Crack that crypto!

January 29, 2010

Pico Computing Inc. has been showing up a lot on this blog lately, in contexts as varied as gene sequencing and financial analysis, but we would be remiss not to mention the company’s announcement Jan. 29 of the use of its FPGA cluster to crack 56-bit Data Encryption Standard, testing more than 280 billion keys a second. The demonstration uses 176 Xilinx Virtex-6 devices on 11 EX-Series PCI Express boards.

As the company stresses in its press release, DES has largely given way to Triple-DES or Advanced Encryption Standard, but is still used in many mainstream security applications. What is important to recognize for this readership is that parallel FPGAs are taking over many crypto duties from DSPs and ASSPs, and that brute force attacks on any kind of crypto system – AES, public-key, etc.- may become feasible as key-testing systems become larger and more parallel, even as they stay within a standard rack-mounted platform. This Pico project was implemented in a 4U design.

Pico is showing this DES cracker at the Black Hat DC 2010 conference in early February.

Posted by Loring Wirbel on January 29, 2010 | Comments (7)

April 17, 2010

In response to: Crack that crypto!
Russian toy commented:

Ìîæíî ïîäóìàòü êàê áóäòî âðîäå è óäàëñÿ ïîñò) çàãëÿíèòå è êî ìíå íà ÷àé)

April 16, 2010

In response to: Crack that crypto!
Buy Cialis commented:

kagran recover equalityfont standardsthe quieter outlooks vinod lebanon frederick nilayam asphalt

February 10, 2010

In response to: Crack that crypto!
cybernion commented:

1) Testing security is essential having good security. Understanding the capabilities an adversary may have in performing a brute-force attack is required to implement real-world security that really works. Keeping an attack secret just lulls lots of people into thinking they have security, when they don't. So, the disparaging comments implying Pico is terrorist or anti-USA are unfounded. 2) A retry-delay can be a useful counter-measure in some cases. But, more often, if the attacker has the ciphertext he can make as many attempts as he wants to guess the key (without delays) using his own off-line hardware. 3) Note that using special hardware to mount an attack on the relatively short 56-bit DES key has been done before... a long time ago. (See EFF_DES_cracker on Wikipedia.) In 1998 EFF and CRI built a machine named "Deep Crack" that could test 90 billion keys per second, only about three times slower than Pico reported in Jan. 2010,nearly 12 years later. Another machine ("COPACOBANA") repeated Deep Crack's performance (approx.) in 2006, but at a lower cost. Deep Crack was significant in that it helped advance the well-founded perception that DES' 56-bit key was not long enough to be safe, culminating in the much improved 128-bit AES standard being issued in 2002 and the general relaxation of export restrictions on cryptographic products strong enough to be used for commerce.

February 10, 2010

In response to: Crack that crypto!
FPGA Biggot commented:

The toughest thing to beat in any encryption scheme is simply a delay prior to accepting another key attempt, whenever a key attempt is incorrect. Am I missing something here? Anyone who allows 280B key attempts per second doesn't deserve any security.

February 10, 2010

In response to: Crack that crypto!
seki commented:

Figures Bezerkeley would be helping people break crypto. Is their server named Ho Chi Mihn, like the park?

February 10, 2010

In response to: Crack that crypto!
mdOlObm commented:

If you would only stop by boinc.berkeley.edu/projects.php and visit teh mathematics section you would see the above is not the only approach. Enjoy

February 10, 2010

In response to: Crack that crypto!
Jerry commented:

Hi: In this time of Internet bandits and terrorism are you advertising this capapability?

About EDN | Site Map | Contact Us | Subscription | RSS

POST A COMMENT
Display Name

Before submitting this form, please type the characters displayed above. Note the letters are case sensitive: