Brute Force: Cracking the Data Encryption Standard and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
More Buying Choices
Have one to sell? Sell yours here
Start reading Brute Force: Cracking the Data Encryption Standard on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Brute Force: Cracking the Data Encryption Standard [Hardcover]

Matt Curtin

List Price: CDN$ 29.50
Price: CDN$ 18.59 & FREE Shipping on orders over CDN$ 25. Details
You Save: CDN$ 10.91 (37%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Usually ships within 2 to 4 weeks.
Ships from and sold by Amazon.ca. Gift-wrap available.

Formats

Amazon Price New from Used from
Kindle Edition CDN $14.96  
Hardcover CDN $18.59  
Paperback CDN $17.23  
Save Up to 90% on Textbooks
Hit the books in Amazon.ca's Textbook Store and save up to 90% on used textbooks and 35% on new textbooks. Learn more.
Join Amazon Student in Canada


Book Description

Feb. 16 2005 0387201092 978-0387201092 2005

In the 1960s, it became increasingly clear that more and more information was going to be stored on computers, not on pieces of paper. With these changes in technology and the ways it was used came a need to protect both the systems and the information. For the next ten years, encryption systems of varying strengths were developed, but none proved to be rigorous enough. In 1973, the NBS put out an open call for a new, stronger encryption system that would become the new federal standard. Several years later, IBM responded with a system called Lucifer that came to simply be known as DES (data encryption standard).

The strength of an encryption system is best measured by the attacks it is able to withstand, and because DES was the federal standard, many tried to test its limits. (It should also be noted that a number of cryptographers and computer scientists told the NSA that DES was not nearly strong enough and would be easily hacked.) Rogue hackers, usually out to steal as much information as possible, tried to break DES. A number of "white hat" hackers also tested the system and reported on their successes. Still others attacked DES because they believed it had outlived its effectiveness and was becoming increasingly vulnerable. The sum total of these efforts to use all of the possible keys to break DES over time made for a brute force attack.

In 1996, the supposedly uncrackable DES was broken. In this captivating and intriguing book, Matt Curtin charts DES's rise and fall and chronicles the efforts of those who were determined to master it.


Special Offers and Product Promotions

  • Join Amazon Student in Canada


Product Details


Product Description

Review

From the reviews:

An excellent story about the thousands of volunteers who battled to prove that the aging standard for date encryption was too weak and to wrestle strong cryptography from the control of the U.S. government...It is a worthy book for almost anyone who has a computer.

-Louis Kruh, Cryptologia, Volume 30, 2006

Brute Force is about as entertaining a read as you will get on cryptography. It provides a detailed account of how DES was taken down and is an interesting read for any student of cryptography and the crypto wars of the 1990s.

-Ben Rothke, UnixReview.com, September 2005

Matt Curtin was right at the heart of the Deschall cracking effort, and his book is excellent in describing the day-to-day progress towards the goal...

-Richard Clayton, Times Higher Education Supplement (U.K.), October 2005

"This book is an exciting popular account of an important event nearly ten years ago in the social history of cryptography. … The book is written to tell the story of how the DESCHALL (Des challenge) project came together, to encourage interest in cryptography amongst the young and to make the subject more accessible to people. It would seem to be successful on all counts." (P. D. F. Ion, Mathematical Reviews, Issue 2006 j)

"DESCHALL’s goal was to search through 72 quadrillion keys to demonstrate the feasibility of a brute force attack on DES … . Curtin starts with the genesis of DES … . he manages to keep interest alive with a taut but lively prose, a focus on the human element of the story … . the non-technical reader will appreciate the evocative similes … . Perhaps most intriguing in Curtin’s narrative are … the human and social aspect of divvying up the workload … ." (Daniel Bilar, MathDL, November, 2005)


Inside This Book (Learn More)
First Sentence
A modest desktop computer quietly hummed along. Read the first page
Explore More
Concordance
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.5 out of 5 stars  11 reviews
10 of 10 people found the following review helpful
5.0 out of 5 stars Great story of the life and death of DES Oct. 2 2005
By Ben Rothke - Published on Amazon.com
Format:Hardcover
Brute Force: Cracking the Data Encryption Standard is the story of the life and death of DES (data encryption standard). In the early 1970s, the U.S. government put out an open call for a new, stronger encryption algorithm that would be made into a federal standard, known as FIPS (Federal Information Processing Standard.). Numerous solutions were submitted as the DES candidate, including one from IBM. The IBM solution, originally called Lucifer, was chosen to be used as the encryption algorithm. After that, it became known as DES.

