[2990] in cryptography@c2.net mail archive
Re: Turing Bombe story
daemon@ATHENA.MIT.EDU (Steve Bellovin)
Fri Jul 17 14:04:57 1998
To: "Scott G. Kelly" <skelly@redcreek.com>
cc: Carl Ellison <cme@acm.org>, Steve Reid <sreid@alpha.sea-to-sky.net>,
Marcus Leech <Marcus.Leech.mleech@nt.com>, cryptography@c2.net
Date: Fri, 17 Jul 1998 13:04:07 -0400
From: Steve Bellovin <smb@research.att.com>
In message <35AF7F09.58D0D4FC@redcreek.com>, "Scott G. Kelly" writes:
> Steve Bellovin wrote:
> > A DES-cracking machine? Well, it's now been done -- John Gilmore
> > and Paul Kocher designed and built a brute-force DES cracker.
> > The project cost $250,000, according to Markoff's story in the
> > NY Times -- see
>
> <trimmed...>
>
> Next question: What are the implications for 3DES? How about skipjack?
This particular attack has no implications for either 3DES or Skipjack,
because it was a brute-force search. 3DES, even at 112 bits, is likely
out of reach of any exhaustive search. Skipjack, at 80 bits, is another
matter. Moore's Law says that we'll get a constant-cost successor that
can tackle 80 bits in ~36 years. But DES was arguably crackable
over 20 years ago, which means that a well-funded enemy should be able
to attack Skipjack in ~15 years.
I could go on, but the best thing to do is to read the key length report
done by Blaze et al. a couple of years ago.
