John Kelsey (kelsey@plnet.net)
Mon, 20 Jul 1998 19:53:14 -0500
> From: Xcott Craver <caj@math.niu.edu>
> To: Robert Hettinga <rah@shipwright.com>
> Cc: John Lowry <jlowry@bbn.com>; gnu@toad.com;
cypherpunks@cyberpass.net; dcsb@ai.mit.edu; e$@vmeng.com;
cryptography@c2.net; CodherPlunks@toad.com
> Subject: Re: The Cost of Snakeoil (was Re: John Gilmore and the
Great Internet Snake Drive)
> Date: Monday, July 20, 1998 6:17 PM
>
> And it's pushing it to declare a cryptosystem "DED,"
> when simply encrypting multiple times still yields a
> secure (and efficient) cipher.
Then I suppose you consider FEAL-4 not to be DED? I would bet a lot
of
money that I could build a strong cipher out of FEAL-4, by just
repeating the
whole encryption enough times with independent keys. If I recall
correctly,
32 rounds of FEAL resist both differential and linear attacks.
Sorry, but single-DES should not be used in any application requiring
serious
security anymore. And it shouldn't have been being used in any such
application
for many years, now. 3DES and DESX are still secure enough for
nearly any
application, as are various other constructions using DES as
components such
as DEAL, some of Terry Ritter's constructions, and (I think) Akalare.
> > Cheers,
> > Bob Hettinga
>
> -Caj
--John Kelsey, kelsey@counterpane.com / kelsey@plnet.net
NEW PGP print = 5D91 6F57 2646 83F9 6D7F 9C87 886D 88AF
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:41 ADT