The EFF's US$250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a two-sided DES Cracker circuit board fitted with 64 Deep Crack chips

At the moment a DES message can be broken by brute force in a couple of days (or less) using under $100,000 worth of custom hardware. But there are some key factors in that: The hardware is custom - the chips used to quickly brute a DES key are not the general purpose processor you'd find in a PC.

  • So on our hypothetical machine, a 56-bit DES key would take, on average, 2 55 / 2 46.5 = 2 8.5 ≈ 362 seconds to find. Similarly, a 128-bit AES key would take 2 127 / 2 46.5 = 2 80.5 seconds ≈ 2 55 (or approximately 36 quadrillion) years to find.
  • As the chart makes plain, for certain passwords, breaking into your account would be pretty much instantaneous. But the longer your password is, and the wider the variety of characters you use, the longer it'll take, to the point that you really don't need to worry about the security of your accounts.
  • It would take about 9 days to test every possible key at that rate. On average, the correct key would be found in half that time. In 2006, another custom hardware attack machine was designed based on FPGAs. COPACOBANA (COst-optimized PArallel COdeBreaker) is able to crack DES at considerably lower cost.
  • How long would it take to crack my password: (Includes letters and numbers, no upper- or lower-case and no symbols) 6 characters: 2.25 billion possible combinations. Cracking online using web app.
The EFF's DES cracker 'Deep Crack' custom microchip

In cryptography, the EFF DES cracker (nicknamed 'Deep Crack') is a machine built by the Electronic Frontier Foundation (EFF) in 1998, to perform a brute force search of the Data Encryption Standard (DES) cipher's key space – that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that the key size of DES was not sufficient to be secure.

Background[edit]

DES uses a 56-bit key, meaning that there are 256 possible keys under which a message can be encrypted. This is exactly 72,057,594,037,927,936, or approximately 72 quadrillion possible keys. One of the major criticisms of DES, when proposed in 1975, was that the key size was too short. Martin Hellman and Whitfield Diffie of Stanford University estimated that a machine fast enough to test that many keys in a day would have cost about $20 million in 1976, an affordable sum to national intelligence agencies such as the US National Security Agency.[1] Subsequent advances in the price/performance of chips kept reducing that cost until, twenty years later, it became affordable for even a small nonprofit organization such as the EFF to mount a realistic attack.[2]

The DES challenges[edit]

DES was a federal standard, and the US government encouraged the use of DES for all non-classified data. RSA Security wished to demonstrate that DES's key length was not enough to ensure security, so they set up the DES Challenges in 1997, offering a monetary prize. The first DES Challenge was solved in 96 days by the DESCHALL Project led by Rocke Verser in Loveland, Colorado. RSA Security set up DES Challenge II-1, which was solved by distributed.net in 39 days in January and February 1998.[3]

Windows

In 1998, the EFF built Deep Crack (named in reference to IBM's Deep Blue chess computer) for less than $250,000.[4] In response to DES Challenge II-2, on July 15, 1998, Deep Crack decrypted a DES-encrypted message after only 56 hours of work, winning $10,000. The brute force attack showed that cracking DES was actually a very practical proposition. Most governments and large corporations could reasonably build a machine like Deep Crack.

Six months later, in response to RSA Security's DES Challenge III, and in collaboration with distributed.net, the EFF used Deep Crack to decrypt another DES-encrypted message, winning another $10,000. This time, the operation took less than a day – 22 hours and 15 minutes. The decryption was completed on January 19, 1999. In October of that year, DES was reaffirmed as a federal standard, but this time the standard recommended Triple DES.

The small key space of DES, and relatively high computational costs of Triple DES resulted in its replacement by AES as a Federal standard, effective May 26, 2002.

In many ways, such projects signaled that the hard cypherpunks minded way of thinking about applied cryptography had reached its peak.

