[Ach] about the 3DES thing again

Aaron Zauner azet at azet.org
Tue Dec 3 17:10:40 CET 2013

On 03 Dec 2013, at 14:58, Adi Kriegisch <adi at kriegisch.at> wrote:

> In my opinion it is the main target group (sysadmins) that just see the
> "168bit" in OpenSSL output, see the "128bit or more" recommendation and
> start using 3DES or assume a mistake in the paper because they (1) do not
> know that 3DES actually provides 112bit of security at the moment
3x 56 = 168. Am I missing something? I have not yet read the NIST publication, but from what I read off the beamer yesterday this just concerns one and two key 3DES variants. Right?

> and (2)
> consists of 64bit primitives that probably warant for even more fun.
> Therefor I'd just mention 3DES explicitly…
Yeah. But then mention that. For now it just cites this NIST paper as reason for our exclusion, which makes no sense to me.

Ian: Do you have appropriate sources (i.e. IACR papers or something like that) on the general security of 3DES and rainbow table attacks?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131203/05d52e58/attachment.sig>

More information about the Ach mailing list