|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Security Use RequirementsRan, > At 15:20 07/02/01, Joshua Tseng wrote: > > >It's often been said that the only thing worse than NO SECURITY > >is the ILLUSION of security. > > Some security keeps the kiddies away, no security doesn't. > I'd much rather have DES-CBC than nothing, because it visibly > increases the work function for the adversary. > > >Single DES is known to be cracked. > > That is a false statement. It hasn't been cracked. The best > attack known in the public literature is Biham-Shamir, which > requires ~O(2^^56) operations and some non-trivial preconditions. > There have been some specific brute-force attacks on DES that worked, > but they weren't real-time attacks and required a significant amount > of computational power. Yes, thank you. Cracked is the wrong word. Brute-forced is the term I meant to use. While we're on the topic of security, my source (Schnieder) indicates that in 1995, it takes 3.5 hrs average to brute-force single DES. They also estimated that by 2000, the CPU power available would reduce that time to an average of 21 minutes. On the other hand, with 128-bit keys (and 3DES has 168-bit keys) would still require on the 10**17 years. This attack doesn't need to happen real-time. All I need is a sniffer, and I could do all the attacks offline. Once I have the key(s), all your data is mine. Regardless, your point is well taken. Some encryption is better than nothing--in MOST cases. Josh > > I'm not arguing against 3DES in preference to DES-CBC, but it > is just wrong to claim either that DES-CBC is cracked or > that running in the clear is better than running with DES-CBC > (assumes reasonable cryptographic authentication in all cases). > Note also that my comments are constrained to what is in the > published literature... > > Ran > rja@inet.org > > >
Home Last updated: Tue Sep 04 01:05:34 2001 6315 messages in chronological order |