain a little more about this, may mention the
prize, might entice some more people to at least give it a try.

The point? To prove that computing technology is sufficiently
advanced that such a search is feasible using only the spare cycles of
general purpose computing equipment, and as a result, unless much
larger ``keys'' are used, the security provided by cryptosystems is
minimal. Conceptually, a cryptographic key bears many similarities to
the key of a typical lock. A long key has more possible combinations
of grooves than a short key. With a very short key, it might even be
feasible to try every possible combination of grooves in order to find
a key that matches a given lock. In a cryptographic system, keys are
measured in length of bits, rather than grooves, but the principle is
the same: unless a long enough key is used, computers can be used to
figure out every possible combination until the correct one is found.

In an electronic world, cryptography is how both individuals and
organizations keep things that need to be private from being public
knowledge. Whether it's a private conversation or an electronic funds
transfer between two financial institutions, cryptography is what
keeps the details of the data exchange private. It has often been
openly suggested that the US Government's DES (Data Encryption
Standard) algorithm's 56-bit key size is insufficient for protecting
information from either a funded attack, or a large-scale coordinated
attack, where large numbers of computers are used to figure out the
text of the message by brute force: that is, trying every possible

Success with this project will prove such postulations correct.

The effort is being coordinated through a web site at Many more
participants are sought in order to speed up the search. The client
software is available through the web site. One simply needs to
follow the download instructions to obtain a copy of the software.
Once this has been done, the client simply needs to be started, and
allowed to run in the background. During otherwise wasted cycles, the
computer will work its way through the DES keyspace, until some
computer cooperating in the effort finds the answer.

Project Coordinator
Rocke Verser <>

Web Site

Mailing List

To subscribe, send the text ``subscribe deschall'' (without the
quotes) to <>, and you'll be
emailed instructions.

I'de suggest adding a pointer the the RSA site as well.

Do we really need the web site URL twice?