| 1 |
kashani <kashani-list@××××××××.net> at Friday 27 June 2008, 02:28:21 |
| 2 |
> Here's a reference to the interesting meet-in-the-middle attack which |
| 3 |
> reduced 3DES key space down to 112 bits from 192. |
| 4 |
3DES always had an effective key size of 112 bits, because it uses the |
| 5 |
original DES algorithm applied in the following scheme E1(D2(E1(M)) with |
| 6 |
two different 56-bit DES keys. 3DES never had 192 bit keys. |
| 7 |
|
| 8 |
The meet-in-the-middle attack has nothing to do with 3DES. In fact, 3DES |
| 9 |
was designed the way it works now to _prevent_ meet-in-the-middle attacks. |
| 10 |
Such attacks can be applied to ciphers, that apply a single algorithm with |
| 11 |
two different keys: E1(E2(M)) |
| 12 |
|
| 13 |
Mathematical, the key size of the latter cipher is equal to 3DES: 56+56 = |
| 14 |
112. But the latter cipher is vulnerable to meet-in-the-middle attacks, |
| 15 |
which is why 3DES uses the second key to apply the DES decryption function |
| 16 |
with a different key right between the consecutive DES encryptions. |
| 17 |
|
| 18 |
> Obviously that was unknown when 3DES was built. |
| 19 |
I doubt. If meet in the middle was unknown at the time of 3DES development, |
| 20 |
we wouldn't have 3DES today, but 2DES, being as simple as E1(E2(M)). |
| 21 |
|
| 22 |
-- |
| 23 |
Freedom is always the freedom of dissenters. |
| 24 |
(Rosa Luxemburg) |
Archives