Re: Some questions on DES Encryption...

From: Jack Lloyd (lloyd@acm.jhu.edu)
Date: 03/10/03

  • Next message: DeMello, Christopher: "FW: Some questions on DES Encryption..."
    Date: Mon, 10 Mar 2003 13:53:29 -0500 (EST)
    From: Jack Lloyd <lloyd@acm.jhu.edu>
    To: Kryptik Logik <kryptiklogik@hushmail.com>
    
    

    On 8 Mar 2003, Kryptik Logik wrote:

    > 1. In DES algorithm, given an encrypted text and the corresponding plain
    > text for that is it possible to retrieve the key. Essentially, how secure
    > is DES to known-plain text attack.

    1 plaintext + 1 matching ciphertext + 2^55 work -> key

    > I read some where that it is quite resistant requiring 2^55 plain texts
    > to get the key but why is this so? What particular feature of the
    > algorithm makes it this way?

    I think you're thinking of linear or differential cryptanalysis here. These
    are attacks which make use of a lot of data to analyze patterns in the
    text. They are not particularly practical, as 2^55 blocks = 256 petabytes.
    I think it's highly unlikely that you'll be encrypting that much data with
    DES anytime soon.

    In any case, I don't think secprog@ is the right place for questions like
    this. Try cryptography@wasabisystems.com, the general sanity level is much
    higher there than in cypherpunks or sci.crypt.

    -Jack


  • Next message: DeMello, Christopher: "FW: Some questions on DES Encryption..."

    Relevant Pages

    • Re: Stupid Triple DES question
      ... Shouldnt it then be 3 times as secure ... With triple-DES this kind of "meet in the middle" attack does not ... type of double DES that avoids that attack. ... THen you encrypt with first key. ...
      (sci.crypt)
    • Re: SHA-1 Variants
      ... Things like DES, and SHA1 were designed ... there is no reason to change something like SHA1 of DES ... unless you can come up with something that is provably secure. ... But we still don't have good provable security techniques for such ...
      (sci.crypt)
    • Re: Any truth to rumor that NSA had Public Key Crypto first?
      ... the best differential attack against full single DES requires 2^47 ... takes about 2^60 steps and uses ...2^60 chosen plaintexts". ...
      (sci.crypt)
    • Re: Some questions on DES Encryption...
      ... If all you have to go on is a single plaintext-ciphertext pair, ... DES uses a 56-bit key, ... > I think you're thinking of linear or differential cryptanalysis here. ... world discovered this attack. ...
      (SecProg)
    • Re: FUD about CGD and GBDE
      ... >When DES was designed, nobody knew that differential attacks existed. ... *one* attack significantly better than brute force was found: ... slightly-weakened version of Skipjack, an NSA cipher. ... note that 256-bit AES is approved for Top Secret traffic. ...
      (freebsd-hackers)