Technology[edit]

Deep Crack was designed by Cryptography Research, Inc., Advanced Wireless Technologies, and the EFF. The principal designer was Paul Kocher, president of Cryptography Research. Advanced Wireless Technologies built 1856 custom ASIC DES chips (called Deep Crack or AWT-4500), housed on 29 circuit boards of 64 chips each. The boards were then fitted in six cabinets and mounted in a Sun-4/470 chassis.[5]

Paul Kocher of the EFF posing in front of Deepcrack

The search was coordinated by a single PC which assigned ranges of keys to the chips. The entire machine was capable of testing over 90 billion keys per second. It would take about 9 days to test every possible key at that rate. On average, the correct key would be found in half that time.

In 2006, another custom hardware attack machine was designed based on FPGAs. COPACOBANA (COst-optimized PArallel COdeBreaker) is able to crack DES at considerably lower cost.[6] This advantage is mainly due to progress in integrated circuit technology.

How Long Does It Take To Crack 3des

In July 2012, security researchers David Hulton and Moxie Marlinspike unveiled a cloud computing tool for breaking the MS-CHAPv2 protocol by recovering the protocol's DES encryption keys by brute force. This tool effectively allows members of the general public to recover a DES key from a known plaintext–ciphertext pair in about 24 hours.[7]

References[edit]

  1. ^'DES (Data Encryption Standard) Review at Stanford University – Recording and Transcript'. 1976. Archived from the original on May 3, 2012. Retrieved March 20, 2012.
  2. ^'DES Cracker Project'. EFF.org. Archived from the original on June 22, 2013. Retrieved October 9, 2013.
  3. ^David C. McNett (February 24, 1998). 'The secret message is...' distributed.net. Archived from the original on March 4, 2016. Retrieved February 27, 2014.
  4. ^'DES Cracker Project'. EFF. Archived from the original on May 7, 2017. Retrieved July 8, 2007. On Wednesday, July 17, 1998 the EFF DES Cracker, which was built for less than $250,000, easily won RSA Laboratory's 'DES Challenge II' contest and a $10,000 cash prize.
  5. ^Electronic Frontier Foundation (1998). Cracking DES – Secrets of Encryption Research, Wiretap Politics & Chip Design. Oreilly & Associates Inc. ISBN1-56592-520-3.
  6. ^'COPACOBANA – Special-Purpose Hardware for Code-Breaking'. www.sciengines.com. Archived from the original on July 24, 2016. Retrieved April 26, 2018.
  7. ^'Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate'. CloudCracker.com. July 29, 2012. Archived from the original on March 16, 2016. Retrieved March 16, 2016.

External links[edit]

Wikimedia Commons has media related to EFF DES cracker.
Retrieved from 'https://en.wikipedia.org/w/index.php?title=EFF_DES_cracker&oldid=992455551'
The EFF's US$250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a two-sided DES Cracker circuit board fitted with 64 Deep Crack chips
The EFF's DES cracker 'Deep Crack' custom microchip

In cryptography, the EFF DES cracker (nicknamed 'Deep Crack') is a machine built by the Electronic Frontier Foundation (EFF) in 1998, to perform a brute force search of the Data Encryption Standard (DES) cipher's key space – that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that the key size of DES was not sufficient to be secure.

Background[edit]

DES uses a 56-bit key, meaning that there are 256 possible keys under which a message can be encrypted. This is exactly 72,057,594,037,927,936, or approximately 72 quadrillion possible keys. One of the major criticisms of DES, when proposed in 1975, was that the key size was too short. Martin Hellman and Whitfield Diffie of Stanford University estimated that a machine fast enough to test that many keys in a day would have cost about $20 million in 1976, an affordable sum to national intelligence agencies such as the US National Security Agency.[1] Subsequent advances in the price/performance of chips kept reducing that cost until, twenty years later, it became affordable for even a small nonprofit organization such as the EFF to mount a realistic attack.[2]

The DES challenges[edit]

DES was a federal standard, and the US government encouraged the use of DES for all non-classified data. RSA Security wished to demonstrate that DES's key length was not enough to ensure security, so they set up the DES Challenges in 1997, offering a monetary prize. The first DES Challenge was solved in 96 days by the DESCHALL Project led by Rocke Verser in Loveland, Colorado. RSA Security set up DES Challenge II-1, which was solved by distributed.net in 39 days in January and February 1998.[3]

In 1998, the EFF built Deep Crack (named in reference to IBM's Deep Blue chess computer) for less than $250,000.[4] In response to DES Challenge II-2, on July 15, 1998, Deep Crack decrypted a DES-encrypted message after only 56 hours of work, winning $10,000. The brute force attack showed that cracking DES was actually a very practical proposition. Most governments and large corporations could reasonably build a machine like Deep Crack.

