[1124] in cryptography@c2.net mail archive
Re: Better DES challenge update
daemon@ATHENA.MIT.EDU (Eli Brandt)
Sun Jun 29 18:05:53 1997
To: crypto list <cryptography@c2.net>
Date: Sun, 29 Jun 1997 00:10:00 -0400 (EDT)
From: Eli Brandt <eli@gs160.sp.cs.cmu.edu>
In-Reply-To: <199706272201.SAA25446@crypto.com> from "Matt Blaze" at Jun 27, 97 06:01:53 pm
Matt Blaze wrote:
> Date: Mon, 23 Jun 1997 16:04:25 -0400
>
> I'm not a big fan of these ``challenges'' in which a prize is awarded
> to the first person who discovers the key that produces some
> plaintext/ciphertext pair. The effort required to produce a solution
> tends to grossly overstate the actual difficulty of searching the
> keyspace, since invariably the winner uses the idle time on
> general-purpose computers, which are poorly-optimized for use as
> keysearch engines.
>
> Another problem with challenges is that even when they are broken
> they don't really provide convincing proof that the keyspace was
> actually searched. [...]
[Clever challenge technique deleted]
This is a solution to the second problem, right? From the response to
DESCHALL's success, the first seems more pressing. The general
response I saw was "three months and *how* many computers?". (So much
for Sameer's nicely-spun press release.) I think people who will
raise the second issue probably how just how small 2^56 is, and don't
need to see a "challenge".
Hmm, I'll donate 1024 bits to building a low-end DES-cracking machine,
contingent on a plausible plan. After a demonstration, the consortium
sets a deadline at which des-is-dead.penet.fi goes online with a free
forms-based service, first-come/first-served. Strong crypto vendors
should fall all over themselves for ad space.
Okay, so maybe I'm getting a bit ahead of myself. How much design work
would have to be done first?
--
Eli Brandt | eli+@cs.cmu.edu | http://www.cs.cmu.edu/~eli/
