[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DES Flames



It seems I made two mistakes.

1) I didn't word my question clearly enough.
2) I posted from my AOL account.  

(Note that this is sent from a Genuine Hard to Use Unix 
Machine as Terribly Sophisticated Proof the I am not a 
Complete Fool...boy, some people are naive.)

I try again.

Given:
1) Some people worry about the strength of DES.     (Correct?)
2) DES is within striking distance of a brute-force attack, 
   this is far-and-away its most serious weakness.  (Correct?)
3) 3-DES is nowhere near soon being vulnerable to a 
   brute-force attack.                              (Correct?)

It follows then that: 
   3-DES is a trivial fix of DES' ills.             (Correct?)


Now, I repeat my puzzle.  If there really was a Great Government
Gnashing of teeth over how to replace DES, what was the problem?  Is
it that 3-DES is too good?  (But then why the great worry over DES in
the first place?  56-bits is not something easy to break off the
shelf.  Are we worried about the French or Japanese or somebody?)

Something doesn't add up here--and it isn't the fact that one of my
six or eight internet addresses is an AOL account.


My tentative answer: DES is *generally* too strong for the TLA's
taste, but specifically 56-bits worth of DES is too little.  They were
in a paradox of wanting something the US spooks could read but others
can't.  But then why the long delay before back-door systems like
Clipper are rushed out?  It still doesn't add up.

Another possible answer: the threat to DES was not its weakness,
rather the combination of its *strength* and the fact that regular
folks would start using it, a la PGP and RIPEM.  When it first came
out only banks and stuff were interested, not plain old citizens.  In
other words, DES' fault was how strong it is.  (ObStupidWarning: Yes,
56-bits is too few to really trust, but 3-DES is a trivial variation.)


-kb, the Kent who no longer has Perry's permission to post


--
Kent Borg                                                  +1 (617) 776-6899
[email protected]                                
[email protected]                                      
          Proud to claim 39:30 hours of TV viewing so far in 1994!