As discussed in section 5, "What are
the vulnerabilities in encryption and how do I guard against them?,"
"brute force" cracking is a method of finding a password or key
by trial and error. The longer the password or key, the more difficult it becomes to
crack it. For example, a 56-bit key has 2^{56} possible keys. That's up to
72,057,594,037,927,936 – seventy-two quadrillion –
keys that must potentially be tried in order to find the correct one.

That doesn't mean that a 56-bit key is strong enough to prevent successful brute force attacks. Even back in 1997 when desktop computers were much less powerful than current models (this guide was written in September 2001), a distributed computing effort cracked the RSA's 56-bit RC5 encryption in less than 250 days. (See an article on the effort. A distributed computing effort is one in which many computers share the task of testing the seventy-two quadrillion possible combinations of bits.) In 1998, a similar effort took just 39 days using 50,000 computers. Those computers tried 85% of the possible combinations, at speeds that at times reached 26 trillion keys per second, before finding the right key. Another 1998 effort, by the Electronic Frontier Foundation, took only 3 days to crack a 56-bit DES key using a special computer called the DES (Data Encryption Standard) Cracker.

In some cases, viruses have invaded computers and used their computing power without the owner's knowledge. (GRC.com has a story about a malicious cracker who launched a denial-of-service attack that flooded a computer with more data than it could process, using 474 Microsoft Windows computers without their owners' knowledge.)

Fortunately, increasing the number of bits in a key
exponentially increases the number of possible keys that would have to be tested
with the "brute force" method. So, a 128-bit key could be any one of 3.4 *
10^{38} keys, a 192-bit key could be any one of 6.2 * 10^{57}
keys, and a 256-bit key could be any one of 1.1 * 10^{77} keys. A note at
the U.S. Computer
Security Resource Center's Advanced Encryption Standard FAQ states:

In the late 1990s, specialized "DES Cracker" machines were built that could recover a DES key after a few hours. In other words, by trying possible key values, the hardware could determine which key was used to encrypt a message. Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 trillion years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.

Note that these efforts are per key; if you were to divide the data you were encrypting into 10 subsections and used a different key for each of the subsections, this decryption process would need to be repeated 10 times.

To summarize, brute force cracking can be significantly slowed with strong encryption, (essentially, just using longer keys) and slower algorithms. Modern strong encryption should be able to hold off all but the best-funded efforts by crackers with lots and lots of time on their hands. Encryption can make data access difficult enough that a malicious cracker may decide to look for an easier target rather than spending resources attempting to crack strong encryption.

The complexity of these algorithms prevents us from describing their workings in-depth in a guide intended for readers with limited technical knowledge of encryption, but here are some links and names that may be useful if you want to know more about the technical aspects of encryption software. You can always find more information on each algorithm (including ones that are not listed here) simply by searching for the algorithm's name on your favorite Internet search engine.

One interesting read is the PGP Diffie-Hellman vs. RSA FAQ, which discusses the effectiveness of various algorithms.

AES is the block cipher being developed as a successor to DES. (AES was not completed at the time this guide was published.) It operates under the symmetric key model. Some of the other encryption algorithms listed in this section were submitted as candidates to become AES. The selected algorithm is one called Rijndael (one suggested pronunciation: "rain doll"), a variant of an algorithm called Square.

- AES (Rijndael) (mathematical analysis)
- The AES Candidates
- The Block Cipher Rijndael (a newbie's introduction to Rijndael)
- Computer Security Resource Center: AES; FAQ
- The History of AES
- PGP Diffie-Hellman vs.RSA FAQ: What is AES?

Blowfish is a block cipher that employs the asymmetric key model. "Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. Since then it has been analyzed considerably, and it is slowly gaining acceptance as a strong encryption algorithm. Blowfish is un-patented and license-free, and is available free for all uses." (Counterpane Internet Security: The Blowfish Encryption Algorithm)

CAST is a group of ciphers. "CAST-128 belongs to the class of encryption algorithms known as Feistel ciphers; overall operation is thus similar to the Data Encryption Standard (DES)." (C. Adams, Entrust Technologies: The CAST-128 Encryption Algorithm) It operates under the symmetric key model.

"It is resistant to both linear and differential cryptanalysis. Currently, there is no known way of breaking CAST short of brute force. There are no known attacks on CAST with reduced rounds – it looks incredibly secure. CAST is now the default cipher in PGP." (PGP Diffie-Hellman vs. RSA FAQ: What is CAST?)

