DES Security

Icepick (
Wed, 16 Apr 1997 08:37:17 -0500

As I was reading in Applied Cryptography book last night, it occured
to me that the DES chapter might have some intresting information,
so I skipped ahead about 200 pages, and read it.

Concerning the the supposed "security" of DES:

(shamelessly ripped from AP 2nd ed, page 300)

12.7 How Secure is DES Today?

The answer is both easy and hard. The easy answer just looks at key
A brute-force DES-cracking machine that can find a key in an average of 3.5
hours cost only $1 million in 1993. DES is so widespread that it is naive
pretend that the NSA and its counterparts haven't built such a machine.


Winn Schwarau writes that the NSA had built a massively parallel
machine as early as the mid-1980s. At least one such machine was built
by Harris Corp. with a Cray Y-MP as a front end. Supposedly there are a
series of algorithms that can reduce the complexity of a DES bruite-force
by several orders of magnitude. Contextual algorithms, based ont he nnner
of DES, can scrap sets of possible keys based on partial solutions.
algorithms reduce the effective key size even further. And other
choose likely keys -- words, printable ASCII, and so on--to test. The
rumor is
that the NSA can crack DES in 3 to 15 minutes, depending on how much
preprocessing they can do. And these machines cost only $50,000 each, in

(end rip)

Food for thought.


my faith my grief my fear my blood my trust my flesh my hate my love
no more no less no fear no need no height no depth too great godspeed
Prove DES is weak, crack DES!