3. I am increasingly concerned that a number of governments, including the
US, may ultimately end up banning the use of reasonably good cryptography
by private or even corporate individuals unless the keys are escrowed. It
seems to me that double, triple, quadruple, etc., encryption just adds fuel
to that (potential) fire.
If we are to bring political motives into the picture then perhaps this
is all the better reason to have something strong as a "standard" which
is not likely to be eroded by govt. regulation!
I find it EXTREMELY hard to believe that single DES isn't good enough for
any purpose other than protecting national security. If you are a terrorist,
conspirator, or hard-core criminal, you would be better off using something
that wouldn't draw so much attention to you in any case.
It depends on how long you expect your encrypted messages to lie around.
I would argue that DES as it stands today is not suitable for data that
needs to be protected over 2 or 3 years even against modest adversaries.
(Letting those DEC alphas run at night can be pretty effective!)
-Ray