1996-05-02 - Re: [Fwd: Cylink can export 128-bit DH?]

Header Data

From: mpd@netcom.com (Mike Duvos)
To: cypherpunks@toad.com
Message Hash: cebb0762bed0048ef10d83536d6eb3e1a07a75dc431e63aba3d389feef8c8d56
Message ID: <199605020644.XAA23770@netcom8.netcom.com>
Reply To: <3188382C.9778B7@cs.berkeley.edu>
UTC Datetime: 1996-05-02 12:08:25 UTC
Raw Date: Thu, 2 May 1996 20:08:25 +0800

Raw message

From: mpd@netcom.com (Mike Duvos)
Date: Thu, 2 May 1996 20:08:25 +0800
To: cypherpunks@toad.com
Subject: Re: [Fwd: Cylink can export 128-bit DH?]
In-Reply-To: <3188382C.9778B7@cs.berkeley.edu>
Message-ID: <199605020644.XAA23770@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain

Raph Levien writes:

> Double DES is subject to a "meet in the middle" attack (not a "man in
> the middle"). 

Yes, a silly mistake on my part, which shows I should proofread even
the little messages before posting them. :)

Gleeful readers are filling my mailbox hoping to be the first to point
out this unfortunate error. 

> Thus, using
> three keys is more work for the attacker than using two. So, modern
> cryptographic usage is exactly as Bill said - three keys, three
> encryptions. For example, S/MIME recommends the use of DES-EDE3-CBC (the
> middle encryption is technically a decryption, although it doesn't
> really make any difference).

S/MIME aside, I was under the impression that the term "Triple-DES"
referred to the encrypt-decrypt-encrypt operation using two 
distinct keys, proposed by some for adoption as the successor to 
single DES. 

Has this usage now changed in favor of the three key version?

     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $