[RC5] Golomb Rulers (was "sexy" projects)

gindrup at okway.okstate.edu gindrup at okway.okstate.edu
Tue Mar 3 19:28:22 EST 1998


     For the former, I'm referring to a pre-print I have lying around 
     here somewhere.  I'll try to dig it up and get the author's 
     permission to quote more of it.
     
     For the latter, please review
     http://www.zdnet.com/zdnn/content/pcwo/0226/288730.html
     To represent the "march of progress", move each row, to the right of 
     the budget column up ~2.5 lines.
            -- Eric Gindrup ! gindrup at Okway.okstate.edu


______________________________ Reply Separator _________________________________
Subject: Re: Re[2]: [RC5] Golomb Rulers (was "sexy" projects)  
Author:  <rc5 at llamas.net > at SMTP
Date:    3/3/98 11:53 PM


>     There is no result showing that the security of Triple-DES is any 
>     greater than DES.  As a previous note by myself pointed out, doing
>     an attack on an unknown ASCII message requires ~0.3% more effort to 
>     brute force than to crack a message with known preamble.
>
>     Anthough it has been shown that DES does not have a group structure, 
>     so Triple-DES is inequivalent to DES, it has not been shown that the 
>     encryption is any stronger.  Further, it is not (currently) thought 
>     likely that Triple-DES is as strong as its keylength would indicate.
     
I have a reasonable amateur's knowledge of cryptography, and have not seen 
any evidence at all that 3DES is not 112-bit strong.
     
>     Dual-DES has been shown to be equivalent to another encryption
>     scheme with 64-bit keys, so it's *very unlikely* that Triple-DES 
>     gets you more than an equivalent of 72-bits of encryption.
     
2DES is equivalent in complexity to DES, provided that you have storage for 
2^56 blocks (encrypt two known plaintexts with each of the 2^56 possible 
keys, sort the list so you can check if a block's in the list in constant 
time, decrypt two ciphertexts with each possible key and check if the result 
is equal to any of the encrypted plaintexts; total time 2^58 encryptions to 
produce the list, 2^58 trial decryptions, for 2^59 work factor). To the best 
of my knowledge, there is no quicker attack on it.
     
>     It has been calculated that a direct attack on dedicated hardware 
>     could for ~US$10,000 break DES in a few minutes.
     
Not anywhere I've seen; it's almost impossible to get $10,000 worth of 
custom-made chips (minimum orders being a lot bigger), and, for an attack to 
take 2^9 seconds ('a few minutes'), you need 2^17 250MHz crackers. Not a 
$10,000 project by any means.
     
Tom
--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net 
rc5-digest subscribers replace rc5 with rc5-digest
     
     
--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list