Why triple encryption instead of split+encrypt?

solman at MIT.EDU solman at MIT.EDU
Fri Jul 15 00:27:06 PDT 1994


> have you considered
> 
> 	des | tran | des | tran | des ?

My point is that you can get the same level of
security with much less effort/computation.

BTW, am I incorrect in my belief that the additional
security provided by the 32 bit shifting TRAN operation
suggested for the 3DEA hardly provides any additional
security? (i.e. if they could break 3 IDEA operations
or 3 DES operations, they can break them with
32 bit shifting TRAN operations interleaved in just
about the same amount of time.) It looks like it would
make meet-in-the middle attacks take up substantially
more memory and make identifying successful decryptions
slightly more difficult, but for security against nearly
brute force there isn't much difference between
2^(47) and 2^(47.2) operations. 

JWS






More information about the cypherpunks-legacy mailing list