BrydDES, version 1.0 (beta no. 9) for Windows 95/NT. Copyright Svend Olaf Mikkelsen. February 25, 1997. BrydDES issues a known plaintext attack for DES encryption. The method is brute force. ECB mode and CBC mode with known IV are supported. On a Pentium 120, this version of the program can test 502,000 keys per second in Windows NT, when no other programs are running. It is set to run at idle priority. Please note that this is a beta-release. Note also that if a key is found which encrypts the given 8 bytes plaintext into the given ciphertext, it is not sure that there will not exist another key, which will do the same thing. It will be necessary to verify the key on another plaintext/ciphertext pair. So far source is not included. The code is tested on a Pentium, but should run on a 486. Usage: BrydDES plaintext ciphertext i_vector start_key [T] or BrydDES RESUME plaintext 16 hexadecimal digits (The known plaintext). ciphertext 16 hexadecimal digits i_vector 16 hexadecimal digits (The known initialisation vector) start_key 8 hexadecimal digits (Bit 1-32 in the first key to test) or 7 hexadecimal digits (Without parity bits) T Exit when the start key is tested (For test purposes) RESUME Continues operation from last key tested, when started in a directory with a BrydDES.log file. In this version keys beginning with the startkey bits and the complementary keys are tested. I.e. when keys beginning with 01010101 are tested, keys beginning with FEFEFEFE are also tested. You can avoid testing the same keys twice by always choosing a 7 digit startkey between 0000000 and 7FFFFFF. Bits are numbered from the left to the right. For ECB mode, use i_vector 0000000000000000 If a key is found, it is displayed on the screen and saved in the BrydDES.log file in the directory in which BrydDES was started. The log file can be viewed in an editor. Each time a new start key is being tested, it is printed on the screen. On a Pentium 120 it takes about 18 minutes to test all keys with a given start_key and the complementary keys. The program is interrupted with Ctrl-C. Parity in a 32-bit start key (8 hexadecimal digits) does not matter. When the 32-bit start key is displayed, it is adjusted for parity. In the log file start keys are written as 7 digit hexadecimals without parity. The software is provided as is. No responsibility is taken for errors, especially not if the program due to an error fails to detect the key in a contest, or gives a false positive key. Examples: TEST.BAT: @echo off REM This batch-file invokes the BrydDES cracker, REM beta-version, with the RSA test data. REM REM Note that the BrydDES beta-version only search for the key. REM So far, if a key is found, the unknown plaintext must be REM decrypted with another DES program. REM echo on BrydDES 54686520756e6b6e 3ea786f91d76bbd3 a2185abf459660bf 5ed9204f @echo off REM ^ first 8 byte ^ first 8 byte ^ IV ^ bit 1-32 REM ^ of plaintext ^ of ciphertext ^ of first REM ^ key to REM ^ test CHAL.BAT: @echo off REM This batch-file invokes the BrydDES cracker, REM beta-version, with the RSA challenge data. REM REM Note that the BrydDES beta-version only search for the key. REM So far, if a key is found, the unknown plaintext must be REM decrypted with another DES program. REM REM NB! NB! NB! Please verify the numbers yourself! REM Enter your own 7 or 8 digit hexadecimal number as REM parameter to the batch file. echo on BrydDES 54686520756e6b6e 794581c0a06e40a2 99e97cbf4f7a6e8f %1 Example: CHAL D1C2B3A And the next time, in the same directory: BrydDES RESUME --- Available at: http://inet.uni-c.dk/~svolaf/des.htm