Xref: utzoo comp.misc:5382 sci.crypt:1635 Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!decwrl!sun!imagen!atari!portal!uunet!mcvax!kth!draken!tut!tucos!abo.fi!vinsci From: vinsci@abo.fi (Leonard Norrgard) Newsgroups: comp.misc,sci.crypt Subject: Re: DES Busting Message-ID: <6096@abo.fi> Date: 6 Mar 89 03:30:01 GMT References: <15057@cup.portal.com> <5555@abo.fi> Organization: Abo Academy, Finland Lines: 54 In article <5555@abo.fi>, vinsci@abo.fi (Leonard Norrgard) writes: > [cross-posted to comp.os.vms & comp.misc] > > In article <15057@cup.portal.com>, Tim_C_May@cup.portal.com writes: >> Saying that a Cray can do it in tens of hours is wrong (roughly 10 to the >> 17th keys need to be examined...figure it from there). > > I remember someone stating that DES had been broken over in the USSR, > with a PC, in only a few hours. *IF* my memory serves me right, the algorithm > (cluster-something) was published in one of their journals. Also, in the > message, probably posted in sci.crypt or comp.os.vms (info-vax), the name of > the journal was given. > > I searched my arhive, but had no luck. Anyone else remembering this? The answer showed up in comp.os.vms: >Newsgroups: comp.os.vms >Subject: Re: DES Busting >From: jensen%hsr.uninett@NORUNIX.BITNET ("Tarjei T. Jensen") >Date: 3 Mar 89 07:20:00 GMT > >This is what I found on the spring 87 vax tape. I believe that it also appears >on the recent Languages and Tools SIG tape. >=============================================================================== > > Data Encryption Standard > > The NSA has announced that the Data Encryption Standard, or >DES for short, would not be supported when it expired. Various banks >have pushed for its retention on the grounds that it's secure enough >for the time being. > This is to advise all and sundry that in the 1979 to 1980 period >there appeared an article in the Proceedings of the Soviet Academy of >Science giving a simple way of pruning decision trees for DES ciphers >which describes equivalence classes of keys and allows greatly reduced >processing to break a DES cipher. The reduction in processing is such >that breaking a DES cipher would amount to on order 1.5 hours on a >standard IBM PC. There have been rumors that such a program is in >circulation and that a copy of it at NSA led to its withdrawal of >support for DES. > Be advised that DES is EXTREMELY likely to be vulnerable and >that other crypto methods are probably needed to secure data. > The Soviet article goes on to give some conditions on the >factors used for public key encryption which prevent or allow easy >breaking of those ciphers, so it is probably required reading for anyone >serious about protecting information. > I suppose that anybody with DES-protected data understands how they should feel about this. -- Leonard Norrgaard, vinsci@abo.fi, vinsci@finabo.bitnet, +358-21-654474, EET.