For those who have not yet heard....
>Return-Path: <cryptography-owner @
c2 .
net>
>X-Authentication-Warning: blacklodge.c2.net: majordom set sender to
owner-cryptography @
c2 .
org using -f
>From: Jeff Simmons <jsimmons @
goblin .
punk .
net>
>Subject: DESCHALL Press Release (fwd)
>To: cryptography @
c2 .
net
>Date: Wed, 18 Jun 1997 14:09:42 -0700 (PDT)
>Sender: owner-cryptography @
c2 .
net
>
>Forwarded message:
>>From owner-deschall-announce @
gatekeeper .
megasoft .
com Wed Jun 18 13:43:46
1997
>Date: Wed, 18 Jun 1997 14:09:11 -0600
>From: Rocke Verser <rcv @
dopey .
verser .
frii .
com>
>Message-Id: <199706182009 .
OAA06697 @
dopey .
verser .
frii .
com>
>To: deschall @
gatekeeper .
megasoft .
com
>Subject: DESCHALL Press Release
>Sender: owner-deschall @
gatekeeper .
megasoft .
com
>Precedence: bulk
>
> INTERNET-LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD
>
> LOVELAND, COLORADO (June 18, 1997). Tens of thousands of
>computers, all across the U.S. and Canada, linked together via the
>Internet in an unprecedented cooperative supercomputing effort to
>decrypt a message encoded with the government-endorsed Data Encryption
>Standard (DES).
>
> Responding to a challenge, including a prize of $10,000, offered by
>RSA Data Security, Inc, the DESCHALL effort successfully decoded
>RSADSI's secret message.
>
> According to Rocke Verser, a contract programmer and consultant who
>developed the specialized software in his spare time, "Tens of thousands
>of computers worked cooperatively on the challenge in what is believed
>to be one of the largest supercomputing efforts ever undertaken outside
>of government."
>
> Using a technique called "brute-force", computers participating in
>the challenge simply began trying every possible decryption key. There
>are over 72 quadrillion keys (72,057,594,037,927,936). At the time the
>winning key was reported to RSADSI, the DESCHALL effort had searched
>almost 25% of the total. At its peak over the recent weekend, the
>DESCHALL effort was testing 7 billion keys per second.
>
> Verser considers this project to be remarkable in two ways:
>
> One. This is the first time anyone has publicly shown that they
>can read a message encrypted with DES. And this was done with "spare"
>CPU time, mostly from ordinary PCs, by thousands of users who have never
>even met each other. U.S. government and industry will have to take a
>hard look at their cryptographic policies. "DES can no longer be
>considered secure against a determined adversary", Verser said.
>
> Two. This project demonstrates the kind of supercomputing power
>that can be harnessed on the Internet using nothing but "spare" CPU
>time. "Imagine what might be possible using millions of computers
>connected to the Internet!" Aside from cryptography and other obvious
>mathematical uses, supercomputers are used in many fields of science.
>"Perhaps a cure for cancer is lurking on the Internet?", said Verser,
>"Or perhaps the Internet will become Everyman's supercomputer."
>
>
> Under current U.S. government export regulations, and underscoring
>a problem faced by the U.S. software industry, the program that searched
>the keys could not be exported, except to Canada. A competitive effort,
>based in Sweden, sprang up well after the DESCHALL effort began. Able
>to "market" their keysearch software around the world, the Swedish
>effort caught up quickly, and had searched nearly 10 quadrillion keys by
>the end of the contest.
>
> ------------------------------------
>
> Verser agrees with the sentiment voiced in RSADSI's secret message:
>"Strong cryptography makes the world a safer place."
>
> Use of strong cryptography, both domestically and internationally,
>is essential in today's electronic world. "But not at the expense of a
>citizen's right to privacy." Verser adds, "Recent proposals for
>'key-recovery' and for criminalization of the use of cryptography have no
>place in a free society."
>
>
> Information about the DESCHALL effort is available from the
>official DESCHALL Web site at: <http://www.frii.com/~rcv/deschall.htm>
>
>
>
>MEDIA CONTACTS:
> Matt Curtin, (908) 431-5300 x 295, <cmcurtin @
research .
megasoft .
com>
>
>ALTERNATE:
> Rocke Verser, (970) 663-5629, <rcv @
dopey .
verser .
frii .
com>
>
>ALTERNATE:
> Justin Dolske, (614) 459-5194, <dolske .
