Commit 2c17323e authored by Bodo Möller's avatar Bodo Möller
Browse files

Rephrase statement on the security of two-key 3DES. 

  [Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
  Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.

  Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
  known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
parent 870694b3

doc/crypto/des_modes.pod

+2 −2
Original line number Original line Diff line number Diff line
@@ -204,8 +204,8 @@ just one key. 
=item *

=item *





If the first and last key are the same, the key length is 112 bits.

If the first and last key are the same, the key length is 112 bits.

There are attacks that could reduce the key space to 55 bit's but it

There are attacks that could reduce the effective key strength

requires 2^56 blocks of memory.

to only slightly more than 56 bits, but these require a lot of memory.





=item *

=item *