[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The Next Y2K Problem (?)
On Sun, 19 Jul 1998, Shlomi Fish wrote:
>
> At the moment there are computer systems all over the world that rely on
> 40 bits passwords encryption or a a worst encryption scheme. The main
> reason for that is the various bans imposed by the U.S. government and
> other governments on the use of powerful encryption algorithms.
>
> At present, 40 bits encrpytion cannot be easily broken by using one's home
> computer alone. But computers are getting faster and faster all the time.
>
> There is a rough estimation on the cost of processing power as plottedby
> time. Assuming a potential cracker chooses the configuration with the
> lowest price, (E.g: a network of several Pentium machines) what will be
> the cost to break an N-bit encryption at year X?
>
> Close to that time, all the computer systems will haveto be updated in
> order to prevent them from being exploited. This may create a
> frenzy not like what the Y2K problem is causing today. Of-course, large
> institutions such as banks have to worry first, because an intruder may be
> willing to invest a larger sum of money to break into their systems.
>
> Does anyone have, or can show me to data that will enable us to estimate
> at what year will 40-bit, 64-bit, etc. data encryption algorithms will
> become ineffective?
The EFF just broke the recent RSA Labs DES-II challenge in 2.5 days using
a special DES-Cracker device they built. the research & hardware cost
them 250,000$, they also published a book that contains all the
information and schematics of this device. they say that anyone can use
this book and build this for roughly 50K US$.
see http://www.eff.org/descracker.html.
this means that DES is dead and should not be used for anything important
to you.
as for Unix passwords, IIRC, FreeBSD is already using MD5 as a default
encryption of passwords, and I believe other unix vendors will follow.
I dunno how effective is MD5, but the current effort to crack rc5-64bit by
distributed.net seems to be taking very long, (currently running for ~260
days and only 1.5% of the keyspace was checked.)
see http://rc5stats.distributed.net
--Asher
.--------------------------------------------------------------------.
| Asher Frenkel Unix System Administrator |
| IBM Global Services, IBM Israel |
| Fax : +972-3-6978115 Phone: +972-3-6978946|
| E-Mail:asher@ibm.net.il +972-3-6978687|
`--------------------------------------------------------------------'