[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 3DES keys




In William Stalling's recent book on PGP mail, he makes the reference
to the 2 key 3DES being better than using a single key 3 DES, because
of the susceptability of the single key 3DES to a "middle fork attack."
(I believe this is the correct phrase, but I don't have the actual book 
available to check).

Regarding key generation for DES, I believe there are several references
in the literature regarding DES keys which if choosen, result in
cipher text that is the same as the original plain text. A key generation
scheme should check for these possibilities. 

------------------------------------------------------------------------
= Bob Wilmes = bwilmes@primenet.com = Phoenix/Scottsdale, Arizona, USA =
------------------------------------------------------------------------

On Tue, 3 Oct 1995, William Allen Simpson wrote:

> > From: "Perry E. Metzger" <perry@piermont.com>
> > Two n bit keys in multiple encryption schemes give you somewhat less
> > than an effective 2n key bit key length, whereas three keys actually
> > give you an effective 2n bit key length. See the discussion in
> > Schneier's book on crypto -- I think its in chapter 8.
> >
> I've read it Perry.  Hilary said this years' Crypto had a session showing
> that 2 key 3DES was no better than DES.  I'm asking for the details, or
> some refutation.
> 
> And I have asked twice: what folks have implemented 3DES in hardware, so
> we can make a sensible decision on how to generate the keys?
> 
> I consider software more maleable than hardware.  If no one speaks up,
> it will be clear that nobody important has done anything in hardware,
> and what I write on the topic will be acceptable and final.
> 
> Bill.Simpson@um.cc.umich.edu
>           Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2
> 


References: