Re: Nortel CES (3DES version) offers false sense of security when usi ng IPSEC

[Dan Kaminsky <dankamin () CISCO COM>]

> I don't know where people get their information, but tripple-DES uses
> a 112 bit key. How they can advertize 128, or even 168 bits of keys I
> don't know.

3DES uses a 168 bit key.  Not 128, not 112, not anything else.

The problem is that, in crypto, not all bits are created equal--note the
mass confusion over the asymmetric keyspaces--"Wait, 512 bits are *less*
than 128 bits?"

Essentially, 3DES is referred to as 128 bits because it posesses equivalent
strength to more modern ciphers that have a 128 bit keyspace.  The meet in
the middle attack reduces the complexity to 2^112, but the assurance over
time(as the most widely attacked cryptographic algorithm in existence)
raises the quality to an "equivalent" 128 bit.

It's ugly, and blame the marketers for it--but on the flip side, it's better
than hearing about how 168 bit 3DES is actually only two thirds its apparent
strength, which numerically makes it less trustworthy than (say) 128 bit
RC4.  In the great pantheon of marketing hacks, calling 3DES 128 bit
absolutely *pales* in comparison.

Yours Truly,

    Dan Kaminsky, CISSP
    Cisco Systems, Inc.
    http://www.doxpara.com