Triple DES keys

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I would like to know the key-length used for 3DES data encryption in

Triple-DES uses a 168-bit key (3 x 56).

DES keys are 56 bit. When you feed the key into the algorithm, you use a 64-bit value, but the extra 8 bits are "parity bits" in theory but rarely used. The parity bits were added to DES in order to make it less obvious that the key length was being reduced deliberately. Or maybe I'm just cynical :-)

There is no such thing as "128-bit Triple-DES" :-)

The 168-bit key can be made from either TWO different 56-bit keys or THREE different 56-bit keys.

The encryption uses standard DES three times, encrypt operation with key1, decrypt operation with key2, encrypt operation with key3.

In the two-different-key version, key1 and key3 are the same.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The reason for the E-D-E is that by setting key1 = key2 = key3 the same software can without modification give you single DES encryption for backwards compatibility. Of course, you won't be using this if you have any sense (all the processor overhead of 3DES without ANY of the strength advantages)

> Also, I am interested in the export regulations concerning openssh in
That's complex, but easy to cope with.

IMPORTING it to the USA is OK. If you want it outside the USA, get it from outside the USA (ie avoid exporting it because the regulations are complex and rediculous)

> the sshd man page states 128 bit key used for 3DES.

Hmmm. Not what my copy says. If it claims 128-bit 3DES, it is simply wrong :-)

The other thing which may confuse is that even with 3 different keys 3DES has only really got a "strength" of 112 bits. That's because the best attack against double-DES (which requires stupidly large amounts of memory, but is possible in principle) is an attack which works from both ends. This results in double-DES only being approx 1-bit stronger (ie insignificantly stronger) than DES (if you are able to find enough memory to use this attack). This attack is defeated by adding the third DES operation. (And if 3DES was ever too weak for you, you'd be wanting 5DES rather than 4DES etc).

On the plus side, it has been proved that 3DES *is* stronger than DES. [Just adding extra rounds doesn't necessarily make things stronger. Triple-ROT13 anyone? If an algorithm forms a group over its keys then N-rounds with N-different-keys can still be boiled down to a single round with a single key and are therefore no harder to bruteforce than a single round. Luckily DES doesn't form such a group. Apologies if this sounds like gibberish;]

Robert Baskerville

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1.2
Comment: www.vistorm.com/pgp

iQGVAwUBPfCdGqLvtZXFYwUMAQI69gwAhz6i6hPUfFIbQxu7FTZLGgxDNBNDiJrr Wb5kOe7iFcNVLxx89dsgn9u5A2KN3bQKgJorBeBtAF58OL6Ls8W4/4viucLlAj6a 2ylADNZOxp5r7P0lZu3f+4WPLyXhiNuXyegJDzHJH13Da/RNVhAPkd4ukKZSFR7O Qg9IZ+76EZlGzuer9UpJqD1RT0K6TLzf/iybjtMx39Y5+oC53kKUtjXlmijuS1rC aio+2IhVd2a3Ly+/8KZJpRfIX6fUfp9De1XxsqBEhXaS7vW+PJq5QbK3toUhlAUZ psq5rVE3qKq7x6ad0LOaF4eEuH75gdj4mbTqYS5LiuKvXbr0pH2EaZqfyrI08Jk/ UjMqfE4GFkx6u06TDRNjbYuf0dMw/6sgtaY+B70R3bMIqcxwMoJd/5JfUH9YRqgC CUZ9ORcrdHBTtzUWdDYfmfeh6GS3+UxSIP9/Q0YNDZhp8qtCxawc0clRCA42PUx0 7EGICKA1WdIEdQuIiYMnETKV6uDsm/Q5
=gv4z
-----END PGP SIGNATURE----- Received on Fri Dec 6 13:14:52 2002