Re: passwd hashing algorithm

Dennis Glatting (dennisg@CyberSAFE.COM)
Sat, 15 Apr 1995 08:20:40 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: maquis: "Re: passwd hashing algorithm"
Previous message: der Mouse: "Re: Replacement for NIS? (was Re: Obtaining NIS domainname from Gatorbox)"
Maybe in reply to: Dave Stagner: "passwd hashing algorithm"
Next in thread: Jon Peatfield: "Re: passwd hashing algorithm"

> Date: Fri, 14 Apr 1995 12:30:05 -0400
> Sender: owner-bugtraq@fc.net
> 

>     From: Adam Shostack <adam@bwh.harvard.edu>
>     Date: Thu, 13 Apr 1995 13:23:03 -0400 (EDT)
> 

>     Doing to 3des means you (roughly) triple the attack time, which
>     means that in about 2 years, we'll be back where we are today.
> 

> This does not fit with my understanding of 3DES.  I thought
> that 3DES effectively tripled the key size, i. e. you have
> to derive three DES keys simultaneously in order to
> crack.  This should make the attack time significantly
> greater than 3 times the DES attack time.  If it is merely
> the case of deriving three keys independently, 3DES is
> already useless.  Since people often compare the
> security of 3DES to IDEA, I don't think that this is the
> case. 

> 


Two key 3DES has an "effective" key length of 57 bits.
Three key is 112 bits. Depending upon how you implement
3DES in hardware the encryption time is one to three times
of single DES. In software it is 3x. 



-dpg

Next message: maquis: "Re: passwd hashing algorithm"
Previous message: der Mouse: "Re: Replacement for NIS? (was Re: Obtaining NIS domainname from Gatorbox)"
Maybe in reply to: Dave Stagner: "passwd hashing algorithm"
Next in thread: Jon Peatfield: "Re: passwd hashing algorithm"