How long to trust 3DES



Numerous applications continue to use 3DES (For discussion purposes,
think of three key triple DES, CBC, protecting files in the 5-10Gb
range) to protect valuable information. In some cases information is
being encrypted today that must remain secure for 10, 15, maybe 20
years or more. So it must be asked: Will 3DES - encrypted content be
secure against anticipated threats over that time frame?

It is easy to say just replace 3DES with one of the standard AES
configurations, but a business must be made based on costs and risk
analysis. To do that risk analysis, we have to know how soon the
attacker's capability will overtake 3DES (in other words, when will the
cost of the attack be justified by the value of the asset to the
attacker?) I understand the value of the asset over time. I need to
know the capability of an attacker over time.

I'm looking for a reasonable approach to assess the changing risk over
time so we can make a logical business decision about replacing the
algorithm. Any comments or advice would be welcome.

.



Relevant Pages

  • Re: Preview pane - dangerous?!
    ... I take into the consideration if the risk outweighs the ... an attacker would have to host a Web site ... opens HTML e-mail messages in the Restricted sites zone if the Outlook ...
    (microsoft.public.outlook.general)
  • Re: [x86.git#mm] stack protector fixes, vmsplice exploit
    ... i think per syscall canaries are really expensive. ... accept the risk of panic'ing the box should the opportunity arise. ... changing the canary is to create a guaranteed minimum risk for an attacker ... not saying that one would use such a bug for canary leaking when it can ...
    (Linux-Kernel)
  • Re: Newbie ipchains help
    ... >>even if I only enable the port for a single IP address? ... >I think it's not a big risk but a middle risk. ... >Attacker sniff your SMB traffics at somewhere your using route. ... >And I'm not sure that contents of SMB traffics encrypted or not. ...
    (comp.os.linux.security)
  • Re: Newbie ipchains help
    ... I think it's not a big risk but a middle risk. ... Attacker sniff your SMB traffics at somewhere your using route. ... IP, destination IP, source port and destination port. ... And I'm not sure that contents of SMB traffics encrypted or not. ...
    (comp.os.linux.security)