DES Challenges

Part of the EFF's DES cracking machine which was used in two of the challenges

The DES Challenges were a series of brute force attack contests created by RSA Security to highlight the lack of security provided by the Data Encryption Standard.

The Contests[edit]

The first challenge began in 1997 and was solved in 96 days by the DESCHALL Project.^[1]

DES Challenge II-1 was solved by distributed.net in 39 days in early 1998. The plaintext message being solved for was "The secret message is: Many hands make light work."^[2]

DES Challenge II-2 was solved in just 56 hours in July 1998, by the Electronic Frontier Foundation (EFF), with their purpose-built Deep Crack machine. EFF won $10,000 for their success, although their machine cost $250,000 to build. The contest demonstrated how quickly a rich corporation or government agency, having built a similar machine, could decrypt ciphertext encrypted with DES. The text was revealed to be "The secret message is: It's time for those 128-, 192-, and 256-bit keys."^[3]

DES Challenge III was a joint effort between distributed.net and Deep Crack. The key was found in just 22 hours 15 minutes in January 1999, and the plaintext was "See you in Rome (second AES Conference, March 22-23, 1999)".^[4]

Reaction[edit]

After the DES had been shown to be breakable, FBI director Louis Freeh told Congress, "That is not going to make a difference in a kidnapping case. It is not going to make a difference in a national security case. We don't have the technology or the brute force capability to get to this information."^[5]

It was not until special purpose hardware brought the time down below 24 hours that both industry and federal authorities had to admit that the DES was no longer viable. Although the National Institute of Standards and Technology started work on what became the Advanced Encryption Standard in 1997, they continued to endorse the DES as late as October 1999, with FIPS 46-3. However, Triple DES was preferred.

References[edit]

^ Matt Curtin, Justin Dolske (May 1998). "A Brute Force Search of DES Keyspace". Archived from the original on 19 October 2016. Retrieved 27 February 2014.
^ David C. McNett (24 February 1998). "The secret message is..." distributed.net. Archived from the original on 4 March 2016. Retrieved 27 February 2014.
^ DES-II-2 Challenge
^ David C. McNett (19 January 1999). "US Government's Encryption Standard Broken in Less Than a Day" (PDF). distributed.net. Retrieved 27 February 2014.
^ "RSA Announces Another DES Cracking Contest". Computergram International. 1998-12-23. Retrieved 2008-09-21.

[1] Matt Curtin, Justin Dolske (May 1998). "A Brute Force Search of DES Keyspace". Archived from the original on 19 October 2016. Retrieved 27 February 2014.

[2] David C. McNett (24 February 1998). "The secret message is..." distributed.net. Archived from the original on 4 March 2016. Retrieved 27 February 2014.

[3] DES-II-2 Challenge

[4] David C. McNett (19 January 1999). "US Government's Encryption Standard Broken in Less Than a Day" (PDF). distributed.net. Retrieved 27 February 2014.

[5] "RSA Announces Another DES Cracking Contest". Computergram International. 1998-12-23. Retrieved 2008-09-21.

[1]

[2]

[3]

[4]

[5]

The Contests[edit]

Reaction[edit]

See also[edit]

References[edit]