Wired query on Windows 2000 and DES/3DES

[Declan McCullagh <declan@well.com>]

I'm writing an article on the 3DES/single DES issue, and am posting here to 
get feedback and head off any potential errors. I've read all the messages 
in the thread. My summary so far:

* Even when Windows 2000 is told to use triple-DES, export versions will 
quietly use single-DES. The only case in which this silent (modulo log 
entry) switch happens is when export versions are talking to export versions.

* Microsoft intentionally designed this in and thinks of it as feature, not 
a bug. It's documented somewhere in the manual and obsessive readers might 
even find it.

* Poor saps with export versions can download the 3DES upgrade from 
microsoft.com.

* 3DES is up to 10^17 (2^(112-56)) times as resistant as DES to an 
exhaustive search. I assume that differential cryptanalysis cuts this 
substantially, but I haven't been able to find any figures. I have come 
across a related key attack that cuts total effort to 2^56 to 2^72, but I 
understand this isn't practical.

* The fastest single DES "crack" yet is the January 1999 one of 22 hours: 
http://www.eff.org/pub/Privacy/Crypto_misc/DESCracker/HTML/19990119_deschallenge3.html

* Windows 2000 came out around the same time that U.S. crypto policy 
changed. Future versions of the OS may be approved by Commerce Dept for 
general export.

-Declan
Wired News
http://www.wired.com/
202 986 3455

---

Follow-Ups:

• Re: Wired query on Windows 2000 and DES/3DES
• From: Markku-Juhani Saarinen <mjos@cc.jyu.fi>

---

• Prev by Date: RE: Windows 2000 and Cicsco router interoperability
• Next by Date: RE: Windows 2000 and Cicsco router interoperability
• Prev by thread: Re: generate certificate in Win2K
• Next by thread: Re: Wired query on Windows 2000 and DES/3DES
• Index(es):
  • Main
  • Thread