[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 80 bit security from 40 bit exportable products
>Even if you assume complete independence of key setup, if a successful
>decryption at each layer can be independently detected and verified
>(which seems likely in your example), there're only about 3 * (2 ^ 40)
>total operations in the worst case, NOT 2 ^ (3 * 40) operations needed
>to expose the plaintext. This is an effective 41.5 bits, not 120.
>
Of course. It comes down to whether each encryption step plans some known
plaintext to be used for brute force testing of any next layer.