Not only that, but single DES with a 56 bit key is just not being used anymore in any company which has the slightest clue.
This is false, of course. Many companies with the slightest clue use single DES.
Well, maybe I should have said companies with the slightest clue *should* not be using 3DES, of course a lot of them are advised wrongly that single 56 bit DES is hard to break, indeed the succeptability of single DES to differential and linear cryptanalysis leaves me with a low level of condfidence about single DES period. Of course one could also say that by extension there is no reason why these methods of cryptanalysis could not be adapted to 3DES, I believe the NSA once claimed to have known about differential cryptanalysis since the 1970s??? in that case they are the ones who could, but won`t, tell you if in time 3DES can be broken by the same means as reduced round single DES.
Also, someone pointed out that the combined efforts probably had independently done 50% of the keyspace.
Yes, I think that even accounted for the expected duplication of keyspace searched by the different efforts, it was a resounding success overall.
If they can run a distributed crack on 3DES with independent subkeys then I`ll give them some attention.
I`m not downgrading the effort,
This is false, too. Doublespeak at it's finest.
Foo. I said I applauded the effort from a publicity point of view, it gets the message out there to the public that a bunch of guys with normal home PCs can break the encryption the government has been telling them is strong. From a technical point of view it is unsuprising, can you honestly tell me you were suprised a distributed crack got 56 bit DES??? Therefore there are two sides to it, it is a good thing, and <yawn>...>
significant publicity stunt that will get normal non-specialist people thinking about the export laws, and about how quickly DES can be broken by the government if it can be broken by a few guys on the internet in months. All I am saying is that looking at it from a purely scientific point of view it is not a great cryptanalytic achievement, merely a PR stunt.
It is a *GREAT* achievement on several fronts, crypto included. Another front that was equally important, IMO was as a demonstration of what loosely coordinated distributed computing can do.
Yes, I do in fact, and I had not really considered this side of it so I thank you for bringing it to my attention, recognise the significance of the achievement from the distributed computing angle, it could so easily have gone spaghetti-wise. I just don`t recognise any real groundbreaking achievement in crypto terms, but of course it cost nothing, a hardware crack would have done it in days, but that is a different matter altogether, in both financial and PR terms, it would not be that impressive to crack DES with a custom DES cracker Wiener style, the real PR coup is that it was broken by an average home PC. Datacomms Technologies data security Paul Bradley, Paul@fatmans.demon.co.uk Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: FC76DA85 "Don`t forget to mount a scratch monkey"