While this may be whipping a greasy stain on the road, it is true that 3DES was created "by the government" back when private cryptology was difficult or unknown. I believe it is prudent to consider that it was allowed to be used because of practical cracking available to the crypto experts.
I'm not referring to a back-door, just a known method such as a hardware based method for cracking in near-real time. However, 3DES is likely strong enough for normal people. If you're trying to keep things from "them", they are already reading your screen and keyboard strokes directly by their radion emissions from accross the street. Paranoid? Yes. That's what security is all about. Curt- -----Original Message----- From: Noah L. Meyerhans [mailto:[EMAIL PROTECTED] Sent: Saturday, November 24, 2001 21:43 To: Johannes Weiss Cc: debian-security@lists.debian.org Subject: Re: is 3des secure?? On Sat, Nov 24, 2001 at 10:28:56AM +0100, Johannes Weiss wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > UNfortunately, WIN-SSH is very buggy, it only works if I take the 3des > algorithm, if I take one of the others (blowfish,...) it crashed. > What is unfortunate about that? From my experience, 3DES is used more commonly than any other crypto algorithm for things like SSH and IPSEC. I know that some people feel that Blowfish, Twofish, and friends are too new to be thoroughly tested. DES (and thus 3DES) has withstood 30 years of cryptanalysis. The only weakness found in DES, a weakness known from the very beginning, is that the short keylength makes it vulnerable to a brute force attack, which is why 3DES was creates. 3DES is basically DES cubed, and effectively uses a 168 bit key, which is quite secure by modern standards. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