DES is the most widely used method of symmetric data encryption ever created. Its 56-bit key size means that there are roughly 72,000,000,000,000,000 (72 quadrillion) possible encryption keys for any given message. DES was always considered a strong encryption method, but strength is relative.

The strength of an encryption system is measured by how resilient it is against attack. From the outset, it was known that DES was susceptible to brute force attacks. A brute force attack, also known as an exhaustive search is an attack against a cryptosystem in which all possible values for the key are attempted - the bigger the key, the more difficult the attack.

It must be remembered that DES was developed long before desktop computers, so the feasibility of a computer that could perform a brute force attack against DES was rendered so expensive and infeasible that the 56-bit key space (in a 64-bit block) of DES was considered strong enough. In reality, Lucifer actually had an original design of a 128-bit block size and 112-bit key size, but politics got in the way, and DES was created in a crippled state from the onset.

By 1997, DES was cracked, and the start of its downfall had commenced. Brute Force: Cracking the Data Encryption Standard is a firsthand account of how DES was broken. Author Matt Curtin was a member of the DESCHALL team, which was created in response to the RSA Security Inc. RSA Secret Key Challenge. The challenge was to break a DES-encrypted message.

Brute Force comprises two interrelated parts. Part 1 is a short overview of cryptography and encryption. It also details how Curtin first became interested in cryptography in the Bexley, Ohio, public library. Part 1 sets the groundwork for the main subject matter of the book, which is Curtin's diary of how DES was broken via DESCHALL.

The unofficial mantra of DESCHALL was that friends didn't let friends have idle computers. DESCHALL was led by Curtin, Rocke Verser, Matt Curtin, and Justin Dolske, and used an Internet-based distributed computing infrastructure. Since brute force attacks are naturally suited to distributed computing, it made for a perfect testing ground to break DES.

Part 2 details the ups and downs of the project. Designing a software system to crunch up to 72 quadrillion is not a easy task, combined with key server crashes, competitive foreign groups, and the U.S. government on your back, made the travails of DESCHALL a challenging endeavor. The success of DESCHALL was to get as many hosts involved as possible. Given the fact that the CPUs of most computers sit idle for most of their lives, such CPUs were of extreme value to DESCHALL.

While Brute Force can be dry at times (remember, this is a book about cryptography), it does have its humorous moments. Much of DESCHALL occurred in the summer of 1997, and many universities had powerful computers that would sit idle all summer. DESCHALL members attempted to harness that power and were astounded when the computer lab manager of Yale University refused to allow the labs computer to run DESCHALL client software. He stated that the computers had the newest processors in them and that he did not want to wear them out. Furthermore, the lab manager thought that running DESCHALL software would void the warranty with the computer manufacturer due to the undue strain it would place on the processor.

The DESCHALL team was victorious in June 1997 when they finally cracked the RSA Secret Key Challenge after processing about 25% of the 72 quadrillion keys. The message was encrypted with the appropriate message "Strong Cryptography Makes the World a Safer Place". DESCHALL succeeding in starting the beginning of the end of DES, which has since been replaced by the Advanced Encryption Standard (AES).

Brute Force is about as entertaining a read as you will get on cryptography. It provides a detailed account of how DES was taken down and is a interesting read for any student of cryptography and the crypto wars of the 1990s.
7 of 7 people found the following review helpful
5.0 out of 5 stars More interesting and readable than I would have imagined. June 4 2006
By frumiousb - Published on Amazon.com
Format:Hardcover
When approached by the author as to whether I was interested in reading Brute Force, I was-- with some reservations. It has been a while since I hung up my tech strategy hat to go work in the non-IT world. Also, even though I'm reasonably technical, I'm a long way from a Cypherpunk. I was a little concern that it would get too technical for me to really appreciate.

To be honest, I was also curious whether there was enough material about DESCHALL to really warrant a full book. I had been aware of the crack when it happened, and had honestly not looked much further than the "brute force. took several months. ho hum." attitude that the press seemed to be applying to the story.

I am pleased to say that I was wrong to be worried on both counts.

First of all, Curtin is a blessedly clear writer. As he covers topics which are cryptography specific, he explains them. Furthermore, he explains them using simple language so that I had no problem understanding. You do not need to be a cryptographer to read this book.

