[2993] in cryptography@c2.net mail archive
Re: 3DES and Skipjack (was Re: Turing Bombe story)
daemon@ATHENA.MIT.EDU (Scott G. Kelly)
Fri Jul 17 19:32:09 1998
Date: Fri, 17 Jul 1998 16:21:03 -0700
From: "Scott G. Kelly" <skelly@redcreek.com>
To: "Arnold G. Reinhold" <reinhold@world.std.com>
CC: Steve Bellovin <smb@research.att.com>, Carl Ellison <cme@acm.org>,
Steve Reid <sreid@alpha.sea-to-sky.net>,
Marcus Leech <Marcus.Leech.mleech@nt.com>, cryptography@c2.net
Another question, with the caveat that I'm new at this: Even if
cryptanalyis yields a theoretical bit strength of 112 bits for 3DES,
that wouldn't really apply if we were trying to use one of these brute
force machines, would it?
Please correct me if I'm being naive - it looks like this to me:
Single DES
-----------
+-------+
ciphertext -->|decrypt|-->(match <known plaintext>?)
+-------+
3DES using 3 keys
-----------------
key1 key2 key3
+-------+ +-------+ +-------+
ciphertext -->|decrypt|-->|encrypt|--->|decrypt|-->(match?)
+-------+ +-------+ +-------+
It looks to me like for every bit change in key 1 we have to cycle
through every possible combination in key2 and key3. Is this correct, or
is there some heuristic or precomputation which will simplify this?
Scott
