gnupg website
sivmu
sivmu at web.de
Wed Jan 25 22:36:16 CET 2017
Am 25.01.2017 um 22:25 schrieb Damien Goutte-Gattat:
> On 01/25/2017 02:41 PM, Robert J. Hansen wrote:
>> For that matter, I'm still in the dark as to what the big problem with
>> three-key 3DES is. The best attack against it requires more RAM than
>> exists in the entire world and only reduces it to 112 bits.
>
> The main problem would be its 64-bit block size. Apparently there's a
> "practical" attack against 64-bit ciphers as used in TLS [1].
>
> That's probably reason enough to avoid 3DES whenever possible (when a
> 128-bit cipher is available).
>
> [1] https://eprint.iacr.org/2016/798
>
That would be the sweet32 attack https://sweet32.info/
Basically if you can collect a few hundred GB of data, it is trivial to
calculate the key. There is a prove of concept for https connections,
although I believe this is especially relevant for VPN connections
(openvpn uses a 64 bit ciphers (blowfish) by default)
More information about the Gnupg-users
mailing list