[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD4-derived hash functions

To: [email protected]
Subject: Re: MD4-derived hash functions
From: John Lull <[email protected]>
Date: Fri, 27 Oct 1995 04:10:56 GMT
Cc: [email protected]
Organization: Windsmith
References: <[email protected]>
Sender: [email protected]

On Thu, 26 Oct 1995 12:03:57 -0400, you wrote:

> 3DES with only two independent keys is only slightly more secure than
> DES, consider a variant of the meet in the middle attack exploiting 
> the fact that the constraint network is reductible to two equations
> in one unknown.

I believe you meant 2DES?  I've not heard of a meet in the middle
attack on 2-key 3DES better than brute force of a 112-bit key.

Even for 2DES, or for 3-key 3DES, doesn't a meet in the middle attack
require on the order of 2^56 words of memory?  This, as a practical
matter, makes a brute-force attack much more difficult than it would
appear at first glance.

Follow-Ups:
- Re: MD4-derived hash functions
  - From: [email protected] (David A Wagner)

References:
- Re: MD4-derived hash functions
  - From: [email protected]

Prev by Date: Re: Mandatory ID in California?
Next by Date: COS_sec
Prev by thread: Re: MD4-derived hash functions
Next by thread: Re: MD4-derived hash functions
Index(es):
- Date
- Thread