[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Breaking DES



Perry E. Metzger wrote:

>Tell you what, Karl -- when you build the device that can store 2^56
>encryptions, let us know. You'll make a mint in the storage technology
>business. Also let us know how you'll index and fetch the encryptions
>in any reasonable time while you are at it, but by comparison thats a
>tiny problem.

Maybe I'm being overly sensitive, but lately some of my posts are
getting attacked for being wrong or impractical.

I did not invent the cut-and-choose protocol (previously described as
incorrect), nor did I invent the "meet in the middle" attack outlined
in a previous post which Perry has so eloquently described above as
infeasible.

I am just passing along information about an attack against double DES
which demonstrates that double DEs encryption does not increase
complexity very much at all.

>Karl, are you sure that you want people to think you believe this?

"I" do not care what "people" think of "this" attack, since it is
valid and I didn't invent it.

So maybe it's only of theoretical interest, sort of like differential
cryptanalysis against the DES - which requires 10^47 chosen
plaintexts.

Why don't you mail Biham and Shamir that their method sucks.  It's
fairly infeasible as well.

I think I need a long vacation from this list.  Naturally, I'm not so
egotistical to think anybody gives a damn.

-- 
Karl L. Barrus: [email protected] 
keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32

"One man's mnemonic is another man's cryptography" 
  - my compilers prof discussing file naming in public directories