Cryptography Reference
In-Depth Information
whereas the initiative's purpose was to show that a DES cracking machine
could be built at all if only one had enough financial means.
How Deep Crack Was Born
The
Electronic Frontier Foundation
(
EFF
;
www.eff.org
) put an end to all
speculation and doubts about potential DES cracking machines when it built
such a machine. And not only that: the organization published a topic [EFF] that
describes how it's built, disclosing the chip design and the firmware, printing
the listings in scanner-friendly layout, and on top of it all, writing 'Scan This
topic!' on the cover (the paper version had its reason in a loophole in the
US laws, prohibiting the export over the Internet and on electronic media, but
leaving out print media). No doubt this topic had been intended to move things,
and it really did.
In view of the hardware friendliness of DES, it came as no surprise to experts
that such a machine could be built, but the implementation of the idea called
Deep Crack
is interesting nevertheless.
The actual surprise was how inexpensively such a machine could be built:
a team of about ten people worked on it for little over 18 months, and not
even full-time. The required control software came from voluntary work in
less than three weeks. Altogether, the costs for design and testing were roughly
80 000 dollars, and 130 000 dollars were spent on material. The 'total price'
of the project is usually stated to amount to 250 000 dollars. Series produc-
tion of the machine would naturally be much cheaper. Advanced Wireless
Technologies (AWT), the developers of the special chips, have started offering
the machine for sale. Much faster special computers are no utopia either. An
article in the magazine
Information Week
[InfWeekDES] assumes somewhat
higher costs and estimates a write-off time of three years for the computer.
With the one-million-dollar machine mentioned above (which could find a
key within half an hour), the costs would be approximately 20 dollars per
DES key. In other words, this could mean, for example, that the DES encryp-
tion of an email (for instance using PEM in the current form, which is the
PGP counterpart) would be worthwhile if the message were worth 20 dol-
lars at most. But such values are usually underestimated. Cruel irony: the
very same magazine had offered free annual subscription (worth 150 dol-
lars) over a lengthy period of time to people who'd fill out a 'harmless'
questionnaire. So much for how much people are really willing to pay for
information.
