Mailinglist Archive: opensuse-security (520 mails)
| < Previous | Next > |
RE: [suse-security] Password Encryption
- From: "Reckhard, Tobias" <tobias.reckhard@xxxxxxxxxxx>
- Date: Wed, 10 Jul 2002 08:12:42 +0200
- Message-id: <96C102324EF9D411A49500306E06C8D10182D36F@xxxxxxxxxxxxxxxxx>
> > and these algorithms are the state of the art
>
> not 3des or des3 (it's the same) - it's not state of the art,
> although it's
> widely used.
I guess this depends entirely on what you label 'state of the art'.
Triple-DES is certainly secure enough currently, in fact, it's tried and
tested for so long that it's probably got a better reputation
(security-wise) than most new ciphers, such as Blowfish, Twofish, IDEA and
even Rijndael.
It is, however, slow in software, since DES was designed for hardware
implementation and Triple-DES is only a third as fast as DES. It seems to me
that the keylength also can't be extended, which was one of the criteria for
AES contestants.
> (it's just des 3 times with 2 different keys (there are 3
> possible ways to use the keys: 1-1-2, 1-2-1, 2-1-1), which equals a
> key-length of 112 bits which is somewhat weak). it is used
> because of its
> speed for session-keys, not for passwords.
Actually, Triple-DES comes in two variants, one with three and another with
two different keys. It is important to perform encryption with key one
first, to then *decrypt* the ciphertext with key two and finally encrypt the
ciphertext produced with key one or key three.
As for the usage scenarios of 3DES, its lacking speed, when compared to
other symmetric ciphers, is its most important drawback. As for passwords,
since they are typically processed rather seldom (when compared to
encryption/decryption of e.g. data streams), the speed of the algorithm used
normally shouldn't be that important. This is similar to the case for SSL,
where costly RSA operations are much fewer than relatively cheap RC4. This
is beginning to go off-topic, though..
Cheers
Tobias
>
> not 3des or des3 (it's the same) - it's not state of the art,
> although it's
> widely used.
I guess this depends entirely on what you label 'state of the art'.
Triple-DES is certainly secure enough currently, in fact, it's tried and
tested for so long that it's probably got a better reputation
(security-wise) than most new ciphers, such as Blowfish, Twofish, IDEA and
even Rijndael.
It is, however, slow in software, since DES was designed for hardware
implementation and Triple-DES is only a third as fast as DES. It seems to me
that the keylength also can't be extended, which was one of the criteria for
AES contestants.
> (it's just des 3 times with 2 different keys (there are 3
> possible ways to use the keys: 1-1-2, 1-2-1, 2-1-1), which equals a
> key-length of 112 bits which is somewhat weak). it is used
> because of its
> speed for session-keys, not for passwords.
Actually, Triple-DES comes in two variants, one with three and another with
two different keys. It is important to perform encryption with key one
first, to then *decrypt* the ciphertext with key two and finally encrypt the
ciphertext produced with key one or key three.
As for the usage scenarios of 3DES, its lacking speed, when compared to
other symmetric ciphers, is its most important drawback. As for passwords,
since they are typically processed rather seldom (when compared to
encryption/decryption of e.g. data streams), the speed of the algorithm used
normally shouldn't be that important. This is similar to the case for SSL,
where costly RSA operations are much fewer than relatively cheap RC4. This
is beginning to go off-topic, though..
Cheers
Tobias
| < Previous | Next > |