In
cryptographyCryptography is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering...
, the
EFF DES cracker (nicknamed "
Deep Crack") is a machine built by the
Electronic Frontier FoundationThe Electronic Frontier Foundation is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving the right to freedom of speech, such as protected by the First Amendment to the United States Constitution, in the...
(EFF) in 1998 to perform a
brute forceIn cryptography, a brute force attack is a strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found....
search of
DESThe Data Encryption Standard is a block cipher that was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key algorithm...
cipher's
key spaceIn cryptography, an algorithm's key space refers to the set of all possible keys that can be used to initialize it. For example, if an algorithm works using a key that is a string of 10 bits, then its key space is the set of all binary strings of length 10....
— that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that DES's key is not long enough to be secure.
DES uses a 56-bit
keyIn cryptography, key size or key length is the size of the key used in a cryptographic algorithm . An algorithm's key length is distinct from its cryptographic security, which is a logarithmic measure of the fastest known computational attack on the algorithm, also measured in bits...
, meaning that there are 2
56 possible keys under which a message can be encrypted.
In
cryptographyCryptography is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering...
, the
EFF DES cracker (nicknamed "
Deep Crack") is a machine built by the
Electronic Frontier FoundationThe Electronic Frontier Foundation is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving the right to freedom of speech, such as protected by the First Amendment to the United States Constitution, in the...
(EFF) in 1998 to perform a
brute forceIn cryptography, a brute force attack is a strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found....
search of
DESThe Data Encryption Standard is a block cipher that was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key algorithm...
cipher's
key spaceIn cryptography, an algorithm's key space refers to the set of all possible keys that can be used to initialize it. For example, if an algorithm works using a key that is a string of 10 bits, then its key space is the set of all binary strings of length 10....
— that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that DES's key is not long enough to be secure.
Background
DES uses a 56-bit
keyIn cryptography, key size or key length is the size of the key used in a cryptographic algorithm . An algorithm's key length is distinct from its cryptographic security, which is a logarithmic measure of the fastest known computational attack on the algorithm, also measured in bits...
, meaning that there are 2
56 possible keys under which a message can be encrypted. This is exactly 72,057,594,037,927,936, or approximately 72 quadrillion, possible keys. When DES was approved as a federal standard in 1976, a machine fast enough to test that many keys in a reasonable time would have cost an unreasonable amount of money to build.
The DES challenges
Since DES was a federal standard, the US government encouraged the use of DES for all non-classified data.
RSA SecurityRSA, The Security Division of EMC Corporation, is headquartered in Bedford, Massachusetts, United States, and maintains offices in Australia, Ireland, Israel, the United Kingdom, Singapore, India, China, Hong Kong and Japan....
wished to demonstrate that DES's key length was not enough to ensure security, so they set up the
DES ChallengesThe DES Challenges were a series of brute force attack contests created by RSA Security for the purpose of highlighting the lack of security provided by the Data Encryption Standard.-The Contests:...
in 1997, offering a monetary prize. The first DES Challenge was solved in 96 days by the
DESCHALL ProjectDESCHALL, short for DES Challenge, was the first group to publicly break a message which used the Data Encryption Standard , becoming the $10,000 winner of the first of the set of DES Challenges proposed by RSA Security in 1997...
led by Rocke Verser in
Loveland, ColoradoLoveland is a Home Rule Municipality that is the second most populous city in Larimer County, Colorado, United States. Loveland is situated north of the Colorado State Capitol in Denver. Loveland is the 14th most populous city in Colorado. The United States Census Bureau estimates that in 2005 the...
. RSA Security set up DES Challenge II-1, which was solved by
distributed.netdistributed.net is a worldwide distributed computing effort that is attempting to solve large scale problems using otherwise idle CPU or GPU time. It is officially recognized as a non-profit organization under U.S...
in 41 days in January and February 1998.
In 1998, the EFF built Deep Crack for less than $250,000. In response to DES Challenge II-2, on July 17, 1998, Deep Crack decrypted a DES-encrypted message after only 56 hours of work, winning $10,000. This was the final blow to DES, against which there were already some published cryptanalytic attacks. The brute force attack showed that cracking DES was actually a very practical proposition. For well-endowed governments or corporations, building a machine like Deep Crack would be no problem.
Six months later, in response to RSA Security's DES Challenge III, and in collaboration with
distributed.netdistributed.net is a worldwide distributed computing effort that is attempting to solve large scale problems using otherwise idle CPU or GPU time. It is officially recognized as a non-profit organization under U.S...
, the EFF used Deep Crack to decrypt another DES-encrypted message, winning another $10,000. This time, the operation took less than a day — 22 hours and 15 minutes. The decryption was completed on January 19, 1999. In October of that year, DES was reaffirmed as a federal standard, but this time the standard recommended
Triple DESIn cryptography, Triple DES is the common name for the Triple Data Encryption Algorithm block cipher defined in each of:* * *...
(also referred to as 3DES or TDES).
The small key-space of DES, and relatively high computational costs of triple DES resulted in its replacement by
AESIn cryptography, the Advanced Encryption Standard is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. Each AES cipher has a 128-bit block size, with...
as a Federal standard, effective May 26, 2002.
Technology
Deep Crack was designed by
Cryptography Research, Inc.Cryptography Research, Inc.. is a San Francisco based cryptography company specializing in applied cryptographic engineering, including technologies for building tamper-resistant semiconductors. The company licenses patents for protecting cryptographic devices against power analysis attacks...
; Advanced Wireless Technologies and the
EFFThe Electronic Frontier Foundation is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving the right to freedom of speech, such as protected by the First Amendment to the United States Constitution, in the...
. The principal designer was
Paul KocherPaul Carl Kocher is an American cryptographer and cryptography consultant, currently the president and chief scientist of Cryptography Research, Inc....
, president of
Cryptography ResearchCryptography Research, Inc.. is a San Francisco based cryptography company specializing in applied cryptographic engineering, including technologies for building tamper-resistant semiconductors. The company licenses patents for protecting cryptographic devices against power analysis attacks...
. Advanced Wireless Technologies built 1856 custom
ASICASIC may refer to:* Application-specific integrated circuit, an integrated circuit customized for a particular use, rather than intended for general-purpose use* ASIC programming language, a dialect of BASIC...
DES chips (called
Deep Crack or
AWT-4500), housed on 29 circuit boards of 64 chips each. The boards were then fitted in six cabinets and mounted in a
Sun-4/470Sun-4 is a series of Unix computer workstations and servers produced by Sun Microsystems, launched in 1987. The original Sun-4 series were VMEbus-based systems similar to the earlier Sun-3 series, but employing microprocessors based on Sun's own SPARC V7 RISC architecture in place of the 68k family...
chasis. The search was coordinated by a single PC which assigned ranges of keys to the chips. The entire machine was capable of testing over 90 billion keys per second. It would take about 9 days to test every possible key at that rate. On average, the correct key would be found in half that time.
In 2006, another
custom hardware attackIn cryptography, a custom hardware attack uses specially designed electronic circuits to decipher encrypted messages.Mounting a cryptographic brute force attack requires a large number of similar computations: typically trying one key, checking if the resulting decryption gives a meaningful answer...
machine was designed based on FPGAs. COPACOBANA (COst-optimized PArallel COdeBreaker) shows a similar performance as Deep Crack at considerably lower cost. This advantage is mainly due to progress in IC technology.
External links