In
cryptographyCryptography is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering...
, a
custom hardware attack uses specially designed electronic circuits to decipher
encrypted messagesIn cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
.
Mounting a cryptographic
brute force attackIn cryptography, a brute force attack is a strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found....
requires a large number of similar computations: typically trying one
keyIn cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would have no result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption...
, checking if the resulting decryption gives a meaningful answer and trying the next key if it does not. Computers can perform these calculations at a rate of millions per second, and thousands of computers can be harnessed together in a
distributed computingDistributed computing is a field of computer science that studies distributed systems. A distributed system consists of multiple autonomous computers that communicate through a computer network. The computers interact with each other in order to achieve a common goal...
network.
In
cryptographyCryptography is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering...
, a
custom hardware attack uses specially designed electronic circuits to decipher
encrypted messagesIn cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
.
Mounting a cryptographic
brute force attackIn cryptography, a brute force attack is a strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found....
requires a large number of similar computations: typically trying one
keyIn cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would have no result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption...
, checking if the resulting decryption gives a meaningful answer and trying the next key if it does not. Computers can perform these calculations at a rate of millions per second, and thousands of computers can be harnessed together in a
distributed computingDistributed computing is a field of computer science that studies distributed systems. A distributed system consists of multiple autonomous computers that communicate through a computer network. The computers interact with each other in order to achieve a common goal...
network. But the number of computations required on average
grows exponentiallyExponential growth occurs when the growth rate of a mathematical function is proportional to the function's current value...
with the size of the key and for many problems standard computers are not fast enough. On the other hand, many cryptographic algorithms lend themselves to fast implementation in hardware, i.e. networks of logic circuits or "gates."
Integrated circuitIn electronics, an integrated circuit is a miniaturized electronic circuit that has been manufactured in the surface of a thin substrate of semiconductor material...
s (ICs) are constructed of these gates and often can execute cryptographic algorithms hundreds of times faster than a general purpose computer.
Each IC can contain large numbers of gates (hundreds of millions in 2005) and the number continues to grow according to
Moore's lawMoore's Law describes a long-term trend in the history of computing hardware, in which the number of transistors that can be placed inexpensively on an integrated circuit has doubled approximately every two years...
. Thus the same decryption circuit, or
cell, can be replicated thousands of times on one IC. The communications requirements for these ICs are very simple. Each must be initially loaded with a starting point in the key space and, in some situations, with a comparison test value (see known plaintext attack). Output consists of a signal that the IC has found an answer and the successful key.
Since ICs lend themselves to mass production, thousands or even millions of ICs can be applied to a single problem. The ICs themselves can be mounted in
printed circuit boardA printed circuit board, or PCB, is used to mechanically support and electrically connect electronic components using conductive pathways, or traces, etched from copper sheets laminated onto a non-conductive substrate. It is also referred to as printed wiring board or etched wiring board...
s. A standard board design can be used for different problems since the communication requirements for the chips are the same. Wafer-scale integration is another possibility. The primary limitations on this method are the cost of
chip designIntegrated circuit layout, also known IC layout, IC mask layout, or mask design, is the representation of an integrated circuit in terms of planar geometric shapes which correspond to the patterns of metal, oxide, or semiconductor layers that make up the components of the integrated circuit.When...
, IC fabrication, floor space, electric power and thermal dissipation.
An alternative approach is to use FPGAs (
field-programmable gate arrayA field-programmable gate array is an integrated circuit designed to be configured by the customer or designer after manufacturing—hence "field-programmable"...
s); these are slower and more expensive per gate, but can be reprogrammed for different problems.
COPACOBANA (Cost-Optimized Parallel COde Breaker) is such machine, consisting of 120 FPGAs of type
XilinxXilinx, Inc. is the world's largest supplier of programmable logic devices, the inventor of the field programmable gate array and the first semiconductor company with a fabless manufacturing model....
Spartan3-1000 which run in parallel.
History
The earliest custom hardware attack may have been the
BombeThe bombe was an electromechanical device used by British cryptologists to help break German Enigma-machine-generated signals during World War II...
used to recover
Enigma machineAn Enigma machine is any of a family of related electro-mechanical rotor machines used for the encryption and decryption of secret messages. The first Enigma was invented by German engineer Arthur Scherbius at the end of World War I...
keys in
World War IIWorld War II, or the Second World War , was a global military conflict which involved a majority of the world's nations, including all great powers, organized into two opposing military alliances: the Allies and the Axis...
. In 1998, a custom hardware attack was mounted against the
Data Encryption StandardThe Data Encryption Standard is a block cipher that was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key algorithm...
cipher by the
Electronic Frontier FoundationThe Electronic Frontier Foundation is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving the right to freedom of speech, such as protected by the First Amendment to the United States Constitution, in the...
. Their "
Deep CrackIn cryptography, the EFF DES cracker is a machine built by the Electronic Frontier Foundation in 1998 to perform a brute force search of DES cipher's key space — that is, to decrypt an encrypted message by trying every possible key...
" machine cost U.S. $250,000 to build and decrypted the
DES Challenge II-2The DES Challenges were a series of brute force attack contests created by RSA Security for the purpose of highlighting the lack of security provided by the Data Encryption Standard.-The Contests:...
test message after 56 hours of work. The only other confirmed DES cracker was the
COPACOBANA machine (Cost-Optimized Parallel COde Breaker) built in 2006. Unlike Deep Crack, COPACOBANA consist of commercially available, reconfigurable integrated circuits. COPACOBANA costs about $10,000 to build and will recover a DES key in under 6.4 days on average. It is generally believed that large government code breaking organizations, such as the U.S.
National Security AgencyThe National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States government, administered as part of the United States Department of Defense. Created on November 4, 1952 by President Harry S...
, make extensive use of custom hardware attacks, but no examples have been
declassifiedClassified information is sensitive information to which access is restricted by law or regulation to particular classes of persons. A formal security clearance is required to handle classified documents or access classified data. The clearance process requires a satisfactory background investigation...
as of 2005.