Six months later, in response to RSA Security's DES Challenge III, and in collaboration with distributed.net, the EFF used Deep Crack to decrypt another DES-encrypted message, winning another $10,000. This time, the operation took less than a day – 22 hours and 15 minutes. The decryption was completed on January 19, 1999. In October of that year, DES was reaffirmed as a federal standard, but this time the standard recommended Triple DES.

The small key space of DES, and relatively high computational costs of Triple DES resulted in its replacement by AES as a Federal standard, effective May 26, 2002.

How long does it take to crack 3des without

In many ways, such projects signaled that the hard cypherpunks minded way of thinking about applied cryptography had reached its peak.

Take

Technology[edit]

Deep Crack was designed by Cryptography Research, Inc., Advanced Wireless Technologies, and the EFF. The principal designer was Paul Kocher, president of Cryptography Research. Advanced Wireless Technologies built 1856 custom ASIC DES chips (called Deep Crack or AWT-4500), housed on 29 circuit boards of 64 chips each. The boards were then fitted in six cabinets and mounted in a Sun-4/470 chassis.[5]

Paul Kocher of the EFF posing in front of Deepcrack

The search was coordinated by a single PC which assigned ranges of keys to the chips. The entire machine was capable of testing over 90 billion keys per second. It would take about 9 days to test every possible key at that rate. On average, the correct key would be found in half that time.

In 2006, another custom hardware attack machine was designed based on FPGAs. COPACOBANA (COst-optimized PArallel COdeBreaker) is able to crack DES at considerably lower cost.[6] This advantage is mainly due to progress in integrated circuit technology.

In July 2012, security researchers David Hulton and Moxie Marlinspike unveiled a cloud computing tool for breaking the MS-CHAPv2 protocol by recovering the protocol's DES encryption keys by brute force. This tool effectively allows members of the general public to recover a DES key from a known plaintext–ciphertext pair in about 24 hours.[7]

Long

References[edit]

  1. ^'DES (Data Encryption Standard) Review at Stanford University – Recording and Transcript'. 1976. Archived from the original on May 3, 2012. Retrieved March 20, 2012.
  2. ^'DES Cracker Project'. EFF.org. Archived from the original on June 22, 2013. Retrieved October 9, 2013.
  3. ^David C. McNett (February 24, 1998). 'The secret message is...' distributed.net. Archived from the original on March 4, 2016. Retrieved February 27, 2014.
  4. ^'DES Cracker Project'. EFF. Archived from the original on May 7, 2017. Retrieved July 8, 2007. On Wednesday, July 17, 1998 the EFF DES Cracker, which was built for less than $250,000, easily won RSA Laboratory's 'DES Challenge II' contest and a $10,000 cash prize.
  5. ^Electronic Frontier Foundation (1998). Cracking DES – Secrets of Encryption Research, Wiretap Politics & Chip Design. Oreilly & Associates Inc. ISBN1-56592-520-3.
  6. ^'COPACOBANA – Special-Purpose Hardware for Code-Breaking'. www.sciengines.com. Archived from the original on July 24, 2016. Retrieved April 26, 2018.
  7. ^'Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate'. CloudCracker.com. July 29, 2012. Archived from the original on March 16, 2016. Retrieved March 16, 2016.

External links[edit]

Wikimedia Commons has media related to EFF DES cracker.

How Long Does It Take To Crack 3des For Pc

Retrieved from 'https://en.wikipedia.org/w/index.php?title=EFF_DES_cracker&oldid=992455551'