Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!lll-crg!nike!ucbcad!ucbvax!brahms!desj
From: desj@brahms.BERKELEY.EDU (David desJardins)
Newsgroups: net.arch,net.crypt
Subject: Re: VERY LARGE main memories: cryptography
Message-ID: <15505@ucbvax.BERKELEY.EDU>
Date: Tue, 2-Sep-86 05:09:15 EDT
Article-I.D.: ucbvax.15505
Posted: Tue Sep  2 05:09:15 1986
Date-Received: Tue, 2-Sep-86 20:59:19 EDT
References: <1130@bu-cs.bu-cs.BU.EDU> <2289@peora.UUCP> <1046@hoptoad.uucp>
Sender: usenet@ucbvax.BERKELEY.EDU
Reply-To: desj@brahms.UUCP (David desJardins)
Organization: University of California, Berkeley
Lines: 20
Xref: mnetor net.arch:2928 net.crypt:566

In article <1046@hoptoad.uucp> gnu@hoptoad.uucp (John Gilmore) writes:
>This is certainly a useful technique in cryptography.  Someone wrote
>a paper on how to break DES that involved writing many megabytes of stuff
>on magtape so you could get it back quickly later when breaking an
>encrypted message.  Things would be a lot more tractable if the table
>was in RAM instead.
>
>Even a medium sized company or country could probably buy enough RAM
>to decrypt DES quickly.

   While I'm not a big fan of DES, I don't think this is very accurate.
Unless there is some radically new method that no one outside NSA knows
about (I'm not ruling this out; it just seems that there is no sensible
way to discuss it), there is no way that a single-processor machine is
going to break DES in a reasonable period of time.  And that is what
this discussion is about, large single-processor (or perhaps a few
processors, but not hundreds or thousands) machines with large amounts
of memory.

   -- David desJardins