SSH Agent keys >4096 bit?

Robert J. Hansen rjh at sixdemonbag.org
Sat May 5 16:26:09 CEST 2012


On 5/5/12 10:17 AM, Milo wrote:
> "(...) This improves the strength of the algorithm when using keying
> option 2, and _provides_ _backward_compatibility_ with DES with keying
> option 3."

One-key 3DES *is* DES.  It's a DES encryption, decryption with that same
key, then re-encryption with that same key.  One-key 3DES existed to
allow institutions to bootstrap their infrastructure out of DES.  First
they instituted one-key 3DES, which let them transparently upgrade their
infrastructure without impacting business operations.  Once they were
convinced their new 3DES infrastructure was working correctly, they
switched to using two-key or three-key 3DES.  One-key 3DES was never
meant to be used as anything more than an upgrade path.  The backwards
compatibility of one-key 3DES was necessary for upgrade purposes, but
once fully deployed 3DES has never had a problem with backwards
compatibility.

What you said earlier was that 3DES had a bunch of keying hacks and
backwards incompatibilities.  Neither is true.  All the various forms
have been scrutinized quite closely and found to be solid.

One-key 3DES has the benefit of backwards compatibility with DES, which
is useful for upgrade purposes, but it's a gross misstatement of fact to
claim that 3DES has a problem with backwards incompatibility.



More information about the Gnupg-users mailing list