[16788] in cryptography@c2.net mail archive
Re: Is 3DES Broken?
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Feb 2 18:27:44 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: bear <bear@sonic.net>
Cc: Aram Perez <aramperez@mac.com>,
Cryptography <cryptography@metzdowd.com>
In-Reply-To: Your message of "Wed, 02 Feb 2005 10:32:53 PST."
<Pine.LNX.4.58.0502021029470.12752@bolt.sonic.net>
Date: Wed, 02 Feb 2005 13:39:34 -0500
In message <Pine.LNX.4.58.0502021029470.12752@bolt.sonic.net>, bear writes:
>
>
>On Mon, 31 Jan 2005, Steven M. Bellovin wrote:
><snip re: 3des broken?>
>
>>>[Moderator's note: The quick answer is no. The person who claims
>>> otherwise is seriously misinformed. I'm sure others will chime
>>> in. --Perry]
>>
>>I'll be happy to second Perry's comment -- I've seen no evidence
>>whatsoever to suggest that it's been broken. But there are some
>>applications where it's a bad choice for cryptographic reasons.
>>
>>When using CBC mode, one should not encrypt more than 2^32 64-bit
>>blocks under a given key.
>
>I think you meant ECB mode?
>
No, I meant CBC -- there's a birthday paradox attack to watch out for.
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
