Cryptography Watch

The Electronic Frontier Foundation (EFF) has built specialized hardware consisting to attack the DESChall II partial known plaintext cryptanalysis challenge. The specialized machine, know as “Deep Crack” consists of 1,856 chips that implement the relevant specialized DES code needed to find the correct key that will decrypt the unknown remaining plain text. Deep Crack costed less that $250,000 USD to build. It is capable of testing more that 90 billion keys per second giving it the ability to work through the entire 2^56 possibilities in the 56 bit keyspace in about five days.

The “Deep Crack” source code has been placed on the internet for download.

The EEF has created a web page for their hardware based DES Challenge II attack.

EFF Press Release Regarding the System:

EFF DES CRACKER MACHINE BRINGS HONESTY TO CRYPTO DEBATE
Electronic Frontier Foundation Proves That DES Is Not Secure

SAN FRANCISCO, CA — The Electronic Frontier Foundation (EFF) today raised the level of honesty in crypto politics by revealing that the Data Encryption Standard (DES) is insecure. The U.S. government has long pressed industry to limit encryption to DES (and even weaker forms), without revealing how easy it is to crack. Continued adherence to this policy would put critical infrastructures at risk; society should choose a different course.

(Read The Full Press Release)

Bruce Schneier {W} has announced the publication on a monthly e-mail news letter, Crypto-Gram, in which he will cover cryptography and security related topics.

The DESChall project has successfully solved the partial known plaintext attack challenge 140 days after the contest’s announcement.

64bit Processors in DEC Alpha computers running digital unix were found to be particularly fast at testing key candidates suggesting that movements to chip architectures with larger word sizes may significantly impact current estimates of how quickly distributed attack feasibility will progress.

Cryptowatch is a blog that highlights the announcement of technological and mathematical advancements that may impact decisions about the use of cryptographic systems. Cryptowatch is a great way to stay informed about bleeding edge advancements in fields that effect key length and expiration date choices. Following this blog will help you decide which algorithms to use, how long your passwords should be, what key length to choose, when you need to move off a platform like PGP. It will help you keep abreast of the state of emerging disruptive technologies like quantum computation, nanotechnological and biological computing. To a lesser extent, news regarding government and corporate monitoring efforts and policy will be posted.

The purpose of the blog is mainly smart (performed by a knowledgeable in-field human) aggregation. Therefor, commentary will be minimal.

I hope you enjoy cryptowatch.