Exhaustive key search attacks will always be successful against any symmetric cipher given enough time. Many past and present deployments of cryptography are not strong enough to withstand a key search attack against a moderately funded adversary. This thesis compares the cost and performance of FPGA and software-based approaches to key search. This information is useful when assessing the security of cryptographic deployments and ciphers.
Implementations of cipher-independent FPGA key search machines yield performance estimates for DES and RC5. Price/performance comparisons within CPU and FPGA families help to determine what the cheapest, fastest devices are. These results show that past performance estimates were too high and that the EFF DES cracker will cost very little to build using modern FPGAs.
The thesis also describes a framework that estimates FPGA resource consumption for any symmetric cipher. This makes use of data describing the resource consumption of each primitive cipher operation. Ciphers can be classified to determine if they will perform well using hardware or software approaches.
Discussion on regulatory issues within Australia and the United States place the results into perspective and show that restrictions effectively destroy the intent of cryptographic protection.