Second, there apparently is enough material for a full book. Curtin manages to set up a really interesting story that is fully placed in a political and social context. Bonus because he does that without rehashing ground that has been covered about PGP and Zimmerman in other books. I found myself really interested in the DESCHALL efforts. It was particularly interesting to start drawing the analogy with later distributed computing efforts that were essentially tested with this effort.

The foreward by Gilmore was fun enough-- but then, I like his writing and I really like the EFF.

I would recommend this book for someone interested in the history of computing, or for someone with a special interest in security issues. Some computer background helps, but you do not need to be a specialist to read and enjoy the book. Truthfully, the book is closer to 4 and a half stars than five-- but Curtin gets some extra credit for all the ways that he could have made it unreadable, but did not.
6 of 6 people found the following review helpful
5.0 out of 5 stars Fascinating journey through cryptography, civil liberties, social networking and more. May 11 2006
By Jerry Saperstein - Published on Amazon.com
Format:Hardcover
Matt Curtin has written a fascinating book that courses through the history of cryptography, the power of social networks and the Internet to bring them into being, conquering a technological challenge through altruistic cooperation, the competitive spirit, the government's desire to intrude on its citizen's privacy and battle against government in behalf of individual freedom. It sounds like a lot and it is --- but Curtin is blessed with the ability to write in plain English, thus rendering even the most esoteric technology understandable.

The central story revolves around DES, a 56-bit Data Encryption Standard, adopted by the U.S. government in the early 1980s. Proponents argued that DES was unbreakable because there were 76 quadrillion possible keys. Curtin does a masterful job of providing a brief, but thorough history of cryptography through the ages. He deserves an accolade for this. Cryptography is not simple subject and many writers on the subject presume the reader already knows cryptography. Curtin doesn't make this mistake.

Throughout the 1980s and 1990s, technologists and civil libertarians became increasingly concerned that 56-bit DES wasn't secure enough; that it could be defeated and supposedly confidential data compromised. At the same time, the Clinton administration had banned the export of powerful encryption technology hurting businesses and was demanding that all producers of cryptographic systems provide the government with a key, literally a backdoor, so the government at its whim could access encrypted data. The Clinton White House, of course, claimed that law enforcement needed these powers to protect children from pornography, fight terrorism and the war on drugs.

A commercial firm, RSA, announced cash prizes to the first entities to crack several encryption algorithms. Curtin and a few others resonded by organizing an effort to create a network where computer owners would devote unused CPU resources to an effort to crack DES. That is, they would apply up to 76 quadrillion keys to a message created by RSA in order to be the first to get it done.

The story of this "brute force" effort is the bulk of Curtin's book and is compellingly interesting. It involves technology; the creation and evolution of software designed to test keys against the DES algorithm. Here again, Curtin makes what could be incomprehenisible esoterica clear and interesting to the lay reader. Although I've been involved with the technology for more than 40 years, I feel certain that even those who consider themselves "computer illiterate" would find Curtin's explanation of this effort understandable and interesting.

Curtin's story within the story is how strangers with common interests were allowed to come together and pool their efforts via the Internet. Long before "social networking" became a catch phrase, the power of the Internet to facilitate social interaction and cooperation was demonstrated by efforts such as Curtin's, which was called DESCHALL (DES Challenge).

This is almost as interesting as the technological challenge. Before America Online opened the Internet and, particularly the World Wide Web, to masses of vulgarians, the Internet was a very civilized environment. Serious discussions on every topic imaginable took place on Usenet (a form of bulletin board in simplistic terms)with a moderately high degree of decorum ("netiquette). That collegiality was largely lost when every moron got a modem.

There is a sub-story here about competition between DESCHALL, a European effort (SolNET) and others to be the first to crack DES.

Finally there is the political story as factions within Congress, the Clinton White House, business and interested citizens battled over the question of whether American citizens would be allowed to protect the confidentiality of their own information against the government.

Overall, Curtin has done a simply superb job of taking complex technological and political issues and describing them in an undestandable and compelling way. He writes of the DESCHALL quest in a journal style, racheting up the tension as the project encounters and overcomes obstacles, builds a network of volunteers, tries to get press attention and sweats out the competition to be the first to break DES. It's a neat story and well done.

I have only one criticism of the book (other than the occasional editing lapse): the introduction by John Gilmore, a founder of the Electronic Frontier Foundation, is utterly out of place in this book. It is a political rant for the tinfoil hat brigade, ending with a blatant political pitch that is based on misstatements.

