Summary

In the 1960s, it became increasingly clear that more and more information was going to be stored on computers, not on pieces of paper. With these changes in technology and the ways it was used came a need to protect both the systems and the information. For the next ten years, encryption systems of varying strengths were developed, but none proved to be rigorous enough. In 1973, the NBS put out an open call for a new, stronger encryption system that would become the new federal standard. Several years later, IBM responded with a system called Lucifer that came to simply be known as DES (data encryption standard).

The strength of an encryption system is best measured by the attacks it is able to withstand, and because DES was the federal standard, many tried to test its limits. (It should also be noted that a number of cryptographers and computer scientists told the NSA that DES was not nearly strong enough and would be easily hacked.) Rogue hackers, usually out to steal as much information as possible, tried to break DES. A number of "white hat" hackers also tested the system and reported on their successes. Still others attacked DES because they believed it had outlived its effectiveness and was becoming increasingly vulnerable. The sum total of these efforts to use all of the possible keys to break DES over time made for a brute force attack.

In 1996, the supposedly uncrackable DES was broken. In this captivating and intriguing book, Matt Curtin charts DES's rise and fall and chronicles the efforts of those who were determined to master it.

Choice Review

Many professionals believed that DES, the Data Encryption Standard established by the US government in the 1970s, was too weak due to its 56-bit key length. RSA's "1997 Secret Key Challenge" included a contest to decipher a DES-encrypted message. Curtin (Ohio State Univ.) offers an account of the DES Challenge (DESCHALL) group that formed and eventually won this competition by brute force--testing keys one at a time. The bulk of the book provides details of DESCHALL's progress, obstacles faced, and input and enhancements from participants. Understandable descriptions of cryptography, DES, and related computational and mathematical topics, as well as the state of cryptography legislation before, during, and after the contest, put the group's efforts in context and make the subject accessible to general readers. Advanced readers may note the lack of details, presumably due to nondisclosure agreements, of the processor optimized code and bit-slicing methodologies mentioned. The material is chronological within each topic (chapter), which leads to some repetition, and much discussion is given to key testing rates. Overall, an interesting account of a virtual distributed computing organization that formed to crack DES. ^BSumming Up: Recommended. General readers. J. L. Waterhouse University of Dubuque