Federal Key Registration Agency
Raph Levien
raph at cs.berkeley.edu
Fri Jun 21 21:23:58 PDT 1996
Perry E. Metzger wrote:
>
> Michael Froomkin writes:
> > I have seen the text of the speech. The wire service accounts wildly,
> > wildly exaggerate. This is a non-story...except for AG Reno's assertion
> > that it would take the government a year to break one DES message with a
> > "supercomputer". She presumably believes this. We know the number for
> > known plaintext attacks, but assuming you don't have a known plaintext,
> > what's a more reasonable assumption?
>
> Known plaintext isn't needed for any brute force DES attack. Indeed,
> our own Dave Wagner showed in a paper not that long ago how to
> automate the process of detecting a good key.
>
> The numbers in the Blaze et al paper are very realistic on this. A
> year is total bull -- not even within several orders of magnitude of
> accuracy.
Further, known plaintext is actually a very reasonable assumption. In
S/MIME, for example, the first 8-byte block of text is almost certain to
be 43 6f 6e 74 65 6e 74 2d, (i.e. the string "Content-"). This makes the
process of analyzing the results trivial.
Raph
More information about the cypherpunks-legacy
mailing list