Quick cracking of secret code.Cryptographers have dramatically reduced the time it takes to decode a message digitally encrypted by a widely used, government-approved method for scrambling sensitive data. Known as the Data Encryption Standard See DES. Data Encryption Standard - (DES) The NBS's popular, standard encryption algorithm. It is a product cipher that operates on 64-bit blocks of data, using a 56-bit key. It is defined in FIPS 46-1 (1988) (which supersedes FIPS 46 (1977)). (DES), this method is used routinely by many banks and financial institutions to protect electronic funds transfers and credit-card transactions. A custom-built computer costing less than $250,000 needed only 56 hours to identify the required numerical key--a particular sequence of 56 1s and 0s out of 72 quadrillion One thousand times one trillion, which is 1, followed by 15 zeros, or 10 to the 15th power. See space/time. possibilities. That achievement shattered the previous record of 39 days, set by a network of thousands of computers communicating via the Internet. "DES can be cracked quickly and inexpensively," says John Gilmore of the Electronic Frontier Foundation See EFF. (body) Electronic Frontier Foundation - (EFF) A group established to address social and legal issues arising from the impact on society of the increasingly pervasive use of computers as a means of communication and information distribution. (EFF (Electronic Frontier Foundation, San Francisco, CA, www.eff.org) A non-profit civil liberties organization founded in 1990 by Mitchell Kapor and John Perry Barlow. It works in the public interest to protect privacy and freedom of expression in the arenas of computers and the Internet. ) in San Francisco, which funded the project to counter claims made by U.S. government officials that DES provides adequate protection of sensitive data. EFF announced the feat last month. "It unambiguously demonstrates that DES is vulnerable, even to attackers with relatively modest resources," comments Matt Blaze of AT&T Labs Research in Florham Park, N.J. Designed and built by Paul Kocher of Cryptography Research in San Francisco and his coworkers, the new code-cracking computer incorporates more than 1,000 integrated-circuit chips specifically configured for checking the strings of 56 binary digits that comprise DES encryption keys. In its record-breaking run, the computer tried about 25 percent of the possible combinations before finding the correct key to decode a message and win a contest sponsored by RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. Data Security in San Mated, Calif. The message reads: "It's time for those 128-, 192-, and 256-bit keys." Some businesses are already using a more robust variant of the DES method, known as Triple DES, which hasn't yet been broken. The U.S. government has also begun a competition to find a new encryption standard to replace DES. According to requirements established by the National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. ) in Gaithersburg, Md., the new method must allow encryption key sizes of up to 256 bits. Groups from the United States, Australia, Canada, France, Germany, Japan, and Norway have submitted entries. NIST will announce this month which candidate algorithms meet all the requirements and are eligible for testing and review. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion