Re: ATMs moving to triple DES.

[Matt Curtin]

Trei, Peter [EMAIL PROTECTED] writes:

 Finally, five full years after DES was definitively proved
 to be vulnerable to brute force attack, the major ATM
 networks are moving to 3DES.

It was even longer than that...we passed six years ago in June.  (Time
flies, non?)

You started it.  It's all your fault. :-)

-- 
Matt Curtin, CISSP, IAM, INTP.  Keywords: Lisp, Unix, Internet, INFOSEC.
Founder, Interhack Corporation +1 614 545 HACK http://web.interhack.com/
Author of /Developing Trust: Online Privacy and Security/ (Apress, 2001)

ATMs moving to triple DES.

[Trei, Peter]

http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf

Finally, five full years after DES was definitively proved
to be vulnerable to brute force attack, the major ATM
networks are moving to 3DES.

Peter Trei

Re: ATMs moving to triple DES.

[Major Variola (ret)]

At 12:56 PM 8/13/03 -0400, Trei, Peter wrote:
http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf


Finally, five full years after DES was definitively proved
to be vulnerable to brute force attack, the major ATM
networks are moving to 3DES.

And you can still use 2-key 3DES...

Re: ATMs moving to triple DES.

[Bill Stewart]

At 10:42 AM 08/13/2003 -0700, Major Variola (ret) wrote:
At 12:56 PM 8/13/03 -0400, Trei, Peter wrote:
http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf

Finally, five full years after DES was definitively proved
to be vulnerable to brute force attack, the major ATM
networks are moving to 3DES.
I'm shocked that they didn't do so years ago -
I thought they'd at least done the authentication parts.

And you can still use 2-key 3DES...
That's ok - 2-key 3DES still has 112 bits of key strength,
which is 2**56 times harder than cracking single-DES.
3-Key 3DES looks like it should be harder, but it's still only 112 bits
because of meet-in-the-middle attacks using 2**56 words of memory.