Adam Shostack <adam@bwh.harvard.edu> wrote:
While the IDEA in th middle might slow down a meet in the middle attack on 2DES, I don't know that you're justified in claiming 112 bits of DES key space without something like:
des|des|IDEA|des
If IDEA can be *TRIVIALLY* broken, and assuming the availability of the massive amounts of memory needed to store all of the data required for a MITM attack, then you're technically correct. But, even granting that possibility for the time being, you still have the equivalent of 57 bits of DES keyspace, which is better than totally relying on 3DEA. While a "super DES breaker" machine has been hypothesized, and a cost to build it estimated, I don't recall anyone doing so for a "MITM DES breaker" which would require incredible amounts of memory. At a minimum, it would require not only *TWO* super-DES-crackers, but a very sophistocated machine to gather the blocks generated by all of the various parallel processors comprising the other two machines, store, and continually compare them, searching for matches. IMHO, that "middle" machine would be far more complex and expensive than the other two. A MITM attack might, theoretically, take only twice as long as attacking a single layer, the cost of doing so would be much more than twice as large. Anyone care to estimate what the cost of the RAM alone for the "MITM interface" machine would be? Let's see, for two 56 bit beys, you'd need storage for 2^57 blocks of 8 bytes each, or 2^60 bytes. At $40 per Mb, or so, that would come to ... let's see ... $4 * 10^51 for memory alone. And once the list of blocks started growing as the attack progressed, could the interface processor keep up with the other two, in real time? Massively parallel processors might speed both ends of the attack, but the "database comparison phase" would be the real bottleneck, IMHO. /--------------+------------------------------------\ | | Internet: davesparks@delphi.com | | Dave Sparks | Fidonet: Dave Sparks @ 1:207/212 | | | BBS: (909) 353-9821 - 14.4K | \--------------+------------------------------------/