MD4-derived hash functions

David A Wagner daw at quito.CS.Berkeley.EDU
Sat Oct 28 17:36:02 PDT 1995


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510261603.AA26221 at zorch.w3.org>,  <hallam at w3.org> wrote:
> 
> 3DES with only two independent keys is only slightly more secure than
> DES, consider a variant of the meet in the middle attack exploiting 
> the fact that the constraint network is reductible to two equations
> in one unknown.
> 

Huh?  Are you sure you're not thinking of 2DES?

2DES is known to be not much more secure than DES: 2DES can be broken
with 2^56 operations and 2^56 space.  (The space requirements can be
eliminated without too much extra cost in time.)

Could you post a reference for your claim that 2-key 3DES is insecure?
Or post an attack?  Or anything?
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMJLJdSoZzwIn1bdtAQFFRQGAgPceMs6vYCq4nGQQ5QT9tOLIgiGAoY8M
B71KIQDP75TMiF1rgvorSWQsNZjzjhbm
=3bH5
-----END PGP SIGNATURE-----






More information about the cypherpunks-legacy mailing list