> The goal of cracking this key is to test the government endorsed > encryption standard called DES. The data received from this contest > will assist researchers and developers in new encryption techniques. > ftp://portal.stwing.upenn.edu/pub/rc5
Please note that RC5 and DES are not the same algorithm. Your message gives a pointer to RC5 cracking software. People are also preparing to crack DES. Both of these efforts are going to require a lot of CPU power. By dividing the CPU power between RC5 and DES, both efforts will take a lot longer. My advice is to work on RC5 for now, but when the DES software becomes available, put RC5 on hold and go after DES. DES is a far more interesting target because it is so widely used. Also, because of the design of DES's key schedual, it can be cracked in a fraction of the time (one fifth to one seventh). The main goal of breaking a 56-bit RC5 or DES key is not really research/development. The main goal is to raise public awareness about cryptography, and to discredit the US government's current position on cryptography. Currently, software companies can't export strong cryptography without obtaining a licence. The government refuses to give export licences for anything but weak 40-bit cryptography. Because it is not cost-effective to maintain two versions (domestic and exportable) of the same software, most companies only produce 40-bit software. Anyone who does produce strong cryptography, even if they don't export it, lives in fear of government harrassment and legal action should any of the end-users send the software out of the country. Just ask Phil Zimmerman, author of PGP, about government harrassment. The government has recently allowed some companies to export 56-bit cryptography for up to two years. But, there is a price: the companies have to promise that they will start producing cryptography with backdoors that the government can spy through. This offer is appealing to many companies who can currently only export 40-bit software, because 40-bit keys have been cracked while 56-bit keys never have been (at least not publicly). Several companies have already agreed to work on creating backdoors, so that they can sell 56-bit crypto for the next couple of years. The bottom line is that the government wants to spy on everyone's communications, and they're pressuring US companies into helping the government evesdropping efforts. The efforts to crack a 56-bit key will make the two-year 56-bit deal less appealing to US companies, but only if the key is cracked in a timely fashion. Since the DES break will take a fraction of the time, we should give it priority. If we can convince companies that the government deal is a bad one, and convince them to fight the export restrictions, then PGP/ssh/etc could be included on the main Debian mirrors and we could put an end to the regular "Where can I get PGP?" questions. :) -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
