|
Problems with DES Encryption by Ratsnatcher .......................................................................... *** Quoting M. Stirner to All *** > The Gov't. standard encryption scheme was proven breakable > before official adoption. A guy @ Stanford busted it & > suggested that substitution of a 64-bit scheme would make it > actually unbreakable. The NSA objected to that much > security. Indeed, it is my understanding that pending > Federal legislation will make it illegal to transmit > encrypted data without a "backdoor." It is widely believed > that the NSA currently has "backdoor" ability for the current > Gov't. encryption standard. . ~ . M. Yeah... Scary stuff, yeah. Well here's what my Tanenbaum Textbook on Computer Networks says about the DES--which is what I think you're talking about. .......................................................................... The DES Controversy Before leaving the subject of DES, it is worthwhile pointing out that this cipher has been surrounded by controversy since its inception (Branstad, 1979; et al., 1977; Davida, 1979; Diffie and Hellmen, 1976b, 1977; [bunch of other refs...]. A number of computer scientists have made the claim that 56 bits is too small a key size, that is, the cipher is too vulnerable to attacks such as Hellman's. The key size, in IBM's original design was 128 bits, which unquestionably eliminates any chance of an exaustive search of the key space. At the request of the U.S. National Security Agency, the key size was reduced to 56 bits. The reason the cipher was weakened has not been made public. What has also bothered a number of scientists is IBM's refusal to make public the reasons the specific S-boxes in the cipher were chosen. IBM has said that the National Security Agency requested that it keep the design principles secret. Without knowing the design principles, it is difficult to exclude the possibility that a trick exists by which the cipher can be easily broken. There was also an incident that some observers interpreted as an attempt by a government employee to stifle publication of academic research aimed at developing stronger ciphers (Shapley and Kolata, [bunch of other refs...]). The net effect of a short key, secret design principles, and other factors has led some critics (e.g., Hellmen [more refs...]) to believe that the government might not be unhappy with a standard cipher just strong enough to keep everyone except itself from breaking it. To understand the significance of these developments, you should realize that in the future, telephones may contain microcomputers capable of digitizing and encrypting speech, and mail may be send electronically, from home terminal to home terminal. If unbreakable encryption algorithms were used in these applications, it would be impossible for governments to tap phone and surreptitiously read mail. As Kahn (1980) and [blaw blaw blaw...] point out, electronic eavesdropping is currently practiced on a large scale, so technical advances making it impossible in the future may not be viewed with great joy in all quarters. -- Computer Networks Network Security and Privacy Andrew S. Tanenbaum .......................................................................... Then he goes on to talk about other problems with DES, like distribution of keys and more [blaw blaw blaw]. It gets extremely technical. Scary stuff though... Another very interesting book about this kind of stuff--scary stuff--is "The Rise of the Computer State" by David Burnham, which is mostly about the uses of the NSA, CIAs, and FBIs computer resources. Come to think of it, that's one of the scariest books I've ever read... Spock protect us all!