Leading encryption software company RSA Data Security is kicking off a second series of contests to discredit the federal government's crypto policy by exposing the vulnerability of its own software.
The contests award cash prizes to individuals or groups that successfully crack secret messages scrambled with RSA software. RSA sponsors the contests to show that the federal government's encryption regulations, which prevent companies such as RSA from exporting strong encryption without a license, are outdated.
The latest series of contests, dubbed "DES Challenge II," focuses on the 56-bit data encryption standard (DES) algorithm, which the Commerce Department says is adequate for protecting users' data. Anything stronger than 56 bits must have built-in "key recovery," a system that lets third parties--including law enforcement agencies--gain access to a user's encrypted data.
Last year's contests were won by groups that used thousands of computers linked together over the Internet to try the quadrillions of possible key combinations. The strongest algorithm in the contest was cracked in six months, and now RSA wants contestants to beat that time.
As with last year's contests, the first to crack each code will receive a prize. But to win big money, the winners must improve upon the times posted by the winners of last year's contests. The faster the crack, the more cash the winner receives, according to RSA.
The first contest in the DES Challenge II will start at 9 a.m. on January 13, the first morning of RSA's annual conference.