A civil-liberties organization in San Francisco has taken only 56 hours to decipher a message secured with the government’s 56-bit Data Encryption Standard (DES). The challenge was posed by RSA Data Security Inc, which holds a decryption contest every six months on January and July. The Electronic Frontier Foundation’s DES Cracker triumphed over internet rival distributed.net, a virtual network of thousands of PCs, servers and supercomputers harnessing spare cycles and communicating over the internet. Distributed cracked RSA’s RC5 algorithm in October 1997 and succeeded in the first DES II challenge in February 1998. But the collective had hardly begun handing out client software to its volunteers when the EFF announced on Wednesday night that it had deciphered the latest message, posted on Monday at 9am. Representatives for the EFF say DES Cracker’s defeat of distributed.net is less significant than its exposure of massive inconsistencies in government policies on strong encryption. Internet users have celebrated distributed.net as a fruitful use of spare processing cycles, but law enforcement officials have placed a very different complexion its activities. In a bizarre inversion of common sense, FBI director Louis Freeh used the example of distributed.net to argue that existing cryptography is too strong to be allowed to proliferate in the private sector. If we hooked together thousands of computers and worked together over 4 months we might, as was recently demonstrated decrypt one message bit, he told Congress in June last year, that is not going to make a difference in a kidnapping case, it is not going to make a difference in a national security case. We don’t have the technology or the brute force capability to get to this information. In June this year Robert Litt, principal associate deputy attorney general, echoed Freeh’s words: For example, decrypting one single message that had been encrypted with a 56- bit key took 14,000 Pentium-level computers over four months; obviously, these kinds of resources are not available to the FBI. Both Litt and Freeh were referring to distributed.net’s success in cracking DES, and both are talking through their hats. Distributed was notable because it exploited unused computing power in an innovative way. DES Cracker demonstrates how immensely more effective and cost-efficient a dedicated codebreaker can be. The machine is based on 1500 Deep Crack chips, designed specifically to break DES, running in parallel and controlled by a PC running Linux. The whole system was built for less than $250,000, and because a lot of that money was spent on research, the EFF estimates the cost of a clone at $50,000. What is alarming about DES Cracker is that cryptographers have known for many years that such a machine can be built. Counterpane Systems CEO Bruce Schneier, who provided test algorithms to the DES Cracker effort, says: This is boring technology, it’s dumb maths, it’s old engineering. The point is that the government has been denying that this can be done. Schneier points out that if a civil liberties group can build a DES Cracker essentially out of spare change, it should be assumed that other groups have already done so. People should realize that this is not the first machine to be built that can do this. It is the first machine whose creators have publicly acknowledged it, he says, we have to assume that the FBI has one, that Russia has one, and that China, Eastern Europe, the UK, Ireland, Israel, India, Pakistan and Australia have them. Any company with anything resembling a budget must have one. Some organized crime syndicates must have one. Now that the EFF has demonstrated how easy DES is to break, Freeh’s continued insistence on its strength starts to look like a kind of de facto key recovery initiative. If enough people believe DES is unbreakable, the FBI will retain its cherished back door. Schneier reiterates what cryptographers have been saying for at least a year: banks, financial institutions and others using cryptographic algorithms in mission-critical applications should consider 90-bit encryption the minimum secure standard. Ironically enough, the content of the message EFF cracked read: It’s time for those 128-, 192- and 256-bit keys.
