13 August 1999
To: Jim Gillogly <jim@acm.org>, cypherpunks@cyberpass.net From: Vin McLellan <vin@shore.net> Subject: Re: DoE DES crack Date: Thu, 12 Aug 1999 12:45:14 -0400 Denning & Baugh wrote: [See: "Hiding Crime in Cyberspace," http://cryptome.org/hiding-db.htm] >>> The files were said to have been encrypted several times using >>>the ?Defense Encryption Standard? [sic]. According to Littman, >>> a Department of Energy supercomputer was used to find the >>> key, a task that took several months ... Mob noted: >> If true, this must be the first "documented" (civilian) brute force >> DES-crack, anticipating the June 1997 networked crack? Jim Gillogly added: >Would you count a DoE supercomputer as a "civilian" crack? I >wouldn't...anything classified is government to me. That's probably >just the biggest government iron the FBI could lay their hands on. Actually, the FBI probably had nothing to do with it. The untold stories about cops cracking DES are more likely found at higher (NSA) and lower levels in the LEA hierarchy. I know of at least one earlier incident, sometime in the early 80s, in which the reputed bookkeeper for a major Columbia drug ring lost his DES-encrypted records and the encrypted files turned up in the hands of California cops. After the FBI and NSA refused to help crack the files, one Calif. LEA asked a Sheriff's Deputy (different jurisdiction) who worked part time as the admin of a supercomputer -- at a civilian defense contractor's site in Southern California -- to spend space cycles on brute forcing the crack. With his company's permission, he did so. I ran into him and heard the story by chance. By then, he had already chewed up several weeks of supercomputer time, as yet unsuccessfully. I was a journalist and I tracked him down a couple months later to see what had happened. He told me that the FBI and DIA had landed on him, his company, and the Calif. LEA which had requested his assistance with boots. He was uncertain if the crack was being done elsewhere -- i.e., Fort Meade -- but it was made clear to him that the US Government did not want any low-level lawman cracking DES, even to bedevil a major drug ring. "Bigger issues were at stake," was the way he put it. His records of the brute force attack were seized. Suerte, _Vin