1 @
osu .
edu>
>
> - 30 -
>
>
>
>
>
>
> INTERNET LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD
> Background / Sidebar, for Release dated June 18, 1997
>
> The Data Encryption Standard, DES, is a national standard, adopted
>in 1977. Use of DES is mandatory in most Federal agencies, except the
>military. DES is very widely used in the private sector, as well.
>
> Interbank wire transfers, Visa transactions, your medical and
>financial records, and your employer's financial data are some of the
>many things secured against prying eyes or against modification by DES.
>
> When the Data Encryption Standard was adopted in 1977, there was
>some question as to whether or not the Standard was adequate to protect
>confidential data.
>
> Matt Curtin, Chief Scientist for Megasoft, Inc. says, "This is
>proving by example, not by mathematical calculation, that DES can be
>broken with little or no cost." Curtin added, "Others could just as
>easily be attempting to gain access to multibillion dollar wire
>transfers."
>
>
>MEDIA CONTACTS:
> Matt Curtin, (908) 431-5300 x 295, <cmcurtin @
research .
megasoft .
com>
>
>ALTERNATE:
> Rocke Verser, (970) 663-5629, <rcv @
dopey .
verser .
frii .
com>
>
>ALTERNATE:
> Justin Dolske, (614) 459-5194, <dolske .
1 @
osu .
edu>
>
> - 30 -
>
>
>
>
>
>
>
> INTERNET LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD
> Background for Release dated June 18, 1997
>
> DESCHALL DATA SHEET
>
>DESCHALL Web site:
> <http://www.frii.com/~rcv/deschall.htm>
>
>Principal Organizer:
> Rocke Verser, self-employed contract programmer, Loveland, Colorado
>
>Team Leaders - Did "everything" Rocke didn't have time to do
> Matt Curtin, Chief Scientist, Megasoft Online
> Justin Dolske, Graduate Fellow / Research Associate, Ohio State Universtiy
>
>Team Contributors:
> Guy Albertelli, several "ports"
> Kelly Campbell, original Mac port
> Darrell Kindred, blazing fast bitslice clients
> Andrew Meggs, blazing fast Mac client
> Karl Runge, statistics and rankings
>
>Team Members:
> Dozens of people who contributed "shareware".
> Thousands of ordinary folks, who contributed "spare" CPU cycles.
>
>
>Project statistics:
> Start of contest: January 29, 1997
> Announcement of DESCHALL project: February 18, 1997
> End of contest: June 17, 1997
>
> Size of keyspace: 72,057,594,037,927,936
> Keys searched: 17,731,502,968,143,872
> Peak keys/day: 601,296,394,518,528
> Peak keys/second: 7,000,000,000 (approx)
>
> Peak clients/day: 14,000 (approx, based on IP address)
> Total clients, since start: 78,000 (approx, based on IP address)
>
>The computer that found the key:
> CPU: Pentium 90
> RAM: 16 megabytes
> Operating System: FreeBSD 2.2.1
> Speed (keys/second): 250,000 (approx)
> Client: FreeBSD v0.214, built March 12, 1997
> Owner: iNetZ Corporation, Salt Lake City, Utah
> Operator: Michael K. Sanders
>
>
>MEDIA CONTACTS:
> Matt Curtin, (908) 431-5300 x 295, <cmcurtin @
research .
megasoft .
com>
>
>ALTERNATE:
> Rocke Verser, (970) 663-5629, <rcv @
dopey .
verser .
frii .
com>
>
>ALTERNATE:
> Justin Dolske, (614) 459-5194, <dolske .
1 @
osu .
edu>
>
>
>--
>Jeff Simmons jsimmons @
goblin .
punk .
net
>
> Hey, man, got any spare CPU cycles? Help crack DES.
> http://www.frii.com/~rcv/deschall.htm
>����
>����
>
The opinions of the author of this mail may not necessarily be
representative of the opinions of Fortifed Networks, Inc.
Fortified Networks, Inc. - http://www.fortified.com/
Expert (vendor-neutral) Computer and Network Security Consulting
Phone: (317) 573-0800 Fax: (317) 573-0817
|
|
