<<

. 37
( 41 .)



>>

through technical details could be taken. Now, the media would be in
a race to get the story together and to get it out quickly”and that
would mean less time for checking facts.
“Strong Cryptography Makes the World a Safer Place” 261

About an hour after the phone call with me, Verser had working
drafts of the announcement for the mailing lists, the press release, and
a data sheet with details of the facts of the project, intended to help
reporters get the information they needed to get their stories together.
RSA Data Security contacted Verser and worked with us to coordinate
our press release with theirs.
Later in the day, when everything was in order, and the world was
ready to know that it was a safer place because of cryptography, RSA
and DESCHALL press releases were issued at the same time, and Verser
proudly posted the message he had drafted earlier.
In an article entitled “WE FOUND IT!” Verser wrote to the DES-
CHALL mailing list:

“Strong cryptography makes the world a safer place.”
That™s the message RSA has been waiting for us to decipher.
And we did it!
The correct key (8558891AB0C851B6) was reported to RSA
Data Security shortly before midnight last night (Mountain
Time). RSA™s automated server acknowledged our win!
The winning computer is a Pentium 90 MHz, operated by
iNetZ Corporation of Salt Lake City, Utah. Their employee,
Michael K. Sanders, was the individual who was running the
DESCHALL client.
Congratulations, Michael. And congratulations to all who
participated!

After acknowledging many individuals, he graciously turned to “our
only public ˜competitor,™ SolNET,” which he called “a class out¬t.”
Verser continued:

In a sense, the “win” belongs to all of us, who contributed CPU
cycles and clients and ideas and innovations. We searched less
than 1 of the keyspace. Worldwide, over half of the keyspace was
4
searched. A DESCHALL client may have found “the” key, but
you [SolNET] deserve credit for helping to bring the “expected
date of completion” signi¬cantly ahead.
Your Web site gave us a goal to shoot for. A goal which we
never met. Your clients had many features our users wished for.
There is no shame in not ¬nding the key. But I know the anguish
you must feel after putting your hearts and souls into a project
for three to four months and not being “the” winner.
262 CHAPTER 38

In my eyes, everyone who participated, whether working for
the DESCHALL team or the SolNET team is a winner!
Elation followed on the DESCHALL mailing list, with congratula-
tions and thanks ¬‚owing in from all around. Across the Atlantic, Sol-
NET coordinator Lindgren Fredrik sent an announcement of his own
to the SolNET mailing list. He wrote:
The challenge is over . . .
. . . and we “lost.” On June 17 around midnight one of
our competitors, DESCHALL, found the secret key and de-
crypted the secret text prepared by RSA Data Security Inc
(http://www.rsa.com).
The goal of the DES Challenge was to show that DES en-
cryption could be cracked, and that better encryption is needed
to keep data safe. In my opinion this goal has been accomplished.
Although it™s not that fun being a runner up, I must say that
it has been an enjoyable couple of months running this e¬ort. As
much as it been a goal to show the weaknesses of 56-bit crypto,
it™s been very nice to be able to show the enormous amount
of “surplus” computing power that is available on the Internet.
Not to mention the warm and fuzzy feeling it gives me to think
of everybody that™s been working together towards the common
goal of answering the challenge.
The SolNET DES Team would like to thank everybody who
has been participating and sharing their spare computing re-
sources in our project. Without you none of this would have
been possible.
Lindgren extended his thanks to many who contributed their re-
sources and talents to run SolNET™s keyservers, work on clients, and
otherwise keep their e¬ort running. He then pointed out the opportu-
nities for additional work to be done, on the 56-bit RC5 Bovine e¬ort,
as well as the Great Internet Mersenne Prime Search.


