[19429] in bugtraq
Re: Nortel CES (3DES version) offers false sense of securitywhen
daemon@ATHENA.MIT.EDU (Kent Borg)
Wed Feb 28 12:41:17 2001
Message-ID: <20010228134718.27119.qmail@borg.org>
Date: Wed, 28 Feb 2001 13:47:18 -0000
Reply-To: Kent Borg <kentborg@BORG.ORG>
From: Kent Borg <kentborg@BORG.ORG>
X-To: R.E.Wolff@BITWIZARD.NL
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200102272238.XAA24442@cave.bitwizard.nl> (message from Rogier
Wolff on Tue, 27 Feb 2001 23:38:13 +0100)
Rogier Wolff <R.E.Wolff@BITWIZARD.NL> wrote (or possibly quoted
someone else):
>The use of double and triple encryption does not always provide the
>additional security that might be expected.
Yes, but an additional step of independent encryption (using a
completely unrelated key) should not weaken a good crypto algorithm.
For if it did, an attacker could take a message s/he is trying to
crack and encrypt it one more time before trying to crack it.
I think the problem with 112-bit double-DES was not that it was weaker
than single-DES, it was that it wasn't stronger.
Even the most stupid substitution cypher--when used with a completely
independent key--doesn't weaken previous layers of slightly competent
encryption.
>RSA partially backs me up by saying that SOME triple-DES methods are
>of a lower complexity than what might be expected from the raw
>keysize.
Yes. The simple substitution cypher adds no futher security even if
its "key" pretends to be several bits long. But neither does it make
the total security any weaker.
Once related keys are used, the situation is quite different: feeding
fewer than 3X-bits into triple-anything, should only be done very
carefully.
-kb, the Kent who encoded this message in rot-13, and, for *extra*
security, encoded it the same way a second time.