"CAST is a family of ciphers. Some of the other 'CAST' ciphers have succumbed to advanced attack. (Rijmen and Preneel have attacked some CAST designs and so have Kelsey, Schneier & Wagner.) The same attacks have been tried against the implementation of CAST used in PGP and have, thus far, failed." (PGP Diffie-Hellman vs. RSA FAQ: What is CAST?)

- C. Adams, Entrust Technologies: The CAST-128 Encryption Algorithm
- C. Adams, J. Gilchrist, Entrust Technologies: The CAST-256 Encryption Algorithm
- PGP Diffie-Hellman vs. RSA FAQ: What is CAST?

DES is the current standard encryption algorithm. "DES was developed in the 1970s by the National Bureau of Standards with the help of the National Security Agency" with an algorithm submitted by IBM. (The Next Wave: What is DES?) It operates under the symmetric key model.

"Unfortunately, over time various shortcut attacks were found that could significantly reduce the amount of time needed to find a DES key by brute force. And as computers became progressively faster and more powerful, it was recognized that a 56-bit key was simply not large enough for high security applications." (Tropical Software: DES Encryption (DES)

" On July 17, 1998 the Electronic Frontier Foundation (EFF) announced the construction of a DES brute-force hardware cracker (http://www.eff.org/descracker/). This $220,000 device can break a DES key in an average of 4.5 days." (Dr. Dobb's Journal: The Current State of DES)

Triple-DES is only a third as fast as DES, but uses three keys to effectively triple the key length to 168 bits, making the algorithm "billions of times more secure [than DES] if used properly." (Tropical Software: Triple DES Encryption [Triple DES])

- Dr. Dobb's Journal: The Current State of DES
- The Next Wave: What is DES? (DES)
- PGP Diffie-Hellman vs.RSA FAQ: What is 3DES?
- SearchSecurity: Data Encryption Standard (DES)
- Tropical Software: DES Encryption (DES)
- Tropical Software: Triple DES Encryption (Triple DES)

Diffie-Hellman is an encryption algorithm that employs the asymmetric key model.

"In 1976, Diffie and Hellman started an explosion of open research in cryptology when they first introduced the notion of public-key cryptography, which allows for new electronic means to handle key distribution in conventional cryptographic systems and for digital signatures in electronic messages." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)

"The Stanford patent on the Diffie-Hellman technique... expired in 1997 and [the technique] is now in the public domain." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)

- Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS (if the link is down; see Google's cached copy)
- PGP Diffie-Hellman vs. RSA FAQ: What is DH / ElGamal?
- RSA Security: What is Diffie-Hellman?

GOST is the U.S.S.R. 28147-89 standard protection algorithm, analogous to the U.S.'s DES. "The algorithms are similar in that both operate on 64-bit blocks by successively modifying half of the bits with a function of the other half." (GOST encryption algorithm: Russian analogue to US Standard?)

- GOST encryption algorithm: Russian analogue to US Standard?
- Soviet Encryption Algorithm (GOST 28147-89)

IDEA is a block cipher used in PGP. "IDEA, unlike the other block cipher algorithms discussed in this section, is patented by the Swiss firm of Ascom. They have, however, been generous in allowing, with permission, free noncommercial use of their algorithm, with the result that IDEA is best known as the block cipher algorithm used within the popular encryption program PGP." (IDEA (International Data Encryption Algorithm)

- IDEA (International Data Encryption Algorithm) (a mathematical analysis)
- Naval Postgraduate School / Department of Computer Science: IDEA (mathematical overview)
- PGP Diffie-Hellman vs. RSA FAQ: What is IDEA?

See "Data Encryption Standard (DES) and Triple-DES (3DES)"

"Twofish is a block cipher by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists. Twofish is unpatented, and the source code is uncopyrighted and license-free; it is free for all uses." (Counterpane Internet Security: Twofish: A New Block Cipher) It operates under the symmetric key model.

- PGP Diffie-Hellman vs. RSA FAQ: What is Twofish? (discusses concerns that Twofish is new and unproven)
- Counterpane Internet Security: Twofish: A New Block Cipher
- The Twofish Encryption Algorithm: Block Encryption for the 21st Century

RSA is a family of algorithms that employ the asymmetric key model. There are actually multiple incarnations of this algorithm; RC5 is one of the most common in use, and RC6 was a finalist algorithm for AES. Searching for how RSA works often yields a host of pages about how it works mathematically, because the U.S. patent on the RSA algorithm expired on September 21, 2000. (RSA Security, Inc. actually began offering the algorithm to the public before the 17-year-old patent expired.)

- Tom Davis' notes on RSA Encryption
- RSA Algorithm JavaScript Page (illustrates mathematical principles with web-based code)

Back to Guide