Professional Documents
Culture Documents
crypt
From: kaplan@bpavms.bpa.arizona.edu (Steve... friends don't let friends do DOS.)
Subject: Is DES breakable?
Keywords: DES breakability
Message-ID: <23MAR199319384593@bpavms.bpa.arizona.edu>
Date: 24 Mar 93 02:38:00 GMT
Organization: University of Arizona MIS Department
Lines: 201
Greetings sci.crypters
This is a lengthy posting born of my idea that one good turn deserves
another. Carl Ellison (cme@ellisun.sw.stratus.com) was kind enough to send
me the out dated, but still useful FAQ for this news group. So, I figure
that I should add to the positive karma of it by sharing some stuff. Not
new news - just restatement of what some have already said. Hope that it
is worthy of your time. If not - send me mail and complain! In other
groups I get flamed for not being able to find my butt in the dark with
both hands, so - sorry if I've violated and status quo of which I am not
aware!
RayK 8)
----
(Previously submitted for publication in Wynn Schwartau's Security Insider
newsletter: 1157 Grove St. N., Seminole, FL 34642, 813-393-6600 and the
Computer Security Institute's ALERT newsletter: 600 Harrison St., San
Franciscon, Ca. 94107, 415-905-2370)
Day two of the second annual RSA Data Security Data Security
Conference in Redwood City, CA (January 15, 1993) was packed
full of great sessions. Right out of the can in the
cryptographer's track was Dr. Martin Hellman presenting a talk
entitled DES Revisited. The Data Encryption Standard (DES) was
first approved in January 1977, so it is now 16 years old. NIST
did approve extending it at least once since then, but Rthe DESS
(as crypto insiders seem to refer to it) is due for a look-see.
Since Dr. Hellman has been involved with DES from its
beginning, I trust his critical academic appraisal - especially
since he and Whit Diffie were embattled with NBS over
questions of key size and the existence of trap doors when DES
was being introduced. In the question of DES breakability, I
like his approach. They designed an attack on DES that is based
on the most intensive cryptanalysis: exhaustive search. The
beauty of this theoretical DES solution machine is that is can be
used for plain text, ciphertext and chosen text attacks on the
algorithm. Solve the hardest problems first and the easy ones
follow quickly, I say.