[RC5] Golomb Rulers (was "sexy" projects)

Thomas Womack thomas.womack at merton.oxford.ac.uk
Tue Mar 3 23:53:21 EST 1998


>     There is no result showing that the security of Triple-DES is any
>     greater than DES.  As a previous note by myself pointed out, doing
>     an attack on an unknown ASCII message requires ~0.3% more effort to
>     brute force than to crack a message with known preamble.
>
>     Anthough it has been shown that DES does not have a group structure,
>     so Triple-DES is inequivalent to DES, it has not been shown that the
>     encryption is any stronger.  Further, it is not (currently) thought
>     likely that Triple-DES is as strong as its keylength would indicate.

I have a reasonable amateur's knowledge of cryptography, and have not seen
any evidence at all that 3DES is not 112-bit strong.

>     Dual-DES has been shown to be equivalent to another encryption
>     scheme with 64-bit keys, so it's *very unlikely* that Triple-DES
>     gets you more than an equivalent of 72-bits of encryption.

2DES is equivalent in complexity to DES, provided that you have storage for
2^56 blocks (encrypt two known plaintexts with each of the 2^56 possible
keys, sort the list so you can check if a block's in the list in constant
time, decrypt two ciphertexts with each possible key and check if the result
is equal to any of the encrypted plaintexts; total time 2^58 encryptions to
produce the list, 2^58 trial decryptions, for 2^59 work factor). To the best
of my knowledge, there is no quicker attack on it.

>     It has been calculated that a direct attack on dedicated hardware
>     could for ~US$10,000 break DES in a few minutes.

Not anywhere I've seen; it's almost impossible to get $10,000 worth of
custom-made chips (minimum orders being a lot bigger), and, for an attack to
take 2^9 seconds ('a few minutes'), you need 2^17 250MHz crackers. Not a
$10,000 project by any means.

Tom
--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list