Banks and 128 bit DES
Ben Laurie
ben at algroup.co.uk
Mon, 20 Mar 2000 15:19:34 +0000
Jeffrey Goldberg wrote:
>
> On Mon, 20 Mar 2000, Ben Laurie wrote:
>
> > Hmm. Although 3DES uses 168 bits, it has an effective strength of 112
> > bits.
>
> Does it really use 168 bits. I thought it used key-1 (56) bits for the
> first encipherment, key-2 (the second 56 bits) for the second, and then
> back to key-1 again for the third. Using a separate key for the third
> would only make it effectively 113 bits for attacking.
Depends which flavour of 3DES. IIRC the variant used in SSL has 3
different keys giving an effective strength of 112 (+ a few) bits.
> > The 128 bit limit is simply due to their being no available
> > symmetric ciphers that are stronger.
>
> I thought RC5 and Blowfish at least are parameterizable to >128 bit keys.
>
> Am I mistaken? Is this the wrong place to ask this? (I suspect an answer
> of "yes" to both).
Right, they are, but neither is considered sufficiently mature to use in
SSL.
Cheers,
Ben.
--
SECURE HOSTING AT THE BUNKER: http://www.thebunker.net/hosting.htm
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe? http://ApacheCon.Com/