Since 1984, the Condor project has enabled ordinary users to do extraordinary computing. Today, the project continues to explore the social and technical problems of cooperative computing on scales ranging from the desktop to the world-wide computational grid. In this chapter, we provide the history and philosophy of the Condor project and describe how it has interacted with other projects and evolved along with the field of distributed computing. We outline the core components of the Condor system and describe how the technology of computing must correspond to social structures. Throughout, we reflect on the lessons of experience and chart the course traveled by research ideas as they grow into production systems.

Linear cryptanalysis and differential cryptanalysis are the most important methods of attack against block ciphers. Their efficiency have been demonstrated against several ciphers, including the Data Encryption Standard. We prove that both of them can be considered, improved and joined in a more general statistical framework. We also show that the very same results as those obtained in the case of DES can be found without any linear analysis and we slightly improve them into an attack with theoretical complexity 2 42:9 . We can apply another statistical attack --- the Ø 2 -cryptanalysis --- on the same characteristics without a definite idea of what happens in the encryption process. It appears to be roughly as efficient as both differential and linear cryptanalysis. We propose a new heuristic method to find good characteristics. It has found an attack against DES absolutely equivalent to Matsui's one by following a distinct path.

Abstract. Hypothesis tests have been used in the past as a tool in a cryptanalytic context. In this paper, we propose to use this paradigm and define a precise and sound statistical framework in order to optimally mix information on independent attacked subkey bits obtained from any kind of statistical cryptanalysis. In the context of linear cryptanalysis, we prove that the best mixing paradigm consists of sorting key candidates by decreasing weighted Euclidean norm of the bias vector. Keywords: Key ranking, statistical cryptanalysis, Neyman-Pearson lemma, linear cryptanalysis 1

Abstract. Linear cryptanalysis remains the most powerful attack against DES at this time. Given 2 43 known plaintext-ciphertext pairs, Matsui expected a complexity of less than 2 43 DES evaluations in 85 % of the cases for recovering the key. In this paper, we present a theoretical and experimental complexity analysis of this attack, which has been simulated 21 times using the idle time of several computers. The experimental results suggest a complexity upper-bounded by 2 41 DES evaluations in 85 % of the case, while more than the half of the experiments needed less than 2 39 DES evaluations. In addition, we give a detailed theoretical analysis of the attack complexity.

The main goal of this diploma work is the implementation of Matsui's linear cryptanalysis of DES and a statistical and theoretical analysis of its complexity and success probability. In order to achieve this goal, we implement first a very fast DES routine on the Intel Pentium III MMX architecture which is fully optimised for linear cryptanalysis. New implementation concepts are applied, resulting in a speed increase of almost 50 % towards the best known classical implementation. The experimental results suggest strongly that the attack is in average about 10 times faster (O 2 39 computations) as expected with 2 known plaintext-ciphertext at disposal; furthermore, we have achieved a complexity of O 2 by using only 2 known pairs. Last, we propose a new analytical expression which approximates success probabilities; it gives slightly better results than Matsui's experimental ones.

This document specifies the protocol used in Communication Security Corporation’s