[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Dave Emery <[email protected]>:
> Anybody have any estimate as to how much actual strength this
> adds to DES ?
You might want to read "The Security of DESX" by Phillip Rogaway in
CryptoBytes Vol. 2 Number 2 (Summer 1996) pp 8-11, which is available
somewhere on RSADSI's web site <URL:http://www.rsa.com> (possibly
<URL:http://www.rsa.com/PUBS/> might be a good starting point) or the
underlying research paper "How to protect DES against exhaustive key
search" by Kilian and Rogaway in CRYPTO '96:
[The] results don't say that it's impossible to build a machine
which would break DESX in a reasonable amount of time. But they
do imply that such a machine would have to employ some radically
new idea: it couldn't be a machine implementing a key-search
attack, in the general sense which we've described.
(Quoted from the CryptoBytes article.)
> How would one break it in a practical cracker machine ?
Maybe not at all; see above.