[3066] in cryptography@c2.net mail archive
Re: DES Applicability Statement for Historic Status
daemon@ATHENA.MIT.EDU (John Gilmore)
Fri Jul 24 12:46:15 1998
To: William Allen Simpson <wsimpson@greendragon.com>
cc: cryptography@c2.net, gnu@cygnus.com, barrys@eff.org
In-reply-to: <v03130300b1dbcfdb2bef@[207.75.184.71]>
Date: Fri, 24 Jul 1998 01:59:25 -0700
From: John Gilmore <gnu@toad.com>
> The reported cost of non-recurrent engineering and first prototype
> for the EFF machine was 250 thousand US Dollars, and can recover any
> key in under 7 days. Additional machines can be built for 50 thou-
> sand US Dollars [???]. This amount is well within the reach of most
> small organizations.
These are incorrect. The $50K number was a mistake by Barry
Steinhardt; a second machine of similar speed would cost approximately
what the first one did. We learned things in building the prototype,
that you would want to fix in a second unit. If someone invested in
mass production, the price would drop, but the orders that would
justify that investment haven't been streaming in yet. If sufficient
orders came in, for $50K you might be able to buy a slower unit --
with fewer Deep Crack chips -- but that would throw off your
calculations anyway. How about:
The cost of the non-recurrent engineering and first prototype
for the EFF machine was 250 thousand US Dollars, and can recover any
key in under 10 days. Additional machines can be built for the same
or a lower cost. This amount is well within the reach of most
small organizations.
Other figures in the draft should be adjusted to match.
I would also add a paragraph something like this to the "Value" section:
A number of algorithms are likely to provide significantly higher
protection for valuable information, at a cost very close to the cost
of DES encryption. [Refer to RFC's for better transforms.] There
is no comparative advantage and significant disadvantage in using
the single-DES algorithm.
John
