--On Wednesday, January 09, 2002 12:26 PM -0500 Andrew
<[EMAIL PROTECTED]> wrote:
> A coworked has brought up a question that I cant answer and I am hoping
> somewhere here could. With 3des you encrypt the data with the first key,
> decrypt with the second and encrypt with the 3rd to get the encryprted
> message.
Yes..
> He xor'ed the plain text with the encrypted message and obtained
> a key.
Well, does this mean that the message was only 56 bit long? As the DES
stream is essentially random (I think), this would be a way of obtaining a
random number.
> He then could use that key to decrypt any other message.
What does that mean? He can't.
> Now I
> know that if you know the plain text than you can get the key but the
> point was how is 3des any stronger than des if you only need one key to
> decrypt the message.
You can't. 3DES is definitely stronger.
> Also it appears the key he found was only 56-bits,
> or maybe this is a mistake. So I guess the question is, if you only need
> one key to decrypt a 3des encrypted message then how is it strong.
> Thanks!
> -
> Andrew
> ActiveSol.net
> [EMAIL PROTECTED]
There is not enough information for a meaningful answer...
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]