[1092] in cryptography@c2.net mail archive
Re: Thoughts on the next target.
daemon@ATHENA.MIT.EDU (Bill Frantz)
Thu Jun 26 11:41:45 1997
In-Reply-To: <199706231946.MAA00236@toad.com>
Date: Wed, 25 Jun 1997 23:02:10 -0700
To: trei@process.com, coderpunks@toad.com, cryptography@c2.net
From: Bill Frantz <frantz@netcom.com>
Cc: trei@process.com
At 8:52 AM -0700 6/23/97, Peter Trei wrote:
> For DES, the entire
> search engine could fit in the L1 cache of a Pentium, and the
> task never had to go off-chip to the L2 cache or main memory.
> This is not the case in QS or GNFS, and the task would be
> bogged down by cache misses and memory access.
Main memory accesses will only be a problem if the processor has to wait
for them. The Sparc systems I worked with used about 70 cycles to access
main memory. If you have 140 instructions to execute between knowing the
main memory address and the needing the data, then the access is "free".
>Inadequately encrypting commercial software.
>
> ...
>
> I recently had cause to investigate the cryptography used in
> one of the applications of a very popular office suite, released
> this year. A password recovery specialist I spoke to claimed that
> the crypto used was 40-bit RC4! If this is true, it may apply to
> all of the applications of that suite, and thus the apps are
> susceptible to brute force attacks of quite modest scale - ones
> which may be undertaken in a small office in a relatively short
> time.
This sounds like a wonderful target.
-------------------------------------------------------------------------
Bill Frantz | The Internet was designed | Periwinkle -- Consulting
(408)356-8506 | to protect the free world | 16345 Englewood Ave.
frantz@netcom.com | from hostile governments. | Los Gatos, CA 95032, USA
