Faramir wrote: > Ok, let me say something on my behalf: in my experience, when > something does't work as well as expected, and people say "well... > lets do it 2 times, that should work", usually that leads to > something that works, but it is not as good as it could be...
False premise. DES works every bit as well as we expect. Even today, the best attack against DES is brute force. > Well... that resumes what I would expect from something designed to > be applied once, and "fixed" by applying it 3 times... This is historical provincialism. > The thing I dislike about "let's do it 3 times" is it was not > designed to be used that way... This is like condemning Einsteinian relativity because Einstein didn't foresee closed timelike curves, or GPS satellites, or the laser, or how his theory would ultimately give the first convincing explanation of why gold has such a lustrous shine. "The thing I dislike about the relativistic study of the electron shells in a gold atom is that relativity was not designed to be used that way. It's about large systems!" If you make a groundbreaking advance in any field, that advance will in turn open the door to new advances which will build on your original idea. DES made us consider group theory; we then discovered "hey, you can chain them together!"; now we do it. Where's the problem? > I get the impression 3DES is a "patched" DES. It's not a patched DES. Not in the sense that you're thinking of it. > And other algos are not patched... or at least, not so obviously > patched (I can't be sure about if they are patched or not). Tiger-192, which some people on this list love, has two quite different versions associated with it. Blowfish had a sign extension error in its first printing. SHA-1 is a patched SHA-0. SHA-0 was essentially a patched MD5. MD5 was essentially a patched MD4. RIPEMD-160 is a patched RIPEMD. GnuPG itself is built one patch at a time. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
