paulo.barretoterra.com.br

• Next message: Andi Kleen: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Previous message: bachelorouswest.net: "For Serious Marketers ONLY!"
• In reply to: Bill Stewart: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Next in thread: Helger Lipmaa: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Reply: Paulo S. L. M. Barreto: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 08 Oct 2000, Bill Stewart wrote:
> Ben Laurie commented on 3DES really only having 112 bits of strength -
> but for this question, which is how much entropy you need for your keys,
> 168 bits is the right answer.

Not according to Lars Knudsen. Read his paper entitled "Triple encryption with
minimal keys" or the like, where he analyses this subject and suggests an
interesting technique to expand a 112-bit key into three DES keys.

David Wagner also showed that triple-key triple encryption is, in a sense,
worse than two-key triple encryption (it's more susceptible to related-key
attacks); I don't recall the reference now.

Cheers,

Paulo.

• Next message: Andi Kleen: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Previous message: bachelorouswest.net: "For Serious Marketers ONLY!"
• In reply to: Bill Stewart: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Next in thread: Helger Lipmaa: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Reply: Paulo S. L. M. Barreto: "Re: q&d comparison (was Re: [Cryptix-Users] Rijndael - the real work now begins)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]