Morning all, There are three modes of operation for DES (and 3DES).
ECB - Electronic code book. In this modes plaintext and ciphertext have direct correlation. Ie, given same same plaintext transmission, the ciphertext will be the same to. This mode is similar to World War II encryption mechanisms where a lookup was used and given one input an output could be found. This is a block transmission mode. CFB - Cipher Feedback. In this mode the data in shifted byte by byte in each block. Thus the system has "memory". The ciphertext depends on previous plaintext. The input is fed back in this mode. This is used for SSH and other character type transmissions. This is a block transmission mode. CBC - Chained Block Cipher. In this mode the ciphertext block is XORed with the new blocks. This means that even if subsequent plaintext blocks are transmitted, their ciphertext will not be the same. Regards, Paul Leroy -----Original Message----- From: Kevin Brown [mailto:[EMAIL PROTECTED]] Sent: 04 January 2002 07:01 To: Salman Siddiqui; 'Security-Basics List' Subject: RE: Has 3des been broken No, absolutely not. There are mechanisms built into 3DES to prevent exactly this. To keep it simple (at the risk of oversimplifying it), it uses random numbers in the encryption process to prevent the same data from producing the same ciphertext. So, send the same packet twice, get 2 different blocks of ciphertext. That way, if you knew the data and captured the ciphertext before unencryption, you can't reverse engineer it. Also, you can't keep punching in different data at one end and reading the ciphertext on the wire until you match the new ciphertext with previously captured ciphertext. And on top of all that, a good VPN implementation will change encryption keys every couple of MBs of data and/or every few minutes. That way, keys are only available for those types of attacks for short periods of time. Don't forget, there is a lot more to a secure VPN than the strength of the encryption algorithm. :-) Brownfox -----Original Message----- From: Salman Siddiqui [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 02, 2002 1:08 PM To: 'Security-Basics List' Subject: RE: Has 3des been broken VPN's pass a huge amount of data. A lot of that data is repetitive and predictable. Given these two factors and sheer volume of data given, it may be possible to extrapolate the keys from crypto. Any thoughts on this? Salman "This e-mail may contain confidential information and may be legally privileged and is intended only for the person to whom it is addressed. If you are not the intended recipient, you are notified that you may not use, distribute or copy this document in any manner whatsoever. Kindly also notify the sender immediately by telephone, and delete the e-mail. When addressed to clients of the company from where this e-mail originates ("the sending company ") any opinion or advice contained in this e-mail is subject to the terms and conditions expressed in any applicable terms of business or client engagement letter . The sending company does not accept liability for any damage, loss or expense arising from this e-mail and/or from the accessing of any files attached to this e-mail."