Cypherpunks "brute" key cracking ring
Hal's second challenge has been CRACKED
The next crack was organised on mainland Europe, breaking the
RSA
48 bit RC5 challenge in 280 hours.
There are currently two sets of web pages (soon to merge I hope),
a mostly German one, requiring large Netscape windows, known as
challenge
and a tri-lingual, lynx (and Netscape) friendly
rsa_clng
There also appears to be another attempt being run from
cs.rochester.edu,
and maybe one at ziplink.net.
In order to demonstrate that the various export weakened crypto systems are
too insecure to be used for secure commerce and business applications,
this project was started to show this by breaking examples sessions.
It is the sucessor to Adam's
brute-rc4.html page
and makes use of a
new protocol
which allows hosts with full internet access to directly communicate with
the system without needing to use the WWW and cut&paste.
Last Projects
SSL (Secure Socket Layer) as used in the netscape secure WWW browser
which has been vaunted as a mechanism for securing financial
transactions, and commerical data through WWW.
In its export restricted form, SSL uses 128 bit keys with 88 bits known,
leaving a key search space of 40 bits.
40 bits is an insecurely small search space, for reasonable security;
something like 128 bits would be much more reasonable.
Hal's first challenge
has been
cracked,
so we moved on to his
second which
took 114456 seconds (31.8 hours).
The
PRIZE of Cyberbucks,
the currency used in the DigiCash ecash trial
![[IMAGE: we accept ecash]](http://www.digicash.com/gifs/accept.gif)
has been allocated -- donations still greatfully accepted (100 c$ = 5 US$).
Hal has not yet generated a third challenge, so in the meantime,
why not grab the latest copy of
brutessl,
brclient and
brwork (which used to be "brloop"),
and test it out (see "brwork -h").
If you have a CPU Farm, see also
brslave.pl
which allows you to run a local key allocation and ACK server
(e.g. for use behind firewalls, or sites not permanently Internet connected).
Donating your CPU time
There are several ways to donate your CPU time, all that you require
is a computer with an ANSI C compiler (also executables are supplied
for DOS, Windows 95 and NT), and some spare compute time.
The software has been shown to run on PC compatibles, powerMACs,
and numerous unix machines.
Step by step how to
Read the how to,
everything explained step by step in full detail, what to down
load, how to install, how to setup, how to use the socket client, how
to use the WWW server.
BruteSSL
You can collect
brutessl.tar.gz
version 1.03
to allow you to build the code to brute attack SSL.
The only changes from 1.0 is to allow it to use the same args as bruterc4 when
using brloop,
and to go 60% faster on ALPHAs (by using ints instead of chars for RC4).
For binaries etc, see the
sources page.
Socket based key doler
If you have direct IP connectivity (or slip/ppp with autodial on use),
you will be able to use the SKSP socket server. This will mean that
you can start up the bruting software as a low priority background job
on your workstation(s) and leave it to crunch unattended. Your client
program will report back keyspace swept, and request more work
automatically.
A perl socket based client code
(use at least brc0.8)
is available for UNIX systems.
brloop is a shell wrapper which plugs
together brclient and brutessl to keep chugging away at cracking.
It is a shell script so that more people can read it to see what it actually does, and to allow then to tweak it -- e.g. there is a shell procedure
testproc
which decides whether to do some more work,
sleep for a bit (maybe the machine is in use),
or exit.
This and other facilities can be tailored using .brloop.rc -- mine has the line
tailored=true BRCLIENT="Piete Brooks" BRID="pb@cl.cam.ac.uk" checkcmds=false
A Windows NT / Windows 32 socket based client is also available.
WWW based key doler
If you are unable to use the Socket based key doler,
a second-class interface is provided through
WWW forms,
which allow you to
request keyspace to search,
report keyspace swept
(and key if you hit the jackpot)
and
inspect the current status of the search.
However, this requires user intervention, cut and paste, etc, so should only
be used if you cannot use the Socket based key doler.
Comments, html bugs to me
(Piete Brooks) at
<pb@cl.cam.ac.uk>