At last I said someting that is not totaly stupid after all ;-)
Good night Ben...
Nicolas
-----Message d'origine-----
De : Ben Laurie <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : mardi 16 novembre 1999 18:30
Objet : Re: Compiling OpenSSL without 3DES
>Nicolas Roumiantzeff wrote:
>> But this 2 key tripple DES (112 bit key length) would be the best
solution
>> regarding the French regulation:
>> It would be not stronger than 128 bit and still currently secure (where
as
>> simple DES is not).
>> It would aslo be as resistant as the 3 key tripple DES to the
>> "meet-in-the-middle"attack, described by Ben. Am I right?
>
>I don't think so - for each saved intermediate ciphertext, you only need
>to test 2^56 encryptions, so it reduces the cost of the comparison
>stage, doesn't it? That is, you still need 2^112 trial encryptions, but
>only 2^112 comparisons instead of 2^168. OTOH, I'm not feeling
>completely awake now, so I may have got this all wrong. Still, even if
>I'm right, its not a huge reduction in work, since the comparisons would
>obviously be shortcut and far cheaper than the encryptions.
>
>Cheers,
>
>Ben.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
