[Ach] about the 3DES thing again

Adi Kriegisch adi at kriegisch.at
Tue Dec 3 17:32:10 CET 2013


> > In my opinion it is the main target group (sysadmins) that just see the
> > "168bit" in OpenSSL output, see the "128bit or more" recommendation and
> > start using 3DES or assume a mistake in the paper because they (1) do not
> > know that 3DES actually provides 112bit of security at the moment
> 3x 56 = 168. Am I missing something? I have not yet read the NIST publication, but from what I read off the beamer yesterday this just concerns one and two key 3DES variants. Right?
2key-3DES: 80bit, 3key-3DES: 112bit using a meet-in-the-middle attack. I am
sorry, I could not find other resources; only this:

-- Adi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20131203/27d93e8a/attachment.sig>

More information about the Ach mailing list