You are here

Brute Force: Cracking the Data Encryption Standard

Matt Curtin
Springer Verlag
Publication Date: 
Number of Pages: 
[Reviewed by
Daniel Bilar
, on
Picture a hemisphere, over a mile high and two and a half miles wide, densely packed with hay... and your task is to locate one specific straw. Such was the challenge that the US-based DESCHALL project undertook in 1997. DESCHALL's goal was to search through 72 quadrillion keys to demonstrate the feasibility of a brute force attack on DES, a widely deployed, US government standard, 56-bit key symmetric encryption algorithm. Written by one of DESCHALL's project leaders, Brute Force is the surprisingly captivating account how thousands of volunteers, electronic civil libertarians and programmers organized themselves to successfully defeat DES.

Curtin starts off with the genesis of DES and moves on to document the 140 days of trials, tribulations and ultimate triumph of this massive collective effort. Although the unavoidable search progress metrics become tedious after a while, he manages to keep interest alive with a taut but lively prose, a focus on the human element of the story and his occasional digressions into the political battles over cryptography that raged during the late nineties. Furthermore, the non-technical reader will appreciate the evocative similes with which he illuminates technical terms and processes.

Perhaps most intriguing in Curtin's narrative are not the technical obstacles that had to be overcome, but the human and social aspect of divvying up the workload: Recruiting volunteers, keeping them motivated; and maybe most importantly, identifying dedicated personalities willing to lead from the 'bottom-up'.

Daniel Bilar has held visiting faculty appointments at Oberlin and Colby. He gets excited about teaching students and network security: risk analysis of networks, malicious code analysis and computer forensics. This interest was sparked at the Institute for Security and Technology Studies which conducts counter-terrorism technology research for the Department of Homeland Security. He has degrees from Brown University (BA, Computer Science), Cornell University (MEng, Operations Research and Industrial Engineering) and Dartmouth College (PhD, Engineering Sciences).



1. 90MHZ Pentium

2. Data Encryption Standard

3. Key Length

3.1 Symmetric Cryptography

3.2 Codes

3.3. Susceptibility to Brute Force Attacks

3.4 Substitution Ciphers

3.5 Asymetric Cryptography

4. RSA Crypto Challenge

5. Law Enforcement Concerns

6. Supercomputer

7. Show Me the Code

8. Project Follows Code

9. Organizing DESCHALL

10. Announcing DESCHALL

11. Getting Attention

12. Front Running

13. Haystack

14. Clients

14.1 Verser DES Key Search Method

14.2 More Speed for Intel

15. Architecture

15.1 Boot Disks

15.2 Client Management

15.3 Dialup Users

15.3.1. Dialup in Windows

15.3.2. Dialup in OS/2

16. Every Machine Counts

17. Competition

18. Summer Vacation

19. 100% CPU


21. Requests

22. Perseverance

23. Network

24. Download

25. SolNET

26. Get Off Your Duff

27. Short Circuit

28. Media

29. Volume

30. Too Much Is Never Enough

31. Proposal

32. In the Lead

33. Recruit

34. SolNET Drops Off

35. Threats

36. Crypto News

37. Rivalry

38. Overdrive

39. Disturbed

40. Back Door

41. Second Stage

42. Obstacle


44. Export

45. Keeping It Together

46. Getting Word Out

47. No DESCHALL Here

48. Schedule

49. SolNET Stumbles

50. A Few Hundred Clients

51. New Statistics

52. Bitslice

53. Crypto Battle

54. SolNET Recovers

55. Server Outrage

56. SGI

57. Netlag

58. Terminal Velocity

59. Photoshoot

60. Integrity

61. Workaround

62. Morale

63. Strong Cryptography Makes the World a Safer Place

64. Talking Head

65. Effect

66. Saying the Course

67. Five Years Later

68. Next Steps

68.1 Other Stuff