Time to exhaustively break 40-bit RC4?
Raph Levien
raph at netcom.com
Mon Dec 12 16:01:07 PST 1994
The SSL documents say that exhaustively searching 40 bits of RC4
keyspace takes 64 MIPS-years. When I brought this figure up at the
cpunks meeting, it was roundly derided. However, I think it might be a
sound estimate.
The key schedule operation in RC4 does 256 "swap" operations. Let's
say it takes four instructions to do each swap. So, it's 2000
instructions per key. A one-MIPS processor can search 500 keys a
second. There are about 30 million seconds in a year, so that's 15
billion keys a year. 40 bits is a trillion keys, so it works out to 66
years, which is well within the Pentium-style accuracy of the
calculations I've done.
Am I missing something here?
On the second floor of Soda Hall are about 100 HP Snake
workstatations. I think they're about 100 MIPS each. During the winter
break, they will be sitting mostly unused. If the math checks out,
they should be able to search keyspace in two and a half days. Anyone
wanna do some cracking?
Raph
More information about the cypherpunks-legacy
mailing list