DESCHALL PRESS RELEASE INTERNET-LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD LOVELAND, COLORADO (June 18, 1997). Tens of thousands of computers, all across the U.S. and Canada, linked together via the Internet in an unprecedented cooperative supercomputing effort to decrypt a message encoded with the government-endorsed Data Encryption Standard (DES). Responding to a challenge, including a prize of $10,000, offered by RSA Data Security, Inc, the DESCHALL effort successfully decoded RSADSI's secret message. According to Rocke Verser, a contract programmer and consultant who developed the specialized software in his spare time, "Tens of thousands of computers worked cooperatively on the challenge in what is believed to be one of the largest supercomputing efforts ever undertaken outside of government." Using a technique called "brute-force", computers participating in the challenge simply began trying every possible decryption key. There are over 72 quadrillion keys (72,057,594,037,927,936). At the time the winning key was reported to RSADSI, the DESCHALL effort had searched almost 25% of the total. At its peak over the recent weekend, the DESCHALL effort was testing 7 billion keys per second. Verser considers this project to be remarkable in two ways: One. This is the first time anyone has publicly shown that they can read a message encrypted with DES. And this was done with "spare" CPU time, mostly from ordinary PCs, by thousands of users who have never even met each other. U.S. government and industry will have to take a hard look at their cryptographic policies. "DES can no longer be considered secure against a determined adversary", Verser said. Two. This project demonstrates the kind of supercomputing power that can be harnessed on the Internet using nothing but "spare" CPU time. "Imagine what might be possible using millions of computers connected to the Internet!" Aside from cryptography and other obvious mathematical uses, supercomputers are used in many fields of science. "Perhaps a cure for cancer is lurking on the Internet?", said Verser, "Or perhaps the Internet will become Everyman's supercomputer." Under current U.S. government export regulations, and underscoring a problem faced by the U.S. software industry, the program that searched the keys could not be exported, except to Canada. A competitive effort, based in Sweden, sprang up well after the DESCHALL effort began. Able to "market" their keysearch software around the world, the Swedish effort caught up quickly, and had searched nearly 10 quadrillion keys by the end of the contest. ------------------------------------ Verser agrees with the sentiment voiced in RSADSI's secret message: "Strong cryptography makes the world a safer place." Use of strong cryptography, both domestically and internationally, is essential in today's electronic world. "But not at the expense of a citizen's right to privacy." Verser adds, "Recent proposals for 'key-recovery' and for criminalization of the use of cryptography have no place in a free society." Information about the DESCHALL effort is available from the official DESCHALL Web site at: MEDIA CONTACTS: Matt Curtin, (908) XXX-XXXX x XXX, ALTERNATE: Rocke Verser, (970) XXX-XXXX, ALTERNATE: Justin Dolske, (614) XXX-XXXX, - 30 - INTERNET LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD Background / Sidebar, for Release dated June 18, 1997 The Data Encryption Standard, DES, is a national standard, adopted in 1977. Use of DES is mandatory in most Federal agencies, except the military. DES is very widely used in the private sector, as well. Interbank wire transfers, Visa transactions, your medical and financial records, and your employer's financial data are some of the many things secured against prying eyes or against modification by DES. When the Data Encryption Standard was adopted in 1977, there was some question as to whether or not the Standard was adequate to protect confidential data. Matt Curtin, Chief Scientist for Megasoft, Inc. says, "This is proving by example, not by mathematical calculation, that DES can be broken with little or no cost." Curtin added, "Others could just as easily be attempting to gain access to multibillion dollar wire transfers." MEDIA CONTACTS: Matt Curtin, (908) XXX-XXXX x XXX, ALTERNATE: Rocke Verser, (970) XXX-XXXX, ALTERNATE: Justin Dolske, (614) XXX-XXXX, - 30 - INTERNET LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD Background for Release dated June 18, 1997 DESCHALL DATA SHEET DESCHALL Web site: Principal Organizer: Rocke Verser, self-employed contract programmer, Loveland, Colorado Team Leaders - Did "everything" Rocke didn't have time to do Matt Curtin, Chief Scientist, Megasoft Online Justin Dolske, Graduate Fellow / Research Associate, Ohio State Universtiy Team Contributors: Guy Albertelli, several "ports" Kelly Campbell, original Mac port Darrell Kindred, blazing fast bitslice clients Andrew Meggs, blazing fast Mac client Karl Runge, statistics and rankings Team Members: Dozens of people who contributed "shareware". Thousands of ordinary folks, who contributed "spare" CPU cycles. Project statistics: Start of contest: January 29, 1997 Announcement of DESCHALL project: February 18, 1997 End of contest: June 17, 1997 Size of keyspace: 72,057,594,037,927,936 Keys searched: 17,731,502,968,143,872 Peak keys/day: 601,296,394,518,528 Peak keys/second: 7,000,000,000 (approx) Peak clients/day: 14,000 (approx, based on IP address) Total clients, since start: 78,000 (approx, based on IP address) The computer that found the key: CPU: Pentium 90 RAM: 16 megabytes Operating System: FreeBSD 2.2.1 Speed (keys/second): 250,000 (approx) Client: FreeBSD v0.214, built March 12, 1997 Owner: iNetZ Corporation, Salt Lake City, Utah Operator: Michael K. Sanders MEDIA CONTACTS: Matt Curtin, (908) XXX-XXXX x XXX, ALTERNATE: Rocke Verser, (970) XXX-XXXX, ALTERNATE: Justin Dolske, (614) XXX-XXXX,