In 1998 a team of private-sector computer experts built a special-purpose computer that could test 92 billion different key sequences per second in the widely used Data Encryption Standard system, a mainstay of encoding for commercial electronic traffic, such as bank transfers. It took them fifty-six hours to break a message that was encoded in a version of DES that chooses from some 72 quadrillion possible keys for enciphering each message. (The number of possible keys available in a computer-generated code is typically measured in terms of the length of the binary numeral required to specify which key sequence to use; fifty-six bits give about 72 quadrillion combinations, so this version is called 56-bit DES.) That feat was hailed as a great technological triumph, and it undoubtedly was one. It was also clearly intended to make a statement—namely, that DES, which the U.S. government had promulgated, was deliberately designed to keep ordinary code users from employing anything too hard for the NSA to break. But there was an utterly trivial fix that DES users could employ if they were worried about security: they could simply encrypt each message twice, turning 56-bit DES into 112-bit DES, and squaring the number of key sequences that a code breaker would have to try. Messages could even be encrypted thrice; and, indeed, many financial institutions at the time were already using "Triple DES."
Issued in 1977, DES was originally implemented in a computer chip, which made it possible at least in principle to control the spread of encryption technology through export restrictions. Huge increases in the processing power of PCs, however, subsequently made it easy to realize much more complex encryption schemes purely in software, and the Internet made it practically impossible to prevent the rapid spread of such software to anyone who wanted it. Today most Web browsers use 128-bit encryption as the basic standard; a brute-force attack would take the world's fastest supercomputer something like a trillion years at present. If someone develops a supercomputer that is twice as fast, a code user need only start using 129-bit encryption to maintain the same relative advantage.
The standard e-mail encryption software, supplied with most computers, is the PGP ("pretty good privacy") system. In its latest version it is actually considerably better than pretty good. Users can select 2048-bit (equivalent to a little less than 128-bit DES) or even 4096-bit (equivalent to significantly more than 128-bit DES) keys.
Osama bin Laden's network is suspected of employing additional methods to veil its communications. Some reports suggest that al Qaeda not only used encrypted e-mail but also hid encrypted message texts within picture files or other data that could be downloaded from a Web site.
From the archives:"Victory at Sea"
The story of the American war is incomplete without the sweep and strategic stakes of the war at sea, in which 104,985 American sailors and Marines were wounded, 56,683 were killed, and more than 500 U.S. naval vessels were sunk. Lest we forget. By David M. Kennedy
The implications of this fundamental shift in the balance of cryptologic power between the spies and the spied-upon are profound. Before World War II most Western governments and their military officials looked on intelligence with considerable contempt if they paid attention to it at all. Information from paid spies has always been notoriously unreliable—colored by ineptness, by a mercenary calculation of what the customer wants to hear, and sometimes by outright deceit. The explosion of intelligence from decoded enemy signals that took place during World War II, however, revolutionized both the profession of intelligence gathering and its impact. Signals intelligence was information coming unfiltered from the mouth of the enemy; its objectivity and authenticity were unparalleled. The proof was in the payoff. The victory at Midway, the sinking of scores of Japanese and German submarines, the rout of Rommel across North Africa, the success of D-Day—all depended directly and crucially on intelligence from decoded Axis communications.