Is 3DES Broken?
Steven M. Bellovin
smb at cs.columbia.edu
Wed Feb 2 13:39:34 EST 2005
In message <Pine.LNX.4.58.0502021029470.12752 at bolt.sonic.net>, bear writes:
>
>
>On Mon, 31 Jan 2005, Steven M. Bellovin wrote:
><snip re: 3des broken?>
>
>>>[Moderator's note: The quick answer is no. The person who claims
>>> otherwise is seriously misinformed. I'm sure others will chime
>>> in. --Perry]
>>
>>I'll be happy to second Perry's comment -- I've seen no evidence
>>whatsoever to suggest that it's been broken. But there are some
>>applications where it's a bad choice for cryptographic reasons.
>>
>>When using CBC mode, one should not encrypt more than 2^32 64-bit
>>blocks under a given key.
>
>I think you meant ECB mode?
>
No, I meant CBC -- there's a birthday paradox attack to watch out for.
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list