tage (using only a few optimiza-
tion techniques, showing mild
performance gains) by compar-
Fig. 11. DESCHALL Keys Tested Per
ison to the PC users who had Day (in Trillions), June 9ā“15
highly optimized clients. (Since
the smaller computers are much
more common, performance gains made there would have a greater im-
pact, so starting with the most common systems made the most sense.
At the time that Verser was writing his fast DES routines, optimization
methods for 64-bit systems like bitslicing had not yet been published.)
The tables were now tipping heavily in the other direction: the more
sophisticated machines were ļ¬nally getting the clients that would take
advantage of their capabilities.
Duct Tape 253
A look over the top site rankings and the performance per platform
readily showed this to anyone who even glanced at those statistics.
As part of the fallout for that weekendā™s activity, people were once
again asking whether people who were contributing relatively small
amounts of processing power were going to drop out, with the likes
of Sun, Carnegie Mellon University, and others putting extremely fast
hardware with heavily optimized clients on the job.
After hashing out the issue once again, the conclusion was the same
as it had always been: until such a point where we have so many clients
that we are inhibiting the keyserverā™s ability to respond, each client
While the debate about the importance of small contributors contin-
ued on the DESCHALL mailing list, Verser composed a private message
to several of us who had been discussing the issue on the list.
Addressing the issue of morale among the participants, Verser wrote
that one week earlier, we had considered reporting how much of the to-
tal computational power each domain was contributing. In the end,
though, we decided against it, because the statistics could easily be
calculated by interested participants. Verser and others were also con-
cerned that smaller organizations might give up, ļ¬guring that they were
contributing ānothingā in the face of the horsepower that the likes of
Sun Microsystems were throwing at the project.
Verser noted that daily statistics showed that roughly forty percent
of the work was being done by small domainsā”those contributing less
than one percent of the total processing power. Another ten percent
was being done by even smaller domainsā”those contributing less than
one-half percent of the total.
Having seen numerous universities and companies learn of DES-
CHALL and organize themselves to run the client software time and
again, Verser wrote, āThe nature of this project is that a given [or-
ganization] tends to rise rapidly to a peak, as the organization rapidly
mobilizes most of their available computing power; and then (compared
to others) the organization gradually declines.ā No matter how big an
organization is, thereā™s always one bigger, and no site can continue to
double the work it was contributing every week, every other week, or
even every month, as had been happening with the big campuses lately.
There was another reason for the smaller domains to continue par-
ticipating. Ironically, as the ābig ļ¬shā continued to join the project and
to contribute more processing power, the odds of a ālittle ļ¬shā ļ¬nding
254 CHAPTER 36
the key were actually increasingā”on the basis of likelihood per pro-
cessing cycle expended. At the beginning of the project, the chances
of each key being tested was roughly one in 72 quadrillion (thatā™s 72
thousand billion). By mid-June, the chances had improved to one in
55 quadrillion. As more keys got eliminated from the list of possible
matches, the odds continued to improveā”eventually reaching a one in
one chance in the unlikely event that the correct key was the very last
key scheduled to be tested.
Verser concluded that he was grateful for all contributionsā”each
helped to bring the āexpected date of completionā from some 200 years
down to thirty-six days.
Tuesday, June 17, 8:29 P.M.
Seth D. Schoen was participating in DESCHALL in his senior year
at Northļ¬eld Mount Hermon, a college-preparatory boarding school.
After graduating earlier that month, he was able to spend more time on
DESCHALL and began to think about the milestone that the project
was rapidly approaching.
Because of working tirelessly week after week, we were going to cross
the threshold of twenty-ļ¬ve percent of the total keyspace being tested
in the next day or two.
Thinking that it had been a while since our last press release, or
at least seeing the opportunity for a party, Schoen posted to the DES-
CHALL mailing list, asking āIs anybody planning either a party or a
press release for the forthcoming twenty-ļ¬ve percent of keyspace com-
After articulating a few diļ¬erent angles that we could use in a press
release to recruit more participants, Schoen concluded with, āIf AP
[Associated Press] picked up on DESCHALL . . . I think the keyrate
could get a pretty nice boost.ā It was a nice thought, and indeed ev-
ery major news organization around the world would soon report on
Showdown in the Senate
Tuesday, June 17
Capitol Hill, Washington, D.C.
The Secure Public Networks Act of 1997 was oļ¬cially introduced by
its sponsors, John McCain and Bob Kerrey in the Senate Commerce
Committee. Oļ¬ered as a compromise on the contentious cryptography
policy issue, the bill had a striking resemblance to the draft legisla-
tion that the Clinton administration proposed in Marchā”essentially
requiring government access to keys used to encrypt data.
The other major cryptography legislation in the Senateā”in many
ways the opposite of the McCain-Kerrey bill (and the Clinton admin-
istrationā™s proposals)ā”was the the Promotion of Commerce Online in
the Digital Era, or Pro-CODE, Act, which was sponsored by Sena-
tors Conrad Burns and Patrick Leahy. Like the SAFE Act making its
way through the House, Pro-CODE was intended to reform encryption
policy, acknowledging that cryptography was already widely available,
and allowing U.S. companies to participate in these international mar-
kets that were already being served by foreign competitors. The Senate
Commerce Committee, chaired by Senator McCain, was set to vote on
the Pro-CODE bill on Thursday, June 19.
