From owner-freebsd-security Mon Feb 17 13:09:47 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA15145 for security-outgoing; Mon, 17 Feb 1997 13:09:47 -0800 (PST) Received: from saguaro.flyingfox.com (saguaro.flyingfox.com [204.188.109.253]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id NAA15140 for ; Mon, 17 Feb 1997 13:09:43 -0800 (PST) Received: (from jas@localhost) by saguaro.flyingfox.com (8.6.12/8.6.10) id NAA14500; Mon, 17 Feb 1997 13:04:21 -0800 Date: Mon, 17 Feb 1997 13:04:21 -0800 From: Jim Shankland Message-Id: <199702172104.NAA14500@saguaro.flyingfox.com> To: black@gage.com, jas@flyingfox.COM Subject: Re: blowfish passwords in FreeBSD Cc: imp@village.org, lithium@cia-g.com, phk@critter.dk.tfs.com, security@freebsd.org Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >From black@gage.com Mon Feb 17 12:11:49 1997 Return-Path: black@gage.com Received: (from smap@localhost) by saguaro.flyingfox.com (8.6.12/8.6.10) id MAA14448 for ; Mon, 17 Feb 1997 12:11:48 -0800 Received: from brimstone.gage.com(205.217.2.10) by saguaro.flyingfox.com via smap (V1.3) id sma014446; Mon Feb 17 12:11:39 1997 Received: (from mail@localhost) by fusion.gage.com (8.8.3/8.8.4) id OAA13645; Mon, 17 Feb 1997 14:15:41 -0600 (CST) Received: from octopus.gage.com(158.60.57.50) by fusion.gage.com via smap (V2.0beta) id xma013641; Mon, 17 Feb 97 14:15:40 -0600 Received: from squid.gage.com (squid [158.60.57.101]) by octopus.gage.com (8.7.5/8.7.3) with SMTP id OAA01624; Mon, 17 Feb 1997 14:15:39 -0600 (CST) Received: from schemer by squid.gage.com (NX5.67e/NX3.0S) id AA06596; Mon, 17 Feb 97 14:15:38 -0600 Message-Id: <9702172015.AA06596@squid.gage.com> Received: by schemer.gage.com (NX5.67g/NX3.0X) id AA03328; Mon, 17 Feb 97 14:15:37 -0600 Content-Type: text/plain Mime-Version: 1.0 (NeXT Mail 4.0 v146.2) In-Reply-To: <199702171906.LAA14225@saguaro.flyingfox.com> X-Nextstep-Mailer: Mail 3.3 (Enhance 1.3) Received: by NeXT.Mailer (1.146.2) From: Ben Black Date: Mon, 17 Feb 97 14:15:37 -0600 To: Jim Shankland Subject: Re: blowfish passwords in FreeBSD Cc: imp@village.org, phk@critter.dk.tfs.com, lithium@cia-g.com, security@freebsd.org References: <199702171906.LAA14225@saguaro.flyingfox.com> Status: R [I wrote:] > Hmm. 2^56 possible keys, so on average, you'd need to try > 2^55 keys. Say it takes 2^14 seconds (that's a little more > than three hours, but about right); then this board was doing > 2^41 encryptions per second, or roughly 2 million per > microsecond. Ben Black writes: > he didn't say it averaged 3 hours. he said it took it 3 hour > on a specific key. OK. Suppose the machine got very lucky, and happened to hit the right key after searching only 1/2^15 of the key space. The chances of getting this lucky are about 1 in 30,000. Then the machine did 2^41 encryptions in 2^14 seconds, or 2^27 encryptions per second, or about 128 per microsecond. Still not too shabby, and I still want to know how much this board costs :-). It is, of course, always possible to guess the right password the very first time, thereby cracking the account in well under a second. This will work even on an old 386 box lying around your lab, and does not require a card with ASICs. All you need is very good luck :-). Whether this says anything meaningful about the cryptographic strength of DES is debatable. Jim Shankland Flying Fox Computer Systems, Inc.