Noah L Meyerhans writes:
> On Mon, Nov 26, 2001 at 09:04:59AM +0900, Howland, Curtis wrote:
>> While this may be whipping a greasy stain on the road, it is true
>> that 3DES was created "by the government" back when private
>> cryptology was difficult or unknown. I believe it is prudent to
>> consider that it was allowed to be used because of practical
>> cracking available to the crypto experts.
> No, DES (and thus 3DES) was created by IBM, with collaboration by
> the government. The biggest govt. influence was in the short 56 bit
> key length. In 3DES, this is not an issue.
Actually, probably the biggest influence from the government was from
the NSA. IBM handed them the algorithm to review, and the NSA handed
it back to them with the S-boxes subtly altered, no explanation. IBM
accepted the changes, and they became part of the standard. Years
later, after differential cryptanalysis was discovered, it was found
that the changes made foiled differential cryptanalysis.
3DES is generally considered strong enough. However, it is slow, and
can effect performance. Try doing large 'scp's and switch between
3DES and blowfish.
Personally I prefer blowfish, as it has performance, is
'secure-enough' to my (less-than-expert) eye, and frankly I doubt
anybody capable of defeating it is interested in what I have to say.
Steve
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
