[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Next Y2K Problem (?)



On Sun, 19 Jul 1998, Shlomi Fish wrote:

> 
> At the moment there are computer systems all over the world that rely on
> 40 bits passwords encryption or a a worst encryption scheme. The main
> reason for that is the various bans imposed by the U.S. government and
> other governments on the use of powerful encryption algorithms.
> 
> At present, 40 bits encrpytion cannot be easily broken by using one's home
> computer alone. But computers are getting faster and faster all the time. 
> 
> There is a rough estimation on the cost of processing power as plottedby
> time. Assuming a potential cracker chooses the configuration with the
> lowest price, (E.g: a network of several Pentium machines) what will be
> the cost to break an N-bit encryption at year X?
> 
> Close to that time, all the computer systems will haveto be updated in
> order to prevent them from being exploited. This may create a
> frenzy not like what the Y2K problem is causing today. Of-course, large
> institutions such as banks have to worry first, because an intruder may be
> willing to invest a larger sum of money to break into their systems. 
> 
> Does anyone have, or can show me to data that will enable us to estimate
> at what year will 40-bit, 64-bit, etc. data encryption algorithms will
> become ineffective?

The EFF just broke the recent RSA Labs DES-II challenge in 2.5 days using
a special DES-Cracker device they built. the research & hardware cost
them 250,000$, they also published a book that contains all the
information and schematics of this device. they say that anyone can use
this book and build this for roughly 50K US$. 
see http://www.eff.org/descracker.html.


this means that DES is dead and should not be used for anything important
to you. 
as for Unix passwords, IIRC,  FreeBSD is already using MD5 as a default
encryption of passwords, and I believe other unix vendors will follow. 
I dunno how effective is MD5, but the current effort to crack rc5-64bit by
distributed.net seems to be taking very long, (currently running for ~260
days and only 1.5% of the keyspace was checked.)
see http://rc5stats.distributed.net

--Asher
.--------------------------------------------------------------------.
| Asher Frenkel 			   Unix System Administrator |
| IBM Global Services, IBM Israel                                    |	
| Fax   : +972-3-6978115                        Phone: +972-3-6978946| 
| E-Mail:asher@ibm.net.il                              +972-3-6978687| 
`--------------------------------------------------------------------'