Am 25.01.2017 um 22:25 schrieb Damien Goutte-Gattat: > On 01/25/2017 02:41 PM, Robert J. Hansen wrote: >> For that matter, I'm still in the dark as to what the big problem with >> three-key 3DES is. The best attack against it requires more RAM than >> exists in the entire world and only reduces it to 112 bits. > > The main problem would be its 64-bit block size. Apparently there's a > "practical" attack against 64-bit ciphers as used in TLS [1]. > > That's probably reason enough to avoid 3DES whenever possible (when a > 128-bit cipher is available). > > [1] https://eprint.iacr.org/2016/798 >
That would be the sweet32 attack https://sweet32.info/ Basically if you can collect a few hundred GB of data, it is trivial to calculate the key. There is a prove of concept for https connections, although I believe this is especially relevant for VPN connections (openvpn uses a 64 bit ciphers (blowfish) by default) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
