Cypherpunks "brute" key cracking ring
Hal's second challenge has been CRACKED
The next crack was organised on mainland Europe, breaking the
48 bit RC5 challenge in 280 hours.
There are currently two sets of web pages (soon to merge I hope),
a mostly German one, requiring large Netscape windows, known as
and a tri-lingual, lynx (and Netscape) friendly
There also appears to be another attempt being run from
and maybe one at ziplink.net.
In order to demonstrate that the various export weakened crypto systems are
too insecure to be used for secure commerce and business applications,
this project was started to show this by breaking examples sessions.
It is the sucessor to Adam's
and makes use of a
which allows hosts with full internet access to directly communicate with
the system without needing to use the WWW and cut&paste.
SSL (Secure Socket Layer) as used in the netscape secure WWW browser
which has been vaunted as a mechanism for securing financial
transactions, and commerical data through WWW.
In its export restricted form, SSL uses 128 bit keys with 88 bits known,
leaving a key search space of 40 bits.
40 bits is an insecurely small search space, for reasonable security;
something like 128 bits would be much more reasonable.
Hal's first challenge
so we moved on to his
took 114456 seconds (31.8 hours).
PRIZE of Cyberbucks,
the currency used in the DigiCash ecash trial
has been allocated -- donations still greatfully accepted (100 c$ = 5 US$).
Hal has not yet generated a third challenge, so in the meantime,
why not grab the latest copy of
brwork (which used to be "brloop"),
and test it out (see "brwork -h").
If you have a CPU Farm, see also
which allows you to run a local key allocation and ACK server
(e.g. for use behind firewalls, or sites not permanently Internet connected).
Donating your CPU time
There are several ways to donate your CPU time, all that you require
is a computer with an ANSI C compiler (also executables are supplied
for DOS, Windows 95 and NT), and some spare compute time.
The software has been shown to run on PC compatibles, powerMACs,
and numerous unix machines.
Step by step how to
Read the how to,
everything explained step by step in full detail, what to down
load, how to install, how to setup, how to use the socket client, how
to use the WWW server.
You can collect
to allow you to build the code to brute attack SSL.
The only changes from 1.0 is to allow it to use the same args as bruterc4 when
and to go 60% faster on ALPHAs (by using ints instead of chars for RC4).
For binaries etc, see the
Socket based key doler
If you have direct IP connectivity (or slip/ppp with autodial on use),
you will be able to use the SKSP socket server. This will mean that
you can start up the bruting software as a low priority background job
on your workstation(s) and leave it to crunch unattended. Your client
program will report back keyspace swept, and request more work
A perl socket based client code
(use at least brc0.8)
is available for UNIX systems.
brloop is a shell wrapper which plugs
together brclient and brutessl to keep chugging away at cracking.
It is a shell script so that more people can read it to see what it actually does, and to allow then to tweak it -- e.g. there is a shell procedure
which decides whether to do some more work,
sleep for a bit (maybe the machine is in use),
This and other facilities can be tailored using .brloop.rc -- mine has the line
tailored=true BRCLIENT="Piete Brooks" BRID="email@example.com" checkcmds=false
A Windows NT / Windows 32 socket based client is also available.
WWW based key doler
If you are unable to use the Socket based key doler,
a second-class interface is provided through
which allow you to
request keyspace to search,
report keyspace swept
(and key if you hit the jackpot)
inspect the current status of the search.
However, this requires user intervention, cut and paste, etc, so should only
be used if you cannot use the Socket based key doler.
Comments, html bugs to me
(Piete Brooks) at