If this is for marketing, then note that 3DES only provides 2*56 bits of
security - it's only twice as secure as DES. See Schneier's book for
details (and to check - I may be wrong - I remember some kind of meet in
the middle attack, but have no idea whether it is practical).
(So claiming "168 bit secure" would be misleading, if I've remembered
correctly.)
Andrew
PS Schneier's newsletter is excellent - anyone on this list not getting
it might consider going to www.counterpane.com.
"David Brown (UK)" wrote:
>
> Don't hold me to this but I believe that a (single) DES key holds 56 bits
> worth of useful data + a parity bit per 7 bits which would account for the
> extra keysize.
>
> Dave
>
> -----Original Message-----
> From: Josh Berezin [mailto:[EMAIL PROTECTED]]
> Sent: 18 January 2000 22:49
> To: [EMAIL PROTECTED]
> Subject: 3DES - 168 or 192 bits?
>
> It's like this: I'm trying to figure out exactly what we're using here, so
> we can report it to Marketing-folk. I didn't write any of the SSL code, I'm
> just asking it a few questions.
> SSL_CIPHER_description reports we're using 3DES(168). Makes sense.
> SSL_CIPHER_get_bits() reports we're using 192 bits. (both in bits_used and
> bits_possible)
> So, which is right? 168 seems to make more sense, since DES is usually 56
> bits, and 168 is 56 * 3. But I guess it could be 192 == 64 * 3. What is the
> explanation for the discrepancy?
> josh
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
