[4448] in WWW Security List Archive
INFO: RC5-48 bit challenge broken
daemon@ATHENA.MIT.EDU (Lars Eilebrecht)
Fri Feb 14 19:36:41 1997
To: "www-security" <www-security@ns2.rutgers.edu>
From: "Lars Eilebrecht" <sfx@unix-ag.uni-siegen.de>
Date: Fri, 14 Feb 1997 14:04:01 +0200
Errors-To: owner-www-security@ns2.rutgers.edu
* Forwarded from: *private mail*
* Subject: 48 bit challenge broken
* Date: Fri, 14 Feb 1997 10:04:28 +0100 (MET)
* Message-ID: 199702140904.KAA22019@kom30.ethz.ch
* Originally by: Germano Caronni (caronni@tik.ee.ethz.ch)
> FOR IMMEDIATE RELEASE
>
> 13 February 1997
>
> Local contact: Germano Caronni, gec@acm.org
> [This press release originated from Melanie Harper]
>
> THOUSANDS OF COMPUTERS JOIN TO CRACK THE HARDEST CRYPTOGRAPHIC CHALLENGE
> EVER
>
>
> Loosely organized international group checks a record 162082778549251
> keys in 13 days to find correct solution
>
>
> ZURICH: More than 5000 computers connected via the Internet have broken the
> most difficult cryptographic challenge ever solved, in just over thirteen
> days. The challenge was one of a series of cryptographic challenges recently
> offered by RSA Data Security, Inc., a U.S. firm which produces cryptographic
> software.
>
> The Internet group's successful attempt on the challenge, which is the
> second record-breaking cryptographic challenge solution within the last two
> weeks, demonstrates in a dramatic fashion that many encryption systems --
> such
> as those commonly used on the Internet, in electronic commerce, and in
> so-called "Smart Cards" -- can be broken with relative ease using modern
> computing techniques.
>
> The challenge was solved by a loosely organized group of individuals from
> around the world who banded together to create a project known as the
> "Distributed Internet Crack." The group was begun by Germano Caronni,
> member at the Swiss Federal Institute of Technology in Zurich and quickly
> grew to include hundreds of people, from commercial as well as academic
> sites, who worked at a furious pace to write and optimize the necessary
> software and then run it on thousands of computers simultaneously. The
> group never met in person but communicated via email. Continuously
> updated pages on the World-wide Web, available in four different
> languages, provided the latest information and progress reports.
>
> The Distributed Internet Crack first attacked the easiest of RSA's
> challenges. The group solved this challenge in 3 1/2 hours, only minutes
> after another group submitted the correct answer. After coming so close to
> winning the first challenge, the group decided to take on the second one,
> hundreds of times as difficult. The challenge required that up to
> 281474976710656 different keys be checked.
>
> By putting the power of thousands of powerful and not-so-powerful computers
> together via the internet, the second challenge was solved on Monday,
> February 10th, a little over thirteen days after it was issued.
>
> The successful completion of the challenge broke new ground in several ways:
> Besides cracking the hardest key ever, the event also brought together the
> most computers ever working on a single Internet project (over 5500
> computers
> were operating simultaneously at one point, and over 10,000 computers joined
> in the project at one time or another), and produced the most cryptographic
> keys ever checked per second in an openly publicized effort (over 440
> million keys per second at peak, and an average of 140 million keys per
> second over the entire project).
>
> If the group would have re-attacked the 40 bit challenge with the computing
> power it had at the end of this effort, that key would have been broken
> within 45 minutes.
>
> The group is now planning to attempt another challenge issued by RSA, this
> time aimed at the DES cipher, which has been used in American and other
> financial institutions for many years.
>
> References:
>
> RSA Data Security Secret-Key Challenges:
> http://www.rsa.com/rsalabs/97challenge/
> Team Web Pages: http://www.klammeraffe.org/challenge/
> http://www.ee.ethz.ch/challenge/ and others.
> Software: ftp://ftp.tik.ee.ethz.ch/pub/projects/dic/
> IRC: #challenge
> Preliminary Web page for DES challenge: http://fh28.fa.umist.ac.uk/~des/
>
> Note: Both long numbers in this document have exactly 15 digits.
