Crypto Wiki



Part of the EFF's DES cracking machine which was used in two of the challenges

The DES Challenges were a series of brute force attack contests created by RSA Security for the purpose of highlighting the lack of security provided by the Data Encryption Standard.

The Contests[]

The first challenge began in 1997 and was solved in 96 days by the DESCHALL Project.

DES Challenge II-1 was solved by in 41 days in early 1998. The plaintext was "The secret message is: Many hands make light work."[1]

DES Challenge II-2 was solved in just 56 hours in July 1998 by the Electronic Frontier Foundation (EFF) with their purpose-built Deep Crack machine. The prize for the contest was US$10,000 whilst the machine cost US$250,000 to build. The contest demonstrated how quickly a rich corporation or government agency, having built a similar machine, could decrypt ciphertext encrypted with DES. The text was revealed to be "The secret message is: It's time for those 128-, 192-, and 256-bit keys."[2]

DES Challenge III was completed as a joint effort between and Deep Crack. The key was found in just 22 hours 15 minutes in January 1999, and the plaintext was See you in Rome (second AES Conference, March 22-23, 1999).[3]


Many cryptographersTemplate:Who assumed that once the DES had been shown to be breakable, the Federal Authorities would withdraw the standard, however this didn't happen. FBI director Louis Freeh told Congress. "That is not going to make a difference in a kidnapping case. It is not going to make a difference in a national security case. We don't have the technology or the brute force capability to get to this information."[4]

It wasn't until special purpose hardware brought the time down below 24 hours that both industry and federal authorities had to admit that the DES was no longer viable. Although the National Institute of Standards and Technology started work on what became the Advanced Encryption Standard in 1997, they continued to endorse the DES as late as October 1999, with FIPS 46-3, although Triple DES was preferred.

See also[]

  • RSA Factoring Challenge
  • RSA Secret-Key Challenge