This is a qoute from one mailing list digest. for people who still don'get it. In a human language.
------------------------------
From: rasumner@bach.wisdom.weizmann.ac.il (Reuben Sumner)
Subject: Re: 3DES cracked in 22 hours ??? (Was: Re: (fwd) DES Challenge III Broken in
Record 22 Hours !)
Date: 22 Jan 1999 12:49:32 GMT
Reply-To: rasumner@iname.com
On Thu, 21 Jan 1999 10:14:46 -0000, Sam Simpson <ssimpson@hertreg.ac.uk> wrote:
>Assuming 3DES has an effective keylength of 112-bits then it would take
>around 329293306 years on average to break a single key.
>
>This figure is based on the peak keys per second figure (250 Billion) quoted
>in the EFF/RSA press release.
I'm afraid I have to dissagree with your calculation.
>> kps:=250*10^9; // keys per second
250000000000
>> spy:=60*60*24*365.24; // seconds per year (average year)
31556736.0
>> kpy:=kps*spy; // keys per year
7889184000114802736.0
>> 2^111/kpy;
329076927259548.0
2^111 is the average number of keys you need to search. Thus the total number
of years is 329,076,927,259,548. That is 329 trillion not 329 million.
Even just searching 64 bits (ie the RC5-64 search) would take 1.17 years.
The real threaght is not distributed.net. It is amusing and a demonstration
that there are lots of wasted CPU cycles out there, but not a real threaght.
In the paper by Matt Blaze et al it is estimated that a $10 custom ASIC
can test about 200M keys/second. At that rate a $10M computer could break
64 bits in an average of 12.8 hours. Compare that to 1.17 years.
Even only 80 bits of something like skipjack (assuming brute force is your
best attack) would take a $1B attack 1 year (on average) to crack.
Reuben
------------------------------
------------------------------
From: bt@templetons.com (Brad Templeton)
Subject: Re: 3DES cracked in 22 hours ??? (Was: Re: (fwd) DES Challenge III Broken in
Record 22 Hours !)
Date: 23 Jan 1999 19:10:32 PST
In article <slrn7agt61.v23.rasumner@bach.wisdom.weizmann.ac.il>,
Reuben Sumner <rasumner@iname.com> wrote:
>2^111 is the average number of keys you need to search. Thus the total number
>of years is 329,076,927,259,548. That is 329 trillion not 329 million.
>Even just searching 64 bits (ie the RC5-64 search) would take 1.17 years.
>The real threaght is not distributed.net. It is amusing and a demonstration
>that there are lots of wasted CPU cycles out there, but not a real threaght.
>In the paper by Matt Blaze et al it is estimated that a $10 custom ASIC
>can test about 200M keys/second. At that rate a $10M computer could break
>64 bits in an average of 12.8 hours. Compare that to 1.17 years.
>Even only 80 bits of something like skipjack (assuming brute force is your
>best attack) would take a $1B attack 1 year (on average) to crack.
The difference between 128 bits and 64 bits is indeed this vast. That
we built a machine cheaply that can crack 56 bits does mean that with more
money you can break 64 bits quickly, but 128 bits or more is another story.
Add enough bits and you reach the point where if every atom on earth were
a processor that could check a key every microsecond you still couldn't break
by brute force. Add a few more bits and it's every atom in the universe.
Suffice to say that this means that sufficiently long keys are unbreakable
by brute force based on current understanding, even with things like DNA
computers. Only a breakthrough in physics, like quantum computing can
break a long key with brute force. Or a breakthrough in discrete
math -- which is no longer brute force.
--
Brad Templeton </code>
http://www.templetons.com/brad/ <code>
------------------------------
Hope that will explain it to some people who likes HP Calculators. Also subject of this message is from some HP Calculators FAN.