| I think you meant ECB mode?
|
| No, I meant CBC -- there's a birthday paradox attack to watch out for.
|
| Yep. In fact, there's a birthday paradox problem for all the standard
| chaining modes at around 2^{n/2}.
|
| For CBC and CFB, this ends up leaking information about the XOR of
| No, I meant CBC -- there's a birthday paradox attack to watch out for.
|
|
| Yep. In fact, there's a birthday paradox problem for all the standard
| chaining modes at around 2^{n/2}.
| For CBC and CFB, this ends up leaking information about the XOR of a couple
| plaintext blocks
On 4 Feb 2005, at 10:51 AM, Greg Rose wrote:
I'm surprised that no-one has said that ECB mode is unsafe at any
speed.
Because if they did, some smartass would chime in and say that ECB mode
is perfectly fine at some speeds.
For example, you could safely encrypt one bit in ECB mode,
John Kelsey wrote:
From: Steven M. Bellovin [EMAIL PROTECTED]
No, I meant CBC -- there's a birthday paradox attack to watch out for.
Yep. In fact, there's a birthday paradox problem for all the standard chaining modes at around 2^{n/2}.
For CBC and CFB, this ends up leaking information
On Feb 2, 2005, at 1:32 PM, bear wrote:
On Mon, 31 Jan 2005, Steven M. Bellovin wrote:
snip re: 3des broken?
[Moderator's note: The quick answer is no. The person who claims
otherwise is seriously misinformed. I'm sure others will chime
in. --Perry]
[snip]
When using CBC mode, one should
On Mon, Jan 31, 2005 at 10:38:53PM -0500, Steven M. Bellovin wrote:
When using CBC mode, one should not encrypt more than 2^32 64-bit
blocks under a given key. That comes to ~275G bits, which means that
on a GigE link running flat out you need to rekey at least every 5
minutes, which is
On Jan 31, 2005, at 10:38 PM, Steven M. Bellovin wrote:
When using CBC mode, one should not encrypt more than 2^32 64-bit
blocks under a given key. That comes to ~275G bits, which means that
on a GigE link running flat out you need to rekey at least every 5
minutes, which is often impractical.
On Mon, 31 Jan 2005, Steven M. Bellovin wrote:
snip re: 3des broken?
[Moderator's note: The quick answer is no. The person who claims
otherwise is seriously misinformed. I'm sure others will chime
in. --Perry]
I'll be happy to second Perry's comment -- I've seen no evidence
whatsoever
In message [EMAIL PROTECTED], Aram Perez writes:
Hi Folks,
I hate to bother you with what I consider a dumb question, but I'm
trying to give a person the benefit of my doubts. There's a person on a
legal forum that I participate in that claims that 3DES has been
broken/cracked. However, he has
