RSA Secret Key Challenge Home Page @ SGI (fwd)

Eating Before Swimming (
Thu, 5 Jun 1997 02:43:16 -0400 (EDT)

Doh - I forgot about this one! (Mebbe cuz I thot it was something I had
to reply to, and I'm trying to avoid replies cuz I've gone cold turkey
to the Dvorak keyboard layout. Ouch, I wish I hadnt explained that!)

Subject: RSA Secret Key Challenge Home Page
Date: Tue, 3 Jun 1997 18:48:06 -0700 (PDT)


RSA Secret Key Challenge Home Page

RSA Secret Key Challenge Home Page

[Web Site Map at end of this page.]

Join the largest computation in history!

What is the RSA Secret Key Challenge?

On January 28th, RSA Data Security, Inc ( put up twelve challenges against the RC5 cipher, and one additional challenge against the Data Encryption Standard (DES). DES has been the national standard for banks, government encryption, and more. For each challenge, RSA has provided a piece of encrypted text; the objective is to discover what key was used to encrypt the text, and thereby find what the original text was before encryption.

The RSA Secret Key Challenge serves to quantify, in a very real fashion, the security offered by the government-endorsed data encryption standard (DES) and other secret-key ciphers with keys of various sizes. The information obtained from these contests is anticipated to be of value to researchers and developers alike as they estimate the strength of an algorithm or application against exhaustive key-search.

Key length is one of the fundamental measurements of a encryption algorithm's strength. Current opinion is that 40-bit keys are inadequate because they are absurdly weak, and while 56-bit keys (which are potentially 2^16, or 65,536 times stronger) may be enough to protect something in the short term, it is no longer suffiently strong to protect information like Census Bureau data which is supposed to be kept secret for 100 years. Or for that matter, for protecting sensitive corporate data which a competitor might be able obtain substantial economic benefits from accessing, and therefore would have substantial incentive to defeat the encryption.

While today it might take several weeks or months to find the key for a specific plain/ciphertext pair by brute force (trying all possible keys), given the exponential growth of technology, what took weeks to months will soon only take hours to days.

What does this have to do with SGI?

There are thousands of workstations and hundreds of servers which belong to Silicon Graphics. Exhaustive key search, where one tries to find the original text before encryption by trying every possible key, is very amenable to distributed processing. I.e., by harnessing the large number of computer systems at SGI, we hope to be able to solve one of the RSA Secret Key Challenges, specifically, the DES one. Since DES is older than the RC5 encryption algorithm, and is far better known, solving the DES challenge should get much more media attention than solving any of the other challenges.

SGI participation has two possible benefits. First, if the RSA Secret Key Challenge as a whole helps to convince those who are against export of strong encryption software from the United States, this will be beneficial to the computer industry at large, and in particular, software and Internet commerce. Second, SGI stands to benefit from a considerable amount of (positive) publicity, demonstrating the "computational prowess" of our systems. For example, we can boast that since our systems support native 64-bit arithmetic, we were able to perform key searching faster than is possible on 32-bit platforms (which would include Intel systems and workstations from other vendors).

How can I participate?

We need your idle CPU cycles!

One of the benefits of Unix is that it can readily accomodate low priority programs running invisibly in the background without any degradation of system performance. Our programs do exactly that; they run in the background using all those CPU cycles that would otherwise be considered 'idle'. It has been estimated that 90-95% of all CPU power is spent 'idle'.

To let us utilize your otherwise wasted idle CPU cycles, all that you need to do is install the client software below. It takes only five minutes, so please lend us a CPU or two.

You can use either method:

Make sure you come back and visit our Statistics Page to see how fast and how far we are progressing!

How else can I help?

Aside from loaning us CPU's, we could always use some help in developing tools, developing software, maintaining the web pages, and any other related activity. There is a Majordomo mailing list,, for discussing improvements to the software and ideas for future work. To subscribe, you can use the MailMan web page. and add yourself to the rsachallenge mailing list. For more information on what you might be able to do to help, check our Tasks To Do page.

Other Questions?

If you have any other questions about the software, what we're doing, Please check out our Frequently Asked Questions page.

Who are the organizers of this effort?


Additional export-specific references can be found on the Export Restrictions Page.


What's new?

Web Site Map

RSA Challenge Team -

Ken Chase Sonic Interzone $free$ email/news Toronto Canada
Join the DES Challenge! Wake up the US Govt!