Incryptography, theEFF DES cracker (nicknamed "Deep Crack") is a machine built by theElectronic Frontier Foundation (EFF) in 1998, to perform abrute force search of theData Encryption Standard (DES) cipher'skey space – that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that thekey size of DES was not sufficient to be secure.
Detailed technical data of this machine, includingblock diagrams,circuit schematics,VHDL source code of the custom chips and itsemulator, have all been published in the bookCracking DES. Itspublic domain license allowseveryone to freely copy, use, or modify its design. To avoid theexport regulation on cryptography by the US Government, thesource code was distributed not in electronic form but as a hardcopy book, of which the open publication is protected by theFirst Amendment. Machine-readable metadata is provided to facilitate the transcription of the code into a computer viaOCR by readers.[1]
DES uses a 56-bitkey, meaning that there are 256 possible keys under which a message can be encrypted. This is exactly 72,057,594,037,927,936, or approximately 72quadrillion possible keys. One of the major criticisms of DES, when proposed in 1975, was that the key size was too short.Martin Hellman andWhitfield Diffie ofStanford University estimated that a machine fast enough to test that many keys in a day would have cost about $20 million in 1976, an affordable sum to national intelligence agencies such as the USNational Security Agency.[2] Subsequent advances in the price/performance of chips kept reducing that cost until, twenty years later, it became affordable for even a small nonprofit organization such as the EFF to mount a realistic attack.[3]
DES was a federal standard, and theUS government encouraged the use of DES for all non-classified data.RSA Security wished to demonstrate that DES's key length was not enough to ensure security, so they set up theDES Challenges in 1997, offering a monetary prize. The first DES Challenge was solved in 96 days by theDESCHALL Project led by Rocke Verser inLoveland, Colorado. RSA Security set up DES Challenge II-1, which was solved bydistributed.net in 39 days in January and February 1998.[4]
In 1998, the EFF built Deep Crack (named in reference to IBM'sDeep Blue chess computer) for less than $250,000.[5] In response to DES Challenge II-2, on July 15, 1998, Deep Crack decrypted a DES-encrypted message after only 56 hours of work, winning $10,000. The brute force attack showed that cracking DES was actually a very practical proposition. Most governments and large corporations could reasonably build a machine like Deep Crack.
Six months later, in response to RSA Security's DES Challenge III, and in collaboration with distributed.net, the EFF used Deep Crack to decrypt another DES-encrypted message, winning another $10,000. This time, the operation took less than a day – 22 hours and 15 minutes. The decryption was completed on January 19, 1999. In October of that year, DES was reaffirmed as a federal standard, but this time the standard recommendedTriple DES.
The small key space of DES and relatively high computational costs of Triple DES resulted in its replacement byAES as a Federal standard, effective May 26, 2002.
Deep Crack was designed byCryptography Research, Inc., Advanced Wireless Technologies, and theEFF. The principal designer wasPaul Kocher, president of Cryptography Research. Advanced Wireless Technologies built 1,856 customASIC DES chips (calledDeep Crack orAWT-4500), housed on 29 circuit boards of 64 chips each. The boards were then fitted in six cabinets and mounted in aSun-4/470 chassis.[6]
The search was coordinated by a single PC which assigned ranges of keys to the chips. The entire machine was capable of testing over 90 billion keys per second. It would take about 9 days to test every possible key at that rate. On average, the correct key would be found in half that time.
In 2006, anothercustom hardware attack machine was designed based onFPGAs.COPACOBANA (COst-optimized PArallel COdeBreaker) is able to crack DES at considerably lower cost.[7] This advantage is mainly due to progress inintegrated circuit technology.
In July 2012, security researchers David Hulton andMoxie Marlinspike unveiled a cloud computing tool for breaking theMS-CHAPv2 protocol by recovering the protocol's DES encryption keys by brute force. This tool effectively allows members of the general public to recover a DES key from a known plaintext–ciphertext pair in about 24 hours.[8]
On Wednesday, July 17, 1998 the EFF DES Cracker, which was built for less than $250,000, easily won RSA Laboratory's "DES Challenge II" contest and a $10,000 cash prize.
