[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: On shared keys (was RE: SOI: identity protection and DOS)
>>>>> "Derek" == Derek Atkins <warlord@mit.edu> writes:
Derek> Alex Alten <Alten@Home.Com> writes:
>> Given that this is a 25 year old design I think that using 1-DES
>> as a problem is not a fair statement. I personally know one of
>> the original designers
Derek> You are right that 25 years ago 1-DES was a reasonable design
Derek> choice. The fact that it hasn't been upgraded in 25 years is
Derek> most certainly a problem. Considering the effectiveness of
Derek> Deep Crack, I would hope that the banking industry would be
Derek> trying to upgrade to at least 3-DES relatively quickly.
Also, the original paper describing the viability of a Deep Crack
attack was published just about that long ago (Diffie & Hellman,
1977). Come to think of it, the DES FIPS came out in 1977, so
presumably its use in banking isn't quite 25 years old.
paul
References: