[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MD4-derived hash functions
-----BEGIN PGP SIGNED MESSAGE-----
In article <[email protected]>,
John Lull <[email protected]> wrote:
> Even for 2DES, or for 3-key 3DES, doesn't a meet in the middle attack
> require on the order of 2^56 words of memory?
Actually, as it turns out, van Oorschot & Wiener have a recent paper
which describes how to break 2DES without the huge space requirements
without sacrificing too much time (by using their parallel collision
search method). They estimated the cost to break 2DES via specialized
hardware, and decided that breaking 2DES was only about 2^14 times as
costly as breaking DES.
The conclusion to take away from this is simple: double encryption
doesn't give you much extra security over single encryption. Don't
use double encryption.
[This message has been signed by an auto-signing service. A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]
-----BEGIN PGP SIGNATURE-----
Comment: Gratis auto-signing service
-----END PGP SIGNATURE-----