Cracking the DES Encryption

Outline

DES Encryption (in general).

DES Vulnerabilities.

Cracking the DES (DESCHALL).

Using Condor Advantages.

DES EncryptionIn general

History

In 1971, LUCIFER algorithm was developed. Cyphers block of 64 bits, using a 128-bit key

LUCIFER was refined by IBM researchers. The key was reduced to 56-bit: fits on a chip.

In 1977, the IBM project was adopted as the Data Encryption Standard (DES) by NSA.

Encryption Basics – Symmetric Key Encryption

Real Simple: Same key to encode and decode

Encoding and Decoding algorithms are symmetrical!

DES Algorithm

Crypts 64 bits blocks of plain text. Using a 56 bits key. Expands the Symmetric Key Encryption 16 stages of processing Block Ciphers. Initial & Final Permutations (IP, FP) Using Feistel Function & Key Schedule

                        ,

                                                                                                                                                      .

Li-1 Ri-1

Li Ri

48 bit subkeyGeneratorKi(48) = g(i,K(56))

(The key for each round isdeterministicallyfound from the input 56 bit key).

Expansion Permutation

S-Box Substitution

P-Box Permutation

32

4848

48

32

32

3232

32

8 16 24 32 40 48 56

8 16 24 32 40 48 56

8 16 24 32 40 48 56

8 16 24 32 40 48 56

IP – Initial Permutation

FP – Final Permutation

DES Advantages

Strong encryption-Confusion and diffusionUsing a non linear function (S-Box)Using bit permutation (P-Box)

Ideally suited for implementationin hardware (bit shifts, look-ups etc).

Suited for video & voice.

DES Vulnerabilities Are there any disadvantages?

Brute Force Attack

Basic attack for deciphering any kind of encrypted data.

Trying all possible options. Takes a lot of time and resources. Dedicated hardware is faster than

software.

56 bit Key -Advantage or Disadvantage? 256 possible keys =

72,057,594,037,927,936 Moore’s law compatible. Even 20 years later(1997), it would take:

2,285 years to decipher! With a 200 MHz Pentium system that can

test approximately 1 million keys/second.

More Efficient Exploitations

Differential cryptanalysis Linear cryptanalysis Both require hundreds of Terabytes of

cyphered & deciphered messages. Still requires 2^43 iterations. Dedicated machines.

DESCHALL Competition

Cracking the algorithm – it’s all about the money

The Challenge RSA Security offered a 10,000$ prize in 1997, for

the first who crack the DES. A group of computer scientists involved thousands

of volunteers deciphered it! It took only 96 days! (against 2,285 years) How did they manage to get a speedup of 8687 ??? How come the DES developers didn’t see it coming?

The Solution There was no internet when DES was

introduced in 1977. Even in 1997 the internet sounded bad. Parallel Computing is the answer! Simply using brute force. With the help of up to 14k computers a day

and a total of 78k unique computers. By offering a 4,000$ prize to the computer

owner who finds the right key.

DESCHALL Competition

How does it works?

Server FlowchartClient Flowchart

Calculation Speed

Average user speed is a sine form Computers are more idle on weekends.

Growing popularity.

Parabolic growth of total calculated keys.

Only ¼ of all key options was needed to be calculate.

Can HTCondor Help?Parallel computing using High Throughput Computing (HTC)

Condor Relevant Advantages

Sequential execution of a series of programs without human interaction.

Supports many different machines. High throughput computing. Open source and easy to setup.

Conclusions

DES was outdated after DESCHALL. Nowadays internet can help us achieve

tremendous computing power with the growing amount of computers connected.

Longer keys are better - 256 bit key is common and believed to be hard to brute force (78 digits!)

Better encryption methods are in use today but they are also vulnerable!

Referances

http://lasecwww.epfl.ch/memo/memo_des.shtml http://www.interhack.net/projects/deschall/ http://www.interhack.net/pubs/des-key-crack/ http://linuxgazette.net/issue46/serrao.html http://www.distributed.net/DES http://en.wikipedia.org/wiki/DESCHALL_Project http://en.wikipedia.org/wiki/Data_Encryption_Standard http://en.wikipedia.org/wiki/Brute_force_attack http://www.worldofhacker.com/2013/09/basic-idea-of-creating-

password.html http://www.hep.uiuc.edu/home/mats/crypto/crypto.ppt