Perry E. Metzger wrote:
Tell you what, Karl -- when you build the device that can store 2^56 encryptions, let us know. You'll make a mint in the storage technology business. Also let us know how you'll index and fetch the encryptions in any reasonable time while you are at it, but by comparison thats a tiny problem.
Maybe I'm being overly sensitive, but lately some of my posts are getting attacked for being wrong or impractical. I did not invent the cut-and-choose protocol (previously described as incorrect), nor did I invent the "meet in the middle" attack outlined in a previous post which Perry has so eloquently described above as infeasible. I am just passing along information about an attack against double DES which demonstrates that double DEs encryption does not increase complexity very much at all.
Karl, are you sure that you want people to think you believe this?
"I" do not care what "people" think of "this" attack, since it is valid and I didn't invent it. So maybe it's only of theoretical interest, sort of like differential cryptanalysis against the DES - which requires 10^47 chosen plaintexts. Why don't you mail Biham and Shamir that their method sucks. It's fairly infeasible as well. I think I need a long vacation from this list. Naturally, I'm not so egotistical to think anybody gives a damn. -- Karl L. Barrus: klbarrus@owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories