WHMurray@DOCKMASTER.ARPA (12/21/89)
The following comments indicated by ">" were attributed to SWE in VIRUS-L 1234. >SWE first suspected and tested for the public key encryption method >for several reasons. The major reason was the lack of access people >outside of the United States would have to the DES encryption formula. [The DEA is an encryption algorithm developed and licensed by IBM. The DES is a U. S. Government standard for the implementation of that algorithm.] The DES is published and available from The Superintendent of Documents, U.S. Government Printing Office Washington, D.C. It can be implemented in software without much difficulty. It is widely available outside the U. S. >For those not aware, the U.S. Government guards the DES formula, and >software which makes use of this formula may not be exported out of >the United States. Should it turn out that the DES formula was also >used, the authors of the AIDS "trojan", could possibly be prosecuted >under United States statutes pertaining to national security. While export of any munitions, including cryptography, from the U.S. msut be licensed, possession or use of the DES or DES outside the U. S. is not a crime. >The second reason deals with the DES encryption method. Students of >cryptology are well aware that the DES formula has been considered >vulnerable for some time now. Students of cryptology are aware of an untruth. While there have been flawed implementations of the DEA, the cheapest know attack against the DES is an exhaustive attack against the key. Such an attack is measured in centuries of 3090 time. >It is also a well know fact that DES >specific processors have been produced, which make "cracking" a DES >encrypted file much easier than the public key method. The DES method >also limits to a greater degree the length of the encryption key. Have you seen one? Do you even know anyone that has seen one? (Of course everyone knows someone who knows someone who has seen one, but that is true of UFO's too. As to the relative strength of the two method, each is, in part a function of the key length chosen. However, in general, public key lengths of 8 to 10 times as long are required to achieve comparable security with the DEA. While the DES limits the length of the key to 56 bits, choice of key length in an implementation is arbitrary. IBM sells an implementation that employs a 112 bit key, if only to protect other keys. >Combining these two reasons along with the extraordinary expense the >authors of the AIDS "trojan" went to, we guessed that they would also >use a "first class" encryption method. Very naive analysis. John McAfee writes: > A comparison of the encrypted and unencrypted entries >indicates that some form of linear character mapping was used >i.e. # = I, } = A, 8 = E, @ = D, etc.) In other words, "first class" equates to a Captain Midnight decoder ring. So much for this writer's expert analysis. William Hugh Murray, Fellow, Information System Security, Ernst & Young 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840