3DES does not use a true single 168 bit key. This is a common mistake. 168 bits comes from the fact that 3DES (which can be applied a few different ways) usually uses 3 56 bit keys (sometimes using 3 different keys and sometimes using 2 keys with one used twice). 56+56+56=168.
The reason the "effective" encryption is 112 is a little more complicated. One common method is to encrypt-decrypt-encrypt using 3 different keys. Once you crack the first and last keys, the middle key becomes trivial and can be determined using the other 2 keys. So 168-56=112. However, the _true "effective" key length is only worth about 108 bits as there are several known bad keys and are not supposed to be used, thus reducing the number of available keys. HTH, Brownfox -----Original Message----- From: leon [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 1:23 PM To: 'David Correa'; 'Dante Mercurio' Cc: [EMAIL PROTECTED] Subject: RE: Has 3des been broken -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I thought 3des used 168 bit encryption????
