RSADSI today announced a new multiple-stage contest which will reward those who crack DES ciphertext more quickly than other contestants. See: http://www.rsa.com/rsalabs/ "Our original DES Challenge showed DES was crackable using an exhaustive search attack," said Jim Bidzos, president of RSA. "Now the goal is to see how quickly an exhaustive search attack can be accomplished to help judge the true vulnerability of DES...." As the feds begin, ever so slowly, the process of selecting a replacement for DES, the RSA contest seem likely to both document and illustrate how quickly DES can be cracked. Bidzos, continuing his campaign to be nominated MAF (Most Admired Fellow) at Ft. Meade, announced that the first "DES Challenge II" contest would be launched at 9:00 AM (PST) -- just before the start of the annual RSA Data Security Conference in S.F. "The goal of each contest is not only to recover the secret key used to DES-encrypt a plain-text message, but to do so faster than previous winners in the series," explained an RSA press release. "As before, a cash prize will be awarded for the first correct entry received. Unlike previous contests, the amount of the prize will be based on how quickly the key is recovered. " RSA's T&Cs for DES Challenge II: "Twice a year, on January 13 and July 13, at 9:00 A.M. Pacific time, a new contest will be posted on the home page of RSA's Web site (http://www.rsa.com). "The contest will consist of the ciphertext produced by DES-encrypting some unknown plain-text message that has a fixed and known message header. The secret key will be generated at random and then destroyed within the contest-generating software so that no one, not even the contest administrators, will know what it is. "The first entrant to recover the key wins, but the amount of the prize will depend on how fast the key was recovered. "If the time required is less than or equal to 25 percent of the previous winner's time, the prize is $10,000. If the time is greater than 25 percent, but less than or equal to 50 percent of the previous winner's time, the prize is $5,000. Finally, if the time is greater than 50 percent, but less than or equal to 75 percent of the previous winner's time, the prize is $1,000. There is no prize for times greater than 75 percent of the previous winner's time. "The 'previous winner's' time that will be used for the first contest is 90 days." "Cryptography is like literacy in the Dark Ages. Infinitely potent, for good and ill... yet basically an intellectual construct, an idea, which by its nature will resist efforts to restrict it to bureaucrats and others who deem only themselves worthy of such Privilege." _ A thinking man's Creed for Crypto/ vbm. * Vin McLellan + The Privacy Guild + <vin@shore.net> * 53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548