On 03.07.2017 21:51, Robert J. Hansen wrote:
The latest draft minimizes (but does not eliminate) SHA-1. 3DES is
still a MUST-implement algorithm, and will likely be so for the ongoing
future. 3DES has been a MUST algorithm since RFC2440, way back when;
there's a lot of data encrypted with it and the RFC will continue to
require 3DES be supported in order to help interoperate with old traffic.
Not being a crypto devoloper I fully agree to keep the 3DES key for
backward compatbility.
My interest ist simply that new keys will not use 3DES by default (but
if user wishes it could be added).
I expierence in private an buisness live extra efforts to ensure pgp
communication is not using 3DES for example which
costs percious time in our projects.
Why? What problem is presented by using 3DES for your work, which is so
severe that you have to ensure 3DES isn't used?
I work in the Payment Industry. Next to 3DES usage in EMV Cards we use
file encryption based on PCI, VISA, MC ... regulations. (PGP)
I experienced several projects where we had to again and again request
clients(not necessarily crypto professionals) to regenerate keys because
3DES was still enabled.
I asked our key manager why exactly this is a problem. He pointed me to
some regulations where a concrete do not use 3DES for file crypto is not
written.
But he also mentioned that in the professional community within PCI it
is more or less clear to base on also rock solid more modern an more
long living ciphers like AES Family and remove 3DES for every new key.
As well it is expected that one or more regulators would disapprove 3DES
in near future.
I give you that is hear/say but It seems to me time to say slowly good
bye to old technology and base on new also proofen algorithms. Therefore
3DES for backward compatibility and opt in if wanted.
But not any more as a default.
Seriously: it's still believed to be a strong cipher, there are no
practical attacks on it, and no new attacks are looming on the horizon.
3DES is slow and it only has a 64-bit block size, but for the vast
majority of OpenPGP usage that's not a problem.
I'm also very fund of my old Diesel VW. Great car - never had a problem
(touch on wood). But if I look at the news here where I live it is clear
my next cars will be another motor technology.
Saying if something suitable new is here and you can choose - then
choose new and proofen over old and proofen.
best regards
Dirk
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp