Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!rutgers!sri-spam!ames!ucbcad!ucbvax!ernie.Berkeley.EDU!rotondo From: rotondo@ernie.Berkeley.EDU (Scott Rotondo) Newsgroups: sci.crypt Subject: Re: DES info wanted Message-ID: <18742@ucbvax.BERKELEY.EDU> Date: Wed, 6-May-87 17:01:52 EDT Article-I.D.: ucbvax.18742 Posted: Wed May 6 17:01:52 1987 Date-Received: Sat, 9-May-87 01:18:53 EDT References: <2071@hoptoad.uucp> <599@umnd-cs.D.UMN.EDU> Sender: usenet@ucbvax.BERKELEY.EDU Reply-To: rotondo@ernie.Berkeley.EDU.UUCP (Scott Rotondo) Distribution: world Organization: University of California, Berkeley Lines: 52 Keywords: DES, uses other In article <599@umnd-cs.D.UMN.EDU> pkenny1@ub.UUCP (Pat "Hack #2" Kenny) writes: > 1. How much is DES used and who uses it? DES is widely used for commercial and government (non-military) encryption. It is due to be recertified in a year or two, and chances are it will not be considered to be secure enough. The new scheme the NSA is pushing puts them in the role of key distributor, and it keeps the algorithm secret. Not the way to do a realistic encryption system. At any rate, assuming it is not recertified, current levels of usage should decline (except electronic banking, see below). > 2. Does anybody really know what the numbers in the S-Boxes are and where > they got them. Everyone knows what the numbers in the S-boxes are (you had to know to write your program), but how they arrived at those numbers is still classified. > 3. Where is the DES implemented? I heard about it being put into those > instant cash machines, is that true? DES is the standard system used in electronic funds transfers, including automated tellers. This is the one area where the NSA proposes that the government continue to use DES, as the Treasury Dept. does a lot of funds transfers. > 4. Does anybody know about the DES and unix, I know they use it there, but > how much did they change it? DES is used in the Unix crypt(3) function (NOT crypt(1)) to encode passwords. The algorithm is DES except that the initial permutation is altered to one of 4096 possibilities by the first two characters in the passwd file entry, known as "salt" bits. This makes it impossible to encrypt common words and then check them against all the passwd entries looking for a match. > 5. What does the NSA know about the DES that we don't? Do they have a machine > to crack it? The main thing that NSA knows is the way in which the S-box numbers were derived. There has been speculation without proof that there is a trap door here to allow the NSA to crack it. There has also been speculation that the NSA cannot crack DES, and that is why they are pushing for a new standard where they control the keys and the algorithm. > 6. Are there any DES jokes or other names for DES? The only other name I can think of is Digital Encryption Standard, which some people think DES stands for instead of Data Encryption Standard. Hope this is helpful. -- Scott