Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site randvax.ARPA
Path: utzoo!watmath!clyde!akgua!mcnc!decvax!ittvax!dcdwest!sdcsvax!bmcg!cepu!trwrba!trwrb!sdcrdcf!randvax!obrien
From: obrien@randvax.UUCP
Newsgroups: net.lang.c
Subject: Re: DES Breakability / Re: CBenson's Data Encryption Algorithm
Message-ID: <1781@randvax.ARPA>
Date: Fri, 4-May-84 09:26:51 EDT
Article-I.D.: randvax.1781
Posted: Fri May  4 09:26:51 1984
Date-Received: Tue, 8-May-84 07:15:03 EDT
References: <726@ihuxx.UUCP>, <3220@fortune.UUCP>
Organization: Rand Corp., Santa Monica
Lines: 19

This discussion properly belongs in net.crypt, but as I've recently
heard new info on this I "just had" to post a reply.

I recently asked someone about this who's in a position to know, and he
told me that the NSA believes it would take them 10 years using
top-of-the-line equipment to break a DES message.

The NSA position is a matter of public record in Congressional testimony
of three or four years ago: as presented to them by IBM, the DES algorithm
had holes (very large ones) in it.  They tightened it up, and shortened
the key because it really didn't HAVE to be 64 bits.

For the truly paranoid, the standard specifies an optional double-length
key, which should about take care of any hope of ever decrypting the thing.

Now of course, anyone can believe what they want.  I tended to believe,
myself, that the NSA probably DID cut the key length so that they could
break anything that came their way if they truly wanted to.  Now, I'm not
so sure.  I tend to believe that this fellow was giving me the straight dope.