Commit b8b09625 authored by Bodo Möller's avatar Bodo Möller
Browse files

Rephrase statement on the security of two-key 3DES. 

  [Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
  Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.

  Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
  known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
parent 54d78c47

doc/crypto/des_modes.pod

+2 −2
Original line number Diff line number Diff line
@@ -204,8 +204,8 @@ just one key. 
=item *



If the first and last key are the same, the key length is 112 bits.

There are attacks that could reduce the key space to 55 bit's but it

requires 2^56 blocks of memory.

There are attacks that could reduce the effective key strength

to only slightly more than 56 bits, but these require a lot of memory.



=item *