On Thu, 21 Feb 2008 19:50:16 -0500 krw wrote: | In article , phil-news- | snipped-for-privacy@ipal.net says... |> On Wed, 20 Feb 2008 19:43:42 -0500 krw wrote: |> | In article , |> | snipped-for-privacy@aol.com says... |> |> On Tue, 19 Feb 2008 19:47:39 -0500, krw wrote: |> |> |> |> >> Some kid with a PC cracked DES 32 bit encryption (the best the federal |> |> >> government would let you have in the Clinton administration) in about |> |> >> 15 hours with a pretty modest PC compared to a minimal Vista machine. |> |> >
|> |> >You're full of shit! DES has never had 32-bit keys. Even thirty |> |> >years ago DES-64 (or DES-56, depending on how you count) was the |> |> >standard. Double DES (two or three pass) is now quite common and |> |> |> |> Whatever ... the fact still remains some european kid cracked it while |> |> our government was trying to say that was all they would let us use. |> |> |> | You're still full of shit. There is no "DES-32" and never has been. |> | DES-64 (or more accurately DES-56) won't be "cracked" and certainly |> | not by some kid in his bedroom. I can be busted exhaustively, but |> | that's still a large problem. Double or Triple DES make that an |> | impossibility today. |> |> True, there was no DES-32. However, there was a DES-40. That was trivial |> to crack. For a while, that was the only thing the US allowed to export. | | No, it wasn't "trivial" to crack. The so-called DES-40 was DES-56 | with modified keys. It couldn't be "cracked" any more than DES-56 | could be "cracked" and an exhaustive search isn't all that trivial | either. DES-40 keys are still 56bit, though have an "effective | length" of 40bits. An exhaustive attack isn't trivial, though | certainly within the comfortable range of the black-hats. That said, | DES-40 was never used for anything important and certainly never | "all the Clinton administration would let us use". DES-40 was dead | long before the the swear word "Clinton" was known outside Arkansas.
Sorry to bust your balloon, but DES-40 was indeed "trivial" to crack. Please carefully note that "trivial" is _relative_ to the cryptographic community. The average person would NOT be able to do this. But a knowledgeable and motivated person could. The NSA would have no problem. DES-40 was in fact used for a while. I believe it is no longer used in anything but unmaintained facilities.