Re: The Cost of Snakeoil

New Message Reply About this list Date view Thread view Subject view Author view

EKR (ekr@terisa.com)
21 Jul 1998 20:35:14 -0700


Jim Gillogly <jim@acm.org> writes:

> Kriston J. Rehberg writes:
> >Remember, 3DES not necessarily DES taken three times; I believe the most
> >secure (and most popular) form takes the output of DES decrypted with
> >another key on the second pass and then encrypted again with DES with a
> >third key on the third pass.
>
> That's the most popular form of 3DES, but it's a compatibility issue
> rather than a security issue: if you run it with all three keys the
> same you get DES, so you can test your implementation against a real
> DES or interoperate with somebody who doesn't have 3DES. Encrypting
> for all three passes would be no less secure, so far as we know.
Wasn't one of the original advantages of EDE mode that it was
potentially safer if DES was a group? Since we now know that
it's not, that's no longer a consideration, of course.

-Ekr

-- 
[Eric Rescorla                             Terisa Systems, Inc.]
		"Put it in the top slot."


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:49 ADT