Liverpool Daily Post logo Article thumbnail

Daily Post and Liverpool Echo (print newspaper, Liverpool, UK)

Internet column 'Wired'
October 18th 1997
by Steve Harrison, New Media Editor

I have spent part of this week trying to crack national security - but don't worry, it's all perfectly legal!

The security in question is the US-government endorsed data encryption standard (DES), codes that are widely used to encrypt confidential computer information. It has been known for some time that, in theory, codes of this standard offer only marginal protection against a sustained effort to break them - but no one has tried to do so in practise.

That has all changed with the challenge issued by cryptography specialists RSA Data Security (www.rsa.com) to break DES and 12 associated ciphers. It is this challenge in which I've been playing a small part. The traditional computer-based approach to cracking codes is to use a single, very powerful computer and then run through all possible combinations until the correct answer is reached. But it is now possible to use the spare capacity on a large number of less powerful machines connected by means of the Internet to achieve the same result.

These smaller, inter-connected machines can be far more effective than a single super-computer, in the same way that a colony of tiny army ants working together can prove a more ferocious adversary than an elephant. Over 4,000 teams, using different types of computers, are taking part in this challenge. I have joined the Amiga effort (www.cistron.nl/~ttavoly/rc5), which this week moved into third place out of 4,017 in the rankings!

It's simple to take part - from the Web site, you download a piece of software together with a tiny portion of the code, after which you can log off. The software then sits on your machine and surreptitiously works on the code during your computer's idle moments. The next time you log on, your computer passes on its results to the team HQ and gets another chunk of code to work on. The Amiga team has over 800 individuals and 1,500 machines working in this way.

The DES and related codes are highly sophisticated (which is why it takes computers several weeks to crack them), but the origins of cryptography go back at least 4000 years. A potted history on the University of New South Wales site (www.adfa.oz.au/CS/student-info/csc/lectures/classical.html) explains how Julius Caesar is reported to have used a simple substitution cipher, which replaced each letter of the alphabet by one a fixed distance away, so that A becomes C, B becomes D, etc. Unfortunately, this gives only 26 possible ciphers (in our alphabet, at least), and it is quite easy to go through each possibility in turn until the original message is revealed.

Machine ciphers were developed in the late 18th century which involved revolving alphabetic disks - this was essentially the principle of the Enigma machine used by Germany in World War II. Modern ciphers, such as elliptic curve cryptography or RSA, rely on mathematical techniques which are still the subject of new discoveries - so that what was thought secure one year may be shown to be flawed the next (as happened this year to elliptic curve cryptography).

So if you're desperate to keep your e-mail safe from prying eyes, perhaps the only sure way is never to send it at all!

Contact E-mail: online@day-post.u-net.com


Back to Press page | Main page