[RC5] We need strong international encryption!

schoen at uclink4.Berkeley.EDU schoen at uclink4.Berkeley.EDU
Sun Jul 19 15:47:31 EDT 1998

Greg Wooledge writes:

> Greg Ackerson (jogar at bigfoot.com) wrote:
> > At the rate the DES Cracker broke DES-II-2, it could break a 40-bit code 
> > in 3 seconds.
> There is no such thing as a 40-bit DES key.  DES keys are *always* 56
> bits, never bigger or smaller.  Also note that EFF's "Deep Crack" machine
> can *only* handle DES -- it's got dedicated DES-cracking hardware chips,
> so it can't be used on RC5 or GIMPS or any other project.

There was some comment from the EFF about cryptosystems which use DES with
only 40 bits, along the lines of a header which says

"This is a DES-encrypted message, whose key is these 16 bits, BA32, followed
by 40 unknown bits."

I understand that some exportable products use 128-bit ciphers but intentionally
leak all but 40 of the bits, or use them hard-coded to a particular disclosed
value.  So you can use a particular technology but weaken it to a shorter
keylength this way.  Or, perhaps, all but 40 bits might be escrowed with a
law-enforcement agency; the 40-bit remainder is easily breakable by them.

The EFF machine is directly useful against anything which uses DES weakened
in this way to 40 bits, if there are really such products.

   Seth David Schoen L&S '01 (undeclared) / schoen at uclink4.berkeley.edu
Magna dis immortalibus habenda est atque huic ipsi Iovi Statori, antiquissimo
custodi huius urbis, gratia, quod hanc tam taetram, tam horribilem tamque
infestam rei publicae pestem totiens iam effugimus.  -- Cicero, in Catilinam I
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list