advertising information

CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
COMPUTING

Cracking DES code all in a day's work for security experts

January 21, 1999
Web posted at: 3:55 p.m. EST (2055 GMT)

by Matthew Nelson

From...
InfoWorld
 ALSO:
Congress considers easing cryptography rules
Message Board:
INTERACTIVE:

Do you think all encryption code should be tested by hackers?

Yes No
View Results

SAN JOSE, Calif. (IDG) -- Cracking the 56-bit DES encryption algorithm no longer takes a number of years to achieve; it can now be done in one day, as was demonstrated by a hacking group participating in RSA Data Security's yearly DES Challenge contest.

The DES Challenge III, started here at the RSA Data Security Conference on Monday, was over in 22 hours and 15 minutes, according to Jim Bidzos, president and CEO of RSA.

"The trend is very clear: 56 bits really isn't going to be providing you a lot of security," Bidzos said.

"If you are protecting tomorrow's headline I think you're okay at least until the next conference. But if you're protecting something else I think you're going to need something stronger," Bidzos added.

A message, encrypted using the 56-bit DES algorithm was released, with a purse of $1,000 available to whoever could break it in the least amount of time.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  InfoWorld home page
  InfoWorld forums home page
  InfoWorld Internet commerce section
  Get Media Grok and The Industry Standard Intelligencer delivered for free
 Reviews & in-depth info at IDG.net
  IDG.net's personal news page
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Questions about computers? Let IDG.net's editors help you
  Search IDG.net in 12 languages

The algorithm was cracked in record time by the Electronic Frontier Foundation using "Deep Crack," a specially designed supercomputer, and Distributed.Net, a worldwide coalition of computer enthusiasts. The previous record for the amount of time taken to break the code was 56 hours.

Response from industry observers was mostly in agreement: 56-bit DES is no longer secure.

"It indicates the perils that we face if we don't get our acts together on the Internet," said Mark Greene, vice president of security at IBM, in Armonk, N.Y.

The breaking of the code should also send a message to government officials who claim that 56-bit encryption using DES is secure for communications, according to analysts.

"It's more evidence that the U.S. government claim about being unable to break 56-bit DES is nonsense," said Jim Balderston, an industry analyst at Zona Research, in Redwood City, Calif. "They can crack it and they can apply a lot more computer power than a cobbled together machine."

Matthew Nelson is a senior writer for InfoWorld.

Related stories:
Latest Headlines

Today on CNN

Related IDG.net stories:

Note: Pages will open in a new browser window Related sites:

External sites are not
endorsed by CNN Interactive.

SEARCH CNN.com
Enter keyword(s)   go    help

  
 

Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.