Wednesday, June 18, 7:44 P.M.
The Ohio State University, Columbus, Ohio

Now it was time for the media to pick up the story and to weigh in. Late
on Wednesday, June 18, Dolske was one of the ¬rst to be contacted, and
answered questions for someone from “the Internet video show State of
“Strong Cryptography Makes the World a Safer Place” 263

the Net.” None of the coordinators had heard the program before, and
we had no idea of its audience size. Dolske wasn™t even sure that he
was talking to a reporter, but the person with the questions was clearly
interested in what had happened, so Dolske answered his questions.
After the conversation, he checked a search engine for “State of the
Net,” but couldn™t ¬nd anything. Given the proliferation of “cybercul-
ture” shows on television, electronic magazines, and streaming video,
one could never really be sure. But it was someone interested, and it
just might have been some of the ¬rst press the key-breaking received.
Verser meanwhile had spoken with reporters from Channel 2 in Salt
Lake City, ZDNet, MSNBC, and the Chronicle of Higher Education.
Obviously, the press releases were having their e¬ect and the stories
were being written. Some of these articles also included parts of inter-
views with Mike Sanders, whose machine found the key, and RSA Data
Security o¬cials.
RSA Data Security Inc., issued a press release of its own, at the same
time as ours. In that release, RSA president Jim Bizdos was quoted,
tying together the debate before Congress and the DES Challenge.
RSA congratulates the DESCHALL team for their achievement
in cracking the 56-bit DES message,” said Jim Bidzos, presi-
dent of RSA. “This demonstrates that a determined group us-
ing easily available desktop computers can crack DES-encrypted
messages, making short 56-bit key lengths and unscaleable algo-
rithms unacceptable as national standards for use in commercial
applications.
“This event dramatically highlights the fatal ¬‚aws in the
most recent administration proposal, Bill S.909, ˜The Secure
Public Networks Act of 1997,™ introduced by Senator John Mc-
Cain (R-AZ) and Senator Bob Kerrey (D-NE). This bill, if
passed, would severely hamper U.S. industry by limiting export
to the 56-bit DES standard.”
We would discover that yet another press release had been issued,
without our knowledge, much less coordination. Sameer Parekh, an en-
terprising user of cryptography ran a company he started called C2Net
Software, Inc. to bring products with strong cryptography to the mar-
kets. Never one to miss a media opportunity, Parekh sprang into ac-
tion upon seeing that the DES Challenge had been won. Quickly he
placed a call to iNetZ Corporation, where the 90 MHz Pentium ma-
chine run by Michael Sanders had found the right key. He got Jon Gay,
264 CHAPTER 38

a vice president at iNetZ to agree to a quote, wherein he hoped that
the demonstration would cause users to demand strong cryptography
in their products”“such as the 128-bit security provided by C2Net™s
Stronghold product, rather than the weak 56-bit ciphers used in many
other platforms.”
Parekh also got a quote from the respected cryptographer Ian Gold-
berg, recently of 40-bit Challenge fame. Goldberg™s remark, “This ef-
fort emphasizes that security systems based on 56-bit DES or ˜export-
quality™ cryptography are out-of-date, and should be phased out,” was
buried in an alarmist press release entitled, “Hackers Smash U.S. Gov-
ernment Encryption Standard.” C2Net™s press release failed to cite any-
thing authoritative from either RSA or the DESCHALL coordinators,
pointing instead to its own Web site that gave no additional informa-
tion on the contest. The C2Net statement was entirely devoid of useful
content about RSA™s DES Challenge or the project that answered it;
its entire purpose was to use DESCHALL™s win as a platform from
which to tell the world, in Parekh™s words, “We refuse to sell weak
products that might provide a false sense of security.” Members of the
press who saw Parekh™s blatantly opportunistic commercial received it
with some skepticism, some of which would unfortunately carry over
into reporting into the facts of the DES Challenge.
DESCHALL coordinators granted many interviews that day, un-
aware of the C2Net press release. Had we known about the C2Net re-
lease, we could have taken the opportunity to put the matter into more
balanced perspective than to suggest that the standard itself had been
broken by “hackers.” Reporters™ deadlines ¬nally came and the calls
died down as the articles started to get written. As the reports started
to make their way around the world, DESCHALL™s coordinators got
some well-deserved rest.


