DES

[John Nieder]

 * Reply to msg originally in Cypherpunks              <INET>
 marc at Athena.MIT.EDU (Marc Horowitz) writes:

 BK> I also believe that nobody's security is perfect, and that if
 BK> something as big as DES was broken, even at the NSA, we would have
 BK> heard about it.  If the world banking industry trusts DES for their
 BK> trillions of dollars a day, I'm willing to trust it for my little,
 BK> insignificant messages.

I'm surprised that you haven't had 53 replies to this already, but in
that you haven't I suppose I ought not let this go by unchallenged.
        In a _MicroTimes_ article by Jim Warren of the EFF, the
unreliability of DES was discussed at length.  In a nutshell, Marty
Hellman of Stanford broke the "unbreakable" 54-bit DES _prior to its
adoption as a standard_.  He promoted the idea of a 64-bit DES instead,
but was _opposed by the NSA_ for reasons we can all speculate upon at
length.  This opposition is the basis of the rumors (?) of DES being
backdoored by the NSA.  The upshot was that DES was adopted _after_
being demonstrably compromised.
        The postscript to this is that Hellman's proposed "unbreakable"
64-bit DES variant was later cracked as well.
        The post-postscript is an apocryphal story I personally got from
an Israeli communications tech and minor spook.  He claimed that DES was
broken by the cryptanalytic arm of Israeli intelligence _in two hours_.
        It is relatively certain that a DES-encrypted cyphertext can be
easily decrypted by well-equipped agencies.  Whether decryption is now
trivially accomplished by private parties is another question.

        JN

... "He isn't my president & these aren't my people."
--- Blue Wave/Opus v2.12 [NR]
--  
John Nieder - via FidoNet node 1:125/555
    UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder
INTERNET - John.Nieder at f33.n125.z1.FIDONET.ORG