Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site fortune.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxl!ihnp4!fortune!phipps
From: phipps@fortune.UUCP (Clay Phipps)
Newsgroups: net.lang.c
Subject: DES Breakability / Re: CBenson's Data Encryption Algorithm
Message-ID: <3220@fortune.UUCP>
Date: Thu, 3-May-84 16:16:49 EDT
Article-I.D.: fortune.3220
Posted: Thu May  3 16:16:49 1984
Date-Received: Fri, 4-May-84 05:18:47 EDT
References: <726@ihuxx.UUCP>
Organization: Fortune Systems, Redwood City, CA
Lines: 21

The notion that the DES is intended to be breakable
by US Government agencies is supported by the surprising use of 56 bits,
rather than the more obvious nearby number, 64, for the key size.  
Just about any machine that stores 56 bits of key conveniently 
is likely to have 8 unused, because of the predominance
of 16, 32, and 64-bit word sizes in current computer architectures.
Much of the early work on DES was carried out by NBS and IBM Research;
56 is certsinly not a convenient number of bits for IBM mainframes, but 64 is.

Apparently, the unused 8 bits would have made decryption intractable
even to the US Government (if those bits had been used).

This comment is based on hazily remembered info from draft versions of the DES;
if the key size was expanded to 64 bits in the final standard,
I'm sure that someone will correct me.

-- Clay Phipps

-- 
   {cbosgd decvax!decwrl!amd70 harpo hplabs!hpda ihnp4 sri-unix ucbvax!amd70}
   !fortune!phipps