The McCain-Kerrey bill tried to keep cryptography from being used
by criminals against law enforcement oļ¬cials but in reality did nothing
to protect the privacy of Internet users or the security of their electronic
transactions. In fact, it would require U.S. citizens to use key recovery
systems approved by the federal government, require electronic com-
merce transactions to be conducted with government-approved key-
256 CHAPTER 37
recovery systems, allow the federal government access the keys needed
to read encrypted messages without a court order, create new criminal
penalties for people who used cryptography that was not on the gov-
ernmentā™s list of approved systems, and codify the 56-bit key as the
limit on products for export. All of this was proposed in the name of
preventing criminals from using cryptography that could prevent gov-
ernment investigators from discovering and prosecuting them. Arguing
that to allow strong cryptography is to be soft on crime makes for a
tempting sound bite for political purposes, but hardly makes sense.
Imagine seeing legislation proposed that requires citizens to leave the
doors to their homes unlocked or to give a copy of their keys to the
federal government, all for the purpose of making ļ¬ghting crime easier.
The notion is absurd.
Tuesday, June 17
Center for Democracy and Technology, Washington, D.C.
As soon as the text of the McCain-Kerrey bill was available, two
Washington computer privacy advocacy groups went into action. The
two groupsā”the Center for Democracy and Technology and Voters
Telecommunications Watchā”issued a press release and posted a call
for action in the Crypto-News newsletter. The release characterized
the new McCain-Kerrey bill as a false compromise which would do
ānothing to protect the privacy and security of Internet users.ā
Instead, the new bill represented, the alert cautioned readers, āa full
scale assault on your right to protect the privacy and conļ¬dentiality of
your online communications.ā
In its description of the status of the situation, Crypto-News said:
On Thursday, June 19, the Senate Commerce Committee is
scheduled to hold a vote on S. 377, the Promotion of Com-
merce Online in the Digital Era (Pro-CODE) Actā”an Internet-
friendly encryption reform bill sponsored by Senators Burns (R-
MT) and Leahy (D-VT).
Senator McCain, the Commerce Committee Chairman, is
expected to try and substitute his proposal for Pro-CODEā”
gutting the proposal and inserting provisions which would all
but mandate guaranteed government access to your private com-
Showdown in the Senate 257
Please take a few moments to help protect your privacy and
security in the Information Age by following the simple instruc-
Following this call to action came a list of Senate Commerce Com-
mittee members. Readers were asked to call their senators, if they were
on the list, and urge them to oppose the McCain-Kerrey bill. Read-
ers whose senators were not on the list could go to a Web site and
āAdopt a Legislatorāā”which would entail signing up to get targeted
alerts whenever the adopted legislator would be nearing a vote on some
The people watching the legislative front of the Crypto Wars werenā™t
the only ones were were foregoing sleep in the early hours of June 18,
āStrong Cryptography Makes the World a
Tuesday, June 17, 11:51 P.M.
A message contained in a UDP datagram made its way across the Inter-
net at the speed of light. Originating in Salt Lake City, the datagram
travelled up from a small local area network, to be handed oļ¬ to a
larger, wide-area network. Racing eastward, the datagram arrived in
Loveland, Colorado at the DESCHALL key server.
The DESCHALL key server issued a message of its own to RSAā™s au-
tomated contest server, which almost immediately acknowledge our vic-
tory. Rocke Verser felt a jolt of excitement shoot through his body when
he saw the āKey Found!ā message ļ¬‚ash across his computer screen.
Verser quickly wrote a message to DESCHALL coordinators and
sent it on its way, encrypted with PGP, as was standard practice when
writing about project details that were not yet public.
Wednesday, June 18, 2:12 A.M.
The Ohio State University, Columbus, Ohio
When Justin Dolske got the good news, he was ecstatic. As his moti-
vation was to demonstrate the weakness of 56-bit keys, he would have
been happy to hear that the key had been found by anyone, but being
on the winning team made the victory all the more sweet.
Dolske laid out the steps necessary to notify the DESCHALL and
SolNET mailing lists and to issue a press release. Leaving the message
260 CHAPTER 38
for the mailing lists to Verser, Dolske went straight to work on the
draft of the oļ¬cial press release. His ļ¬rst draft would be circulated to
DESCHALL coordinators at 2:56 A.M.
Wednesday, 8:04 A.M.
Megasoft Online, Freehold, New Jersey
I was spending the early part of the week in Freehold with the rest of
my companyā™s software development team. While I had been working
in my hotel room into the wee hours of the morning, I was doing so
completely without Internet connectivity and I had not checked my
voice mail throughout the night.
When I arrived at the oļ¬ce on Wednesday morning, the receptionist
handed me a handwritten message scrawled onto a torn-oļ¬ piece of
āgreenbarā data processing paper.
The message was simple. āCall Rocke Verser. ā˜We found it!ā™ ā
I promptly sounded my ābarbaric yawpā in the ļ¬ne tradition of
Walt Whitman and ran up the stairs and through the hallway leading
to the software development oļ¬ces. Finding a phone, I dialed Verserā™s
number and waited for him to answer.
Rocke Verser had spent the entire night drafting the notices for
the project participants, looking over drafts of the press release, and
ensuring that the news was ready to be released to the world. Normally,
this would be about the time that heā™d be trying to catch a few hoursā™
sleep, but that wasnā™t likely to happen today.
After a few congratulatory remarks, I put down the phone and got
to work. Weā™d made history, and it was time for the world to know.
Coordination was critical to getting the story out right, because we
needed to explain the project and its signiļ¬cance in a way that would
make sense to readers and reporters who did not have a background
in cryptography. The stories that we had seen so far were not partic-
ularly urgent in natureā”mostly they had been local interest stories,
where someone from the publicationā™s readership was participating in
a large-scale Internet-coordinated project. That kind of thing could be
published any day of the week, and so any extra time needed to work