DES modes...


Howdy all,

Let me place my firm vote in the camp to NOT proliferate more modes
than are absolutely necessary.  Most users of PEM will not even be
able to spell DES much less keep track of their intended recipient's
preferred algorithm, software/hardware availability, restrictions,
etc.

As far as how many keys to use, if 3 keys are better than 2 (which
seems to be true by assertion) than why not use 4 or 5.  What is the
tradeoff ?  If 2^112 (a big f*ing number) is not acceptable, what
makes 2^168 acceptable ?  If DES is broken by some means other than
brute force, then the extra burden if another DES operation may do
very little to the security.

My preference would be to go with a single standard (even at the risk
of phasing-out current use of single-DES) which balances security,
ease of implementation, and (my favorite) export issues.  (Have we
forgotten our place in the global Internet community ? Shall we doom
all US PEM manufacturers to the "support multiple versions or don't sell
outside the US" curse ?)

Cheers,
Steve D.

<Prev in Thread]	Current Thread	[Next in Thread>
Non-repudiation, TCJones DES modes..., Steve Dusse <= Export???? (Was Re: DES modes... ), Stephen D Crocker Re: Non-repudiation, Steve Kent Re: Non-repudiation, Raymond Lau Non-repudiation, TCJones Re: Non-repudiation, Mark S Feldman Re: Non-repudiation, Raymond Lau non-repudiation, TCJones Re: Re: Non-repudiation, jueneman%wotan Re: Re: Non-repudiation, Raymond Lau Re: Non-repudiation, Steve Kent

Previous by Date:	Re: Triple DES, Carl Ellison
Next by Date:	Export???? (Was Re: DES modes... ), Stephen D Crocker
Previous by Thread:	Non-repudiation, TCJones
Next by Thread:	Export???? (Was Re: DES modes... ), Stephen D Crocker
Indexes:	[Date] [Thread] [Top] [All Lists]