Thursday, June 19, 8:02 A.M.
Megasoft Online, Freehold, New Jersey

I was pleased to see the Wall Street Journal article on DESCHALL. A
well-written article by Don Clark covered the contest and its impact,
stuck to the story, and remained technically accurate. Many other re-
porters called on Thursday, following up with their own stories after
seeing the early coverage of the news.
“Strong Cryptography Makes the World a Safer Place” 265

On Friday, the largest wave of media coverage came, and as DES-
CHALL participants saw the coverage, they posted their observations
on the articles to the DESCHALL mailing list. Nelson Minar at MIT
noted that the CNN article covering our work was subtitled, “But it
took four months.” Most media coverage had roughly the same ¬‚avor.
MSNBC™s article managed to botch the story pretty badly, going so
far as to assert that the entire keyspace had been tested as opposed
to the one-quarter of the keyspace that actually had been tested. The
Money Daily article carried the basic premise that our success was
alarming, but readers didn™t need to tear up their ATM card right
away.
DESCHALL project did manage to get the attention of the main-
stream media at a critical moment”as the capability to break messages
encrypted with the standard came into the hands of even modestly
funded groups of people and as the future of public policy was being
debated. The success of the RSA DES Challenge would ultimately come
not from what the media would say immediately, but whether we suc-
ceeded in “killing single DES,” as Peter Trei wrote to the Cypherpunks
on October 1, 1996.
39
Aftermath




Cracking a message encrypted with DES was a watershed event in
the history of cryptography because we, private-sector cryptographers,
participated in a large-scale demonstration of distributed computing
to make our point. We knew that DES, the sitting standard for data
encryption for twenty years, was vulnerable to brute-force attacks. We
knew that ¬nding a key wouldn™t require a thirty-million dollar super-
computer and more than a year™s time. So we quit estimating what it
would take and just did it.
The contest wasn™t just about cryptography in 1997. Cryptography™s
future was also at stake: we knew that long-term public policy was being
debated by lawmakers in Washington under the in¬‚uence of information
speci¬cally released to support the Clinton administration™s legislative
agenda.
We knew that the data encryption standard needed to be replaced,
but no one would listen to us when we presented them with calculations.
People would not listen unless we actually broke a message encrypted
with the same system that was protecting sensitive information like
their ¬nancial and medical records. So that™s what we did. And then
the world wanted to hear all about it and what to do about it.


Thursday, June 19
Gundaker Realtors, St. Louis, Missouri

Systems and security administrator Stuart Stock, who wrote the “DES-
CHALL Linux Bootdisk Mini-HOWTO,” had been a participant for
most of the project™s duration. His e¬orts, and those of many peo-
ple like him, got the project access to many computing cycles”easily

267
268 CHAPTER 39

twelve hours daily and two whole days weekly”that would have been
otherwise unused.
Concerned that management might not have sanctioned the e¬ort,
Stock requested that his contribution be identi¬ed as an “anonymous”
site in our statistical reporting”a request which we happily granted.
On the morning of June 19, Stock found himself answering some
questions from the head of the company, who had seen the article in
the morning™s copy of The Wall Street Journal entitled “Group Cracks
Financial-Data Encryption Code.” The article got the head of the com-
pany thinking about the importance of strong cryptography in ensuring
the safety of ¬nancial transactions and electronic communications.
Feeling more con¬dent that he was making a connection and getting
a sympathetic audience, Stock revealed to his boss that their company
had been involved in the e¬ort, ¬nishing twenty-fourth in terms of
contributed processing power.
After learning that Stock™s method of contributing processing power
had not interfered with business operations in any way, his boss relaxed.
Stock was satis¬ed with his contribution. The head of his company
simply had no idea that cryptography was something he needed to
consider. Like many people, he just assumed that things were “safe.”
Thanks to our project and the subsequent publicity, he was asking
good questions and even being shown how to protect himself with Phil
Zimmerman™s Pretty Good Privacy cryptography software.




Since its beginning, Netscape had produced two versions of its soft-
ware: one for domestic U.S. use and one for international use. The
international use products were limited to 40-bit key strength, while
the domestic versions used 128 bits.
On June 24, less than a week after our success in the DESCHALL
project, Netscape ¬nally was able to release its products with strong
cryptography for export to the outside world with the permission of the
U.S. Department of Commerce. Instead of having to ¬ll out an online
a¬davit and go through veri¬cation that your system was based in the
United States, users from all over the world could simply download the
strong-cryptography version of the Netscape browser.
Aftermath 269

In addition, Netscape banking customers overseas could buy Net-

<<

. 37
( 41 .)



>>