Noah L Meyerhans writes: > On Mon, Nov 26, 2001 at 09:04:59AM +0900, Howland, Curtis wrote: >> While this may be whipping a greasy stain on the road, it is true >> that 3DES was created "by the government" back when private >> cryptology was difficult or unknown. I believe it is prudent to >> consider that it was allowed to be used because of practical >> cracking available to the crypto experts.
> No, DES (and thus 3DES) was created by IBM, with collaboration by > the government. The biggest govt. influence was in the short 56 bit > key length. In 3DES, this is not an issue. Actually, probably the biggest influence from the government was from the NSA. IBM handed them the algorithm to review, and the NSA handed it back to them with the S-boxes subtly altered, no explanation. IBM accepted the changes, and they became part of the standard. Years later, after differential cryptanalysis was discovered, it was found that the changes made foiled differential cryptanalysis. 3DES is generally considered strong enough. However, it is slow, and can effect performance. Try doing large 'scp's and switch between 3DES and blowfish. Personally I prefer blowfish, as it has performance, is 'secure-enough' to my (less-than-expert) eye, and frankly I doubt anybody capable of defeating it is interested in what I have to say. Steve -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
