[RC5] What if RC5-64 is done

Sani Huttunen ckret at home.se
Tue Jun 5 01:21:37 EDT 2001


Yo.

Jon... A Secret stays secret until someone discovers that secret.

Three years before anyone had heard of RSA and Public-Key cryptography
the British discovered Public-Key cryptography and kept that a secret
for some 20 years. The discoveries went to Diffie, Hellman, Merkle,
Rivest, Shamir and Adleman instead.

Here's an example:
CIA is, as you all might know, very interested in the whereabouts of one
Osama Bin Laden. What if you retrieve a document indicating his
hideouts? The document is of course encrypted. For how long hasn't the
CIA tried to catch Osama Bin Laden? If they could crack the document
within a few years they'd be happy to do so, even if it took them 10
years. They would still pursue other ways of catching him but the
cracking of the document might lead them directly to him.

Here's another example:
What if CIA catches Osama Bin Laden and they also seize a number of
encrypted documents possibly indicating his involvement in the World
Trade Centre bombing. Wouldn't it be worth cracking the documents for as
long as it takes?

You argue that there are too many other ways of retrieving information.
Let's say they torture Osama Bin Laden to confess. This can't be used as
evidence since torture is not permitted legally. This only assures CIA
that they are correct but they still have to have the documents. If
these are they only existing documents there are no other ways of
getting them other than cracking them or getting the key. Torturing
Osama Bin Laden is still no way of retrieving they key since then the
documents themselves will not be accepted as evidence.

Now if you are still arguing that secrets stay secret for less then a
year, I'd really like to hear your arguments.

Hmmm... I wonder how long it will take until CIA bursts through my door
because of the extensive use of the name Osama Bin Laden. Ha! I used it
again. I hope at least a red flag goes up at the CIA and some moron over
there will have to read my comments. :)

/CK

-----Original Message-----
From: owner-rc5 at lists.distributed.net
[mailto:owner-rc5 at lists.distributed.net] On Behalf Of Jon Back
Sent: den 3 juni 2001 02:40
To: rc5 at lists.distributed.net
Subject: Re: [RC5] What if RC5-64 is done

Hey, I'm no spy or spook, but I seriously doubt any "intelligence
agency"
would spend a full year to crack any one message. Secrets don't stay
secret
for that long. My guess would be that if the NSA / CIA / KGB / Mossad
etc...
can't crack it in 30 days, they won't spend the time. Too many other
ways to
get information in less time. Cost really isn't the issue, just time.

Jon "too many spy novels" B

----- Original Message -----
From: "Mathieu Gilbert" <wilbrod at videotron.ca>
To: <rc5 at lists.distributed.net>
Sent: Saturday, June 02, 2001 12:45 PM
Subject: Re: [RC5] What if RC5-64 is done



>An organization with size, money and intent could build a much more
directed
>engine without all these variables, and could attack the problem much
more
>quickly. It is rumored that the (U.S.) National Security Agency has
built a
>dedicated RC5 (DES, 3DES, ECC, pick your flavor) engine to permit
examination
>of encrypted traffic. With the state of the art where it is, it is very
>doubtful they can plug in an encrypted message and read it the next
day.
>However, if a message is perceived to be important enough, it could be
worth
>the investment of a year's time to extract the message. Likewise for a
>multinational corporation, to read an encrypted message worth $10B, an
cash
>investment of $10M seems reasonable.

On the main page of distributed.net we can read

"distributed.net's computing power has grown to
become equivalent to that of more than 160000 PII 266Mhz computers
working 24 hours a day, 7 days a week, 365 days a year!"

I doubt an organization could really build something A LOT stronger than
this, able to crack a 64 bits encryption in a year or so ??


Mathieu

--
To unsubscribe, send 'unsubscribe rc5' to
majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest




--
To unsubscribe, send 'unsubscribe rc5' to
majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest


--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list