|This article needs additional citations for verification. (March 2009)|
DES Challenge II-2 was solved in just 56 hours in July 1998, by the Electronic Frontier Foundation (EFF), with their purpose-built Deep Crack machine. EFF won $10,000 for their success, although their machine cost $250,000 to build. The contest demonstrated how quickly a rich corporation or government agency, having built a similar machine, could decrypt ciphertext encrypted with DES. The text was revealed to be "The secret message is: It's time for those 128-, 192-, and 256-bit keys."
DES Challenge III was a joint effort between distributed.net and Deep Crack. The key was found in just 22 hours 15 minutes in January 1999, and the plaintext was See you in Rome (second AES Conference, March 22–23, 1999).
Many cryptographers[who?] assumed that once the DES had been shown to be breakable, federal authorities would withdraw the standard. However, this did not happen. FBI director Louis Freeh told Congress. "That is not going to make a difference in a kidnapping case. It is not going to make a difference in a national security case. We don't have the technology or the brute force capability to get to this information."
It was not until special purpose hardware brought the time down below 24 hours that both industry and federal authorities had to admit that the DES was no longer viable. Although the National Institute of Standards and Technology started work on what became the Advanced Encryption Standard in 1997, they continued to endorse the DES as late as October 1999, with FIPS 46-3. However, Triple DES was preferred.
- Matt Curtin, Justin Dolske (May 1998). "A Brute Force Search of DES Keyspace". Retrieved 27 February 2014.
- David C. McNett (24 February 1998). "The secret message is...". distributed.net. Retrieved 27 February 2014.
- DES-II-2 Challenge
- David C. McNett (19 January 1999). "US Government's Encryption Standard Broken in Less Than a Day". distributed.net. Retrieved 27 February 2014.
- "RSA Announces Another Des Cracking Contest". Computergram International. 1998-12-23. Retrieved 2008-09-21.