From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Tue, 28 Sep 93 16:11:35 PDT
To: cypherpunks@toad.com
Subject: Re: Phil Zimmerman on 'The Death of DES'
In-Reply-To: <9309282044.AA26047@ellisun.sw.stratus.com>
Message-ID: <9309282309.AA15986@snark.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain



I personally favor triple DES + IDEA. The notion is that if triple DES
is weak maybe IDEA isn't, and vice versa -- you are no weaker than the
strongest of the two systems.

Perry

Carl Ellison says:
> Single DES is weak, for a known plaintext attack.  I think we knew that.
> We didn't know how weak.
> 
> We can extrapolate to an NSA machine with 1 second scan of all keys,
> perhaps.
> 
> So -- 
> 
> 1.	use triple DES
> 
> 2.	before using DES, XOR with a stream from a decent PRNG (destroying
> 	the known plaintext)
> 
> 3.	in between DES operations, mix bytes up as with	tran (posted on
> 	sci.crypt occasionally, avbl from me by mail or on ripem.msu.edu)
> 	-- spreading bytes out within a huge block, further hiding any
> 	known text
> 
>  - Carl