17 Dec
2003
17 Dec
'03
11:17 p.m.
I personally favor triple DES + IDEA. The notion is that if triple DES is weak maybe IDEA isn't, and vice versa -- you are no weaker than the strongest of the two systems. Perry Carl Ellison says:
Single DES is weak, for a known plaintext attack. I think we knew that. We didn't know how weak.
We can extrapolate to an NSA machine with 1 second scan of all keys, perhaps.
So --
1. use triple DES
2. before using DES, XOR with a stream from a decent PRNG (destroying the known plaintext)
3. in between DES operations, mix bytes up as with tran (posted on sci.crypt occasionally, avbl from me by mail or on ripem.msu.edu) -- spreading bytes out within a huge block, further hiding any known text
- Carl