Ironically Gilmore writes "[w]e will continue to be surprised by the capabilities that human societies have, when thousands of people network through their computers to accomplish a common purpose." What Mr. Gilmore and his ilk don't get is that it is not just good and decent people like Matt Curtin and his colleagues who engage in such collaboration. Gilmore apparently doesn't comprehend that there is evil in this world and it must be fought.

The inclusion of Gilmore's political ranting, however, does nothing to diminish the value of Curtin's story, which I think deserves to be ranked with other classics of the history of the technology, such as "Fire in the Valley: The Making of the Personal Computer" and other more substantial histories.

Jerry
3 of 3 people found the following review helpful
4.0 out of 5 stars meet some cryptographers Aug. 6 2005
By W Boudville - Published on Amazon.com
Format:Hardcover
Curtin gives us a peek into how cryptographers work. He describes the DES, which stood for over 10 years as the definitive method for encrypting data. We see how this attracted the strenuous efforts of some very talented cryptographers to break it.

The book is worthy in showing some of the personalities involved in this struggle, if one might use that term. It puts flesh on what are otherwise often just journal papers describing breakthroughs, but which often give little information about what it takes in people to discover or invent such things.

Look, most of us will never meet cryptographers in person. So this book may be a good substitute.
2 of 2 people found the following review helpful
5.0 out of 5 stars There's nothing brutal about it May 25 2006
By wiredweird - Published on Amazon.com
Format:Hardcover
This is a complex book, touching on topics in technology, civil liberties, volunteerism and cooperation, and the profound gap between what lawmakers and computer programmers are able to enact. Considering how much this book says, Curtin has chosen a remarkably understated way of saying it. A true nerd, he presents with neither braggadocio nor modesty, certain that the final result is adequate to move the reader if the reader can be moved at all.

Set the scene in the Clinton era, when the federal DES encryption standard was aging. It's origin was already under a cloud, because the NSA super-spooks had made last-minute and unexplained changes to some of its internals and slashed the key size that IBM had originally proposed. Loosely speaking, the key size is like the thickness of the encryption's armor - would you be truly at ease with anyone in the business of armor cracking, when they tell you that your armor didn't need to be nearly so strong? Then, the feds proposed a 'key escrow' scheme using the code-named Clipper chip. Roughly translated, this means "I'm from the government and I'm here to keep a copy of your deepest secrets safe for you." By the way - it's a federal crime to try to find out what the Clipper is doing, and it will self-destruct if you try to look inside. This is the world in which the super-spooks were saying "Trust the DES."

The nerds were saying "like hell." A private security company, RSA, had posted a challenge and a cash reward. The cash was a few thousand dollars, a piddling amount that most people just wanted to shuffle off to a charity so they wouldn't have to deal with it. The real reward was bragging rights worth enormously more, and not just in money. The goal was to make the spooks and feds look like ninnies. The deep goal was to show that they were lying, and that world trade encrypted in DES was very likely an open book to the US spy agencies. The deeper goal was to create the world's largest supercomputer, with no budget. The deepest goal was to show that an informed citizenry still holds power over its government, even while playing at a crippling disadvantage.

The nerds, of course, won. Curtin describes the challenges, the rivalries, the sabotage, and the victory. If your ear is tuned to his words, you'll hear the rising tension as the world's largest computer grows, month by month, to attack the world's largest computation. You'll see successive challenges compress the time scale from months down to a one-day time limit. You'll see the challenges met, and you'll see the notion of data security change before your eyes.

I fault Curtin for only one tiny fact in the politics of this story. The legislators trying to ban strong encryption were waving the usual flags - "If we allow this, then the child pornographers and organized crime have already won." Guys, that battle was already lost. About 20 years earlier, Martin Gardner had published the details of the big-primes public-key code in the August 1977 Scientific American. Speaking as a high school student of roughly that era, I assure you that the big-primes code, the epitome of strong crypto, was within reach of a determined and capable high school student with no girlfriend. The bad guys already had access to crypto as strong as the best. All the government could do was keep honest people from protecting their honest privacy. The only reason I can think of for Curtin to ignore this fact was that it made the government's bum-covering exercise look so inane that it would have damaged the credibility of the rest of his story.

//wiredweird, reviewing a complimentary copy

Look for similar items by category


Feedback