[19410] in bugtraq
Re: Nortel CES (3DES version) offers false sense of securitywhen
daemon@ATHENA.MIT.EDU (MCKILLICAN, DONALD)
Wed Feb 28 01:21:10 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <3A9C1CAB.CA59385F@bell.ca>
Date: Tue, 27 Feb 2001 16:31:24 -0500
Reply-To: "MCKILLICAN, DONALD" <donald.mckillican@BELL.CA>
From: "MCKILLICAN, DONALD" <donald.mckillican@BELL.CA>
X-To: Rogier Wolff <R.E.Wolff@BITWIZARD.NL>
To: BUGTRAQ@SECURITYFOCUS.COM
Rogier Wolff wrote:
> I don't know where people get their information, but tripple-DES uses a 112
> bit key. How they can advertize 128, or even 168 bits of keys I don't know.
In fact, there are a number of different modes for TripleDES. Some of them
use one key, some of them use two, and some use three. A commonly used
example of the last named is DES-EDE3.
See, for instance,
<http://www.crypto.nkfurst.edu.tw/infosec/faq/html/3-2-6.html> for more
precise explanations.
Regards,
Donald McKillican
Bell Canada Corporate Security
