[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On shared keys (was RE: SOI: identity protection and DOS)



>>>>> "Derek" == Derek Atkins <warlord@mit.edu> writes:

 Derek> Alex Alten <Alten@Home.Com> writes:
 >> Given that this is a 25 year old design I think that using 1-DES
 >> as a problem is not a fair statement.  I personally know one of
 >> the original designers

 Derek> You are right that 25 years ago 1-DES was a reasonable design
 Derek> choice.  The fact that it hasn't been upgraded in 25 years is
 Derek> most certainly a problem.  Considering the effectiveness of
 Derek> Deep Crack, I would hope that the banking industry would be
 Derek> trying to upgrade to at least 3-DES relatively quickly.

Also, the original paper describing the viability of a Deep Crack
attack was published just about that long ago (Diffie & Hellman,
1977).  Come to think of it, the DES FIPS came out in 1977, so
presumably its use in banking isn't quite 25 years old.

	paul



References: