Triple DES 有什么弱点？ - 未名空间MITBBS历史存档

国际科技财经博客移民网络热点娱乐民生时事公众号

Redian新闻

>未名空间

>Security - 系统安全

Triple DES 有什么弱点？

Triple DES 有什么弱点？# Security - 系统安全

h*r2003-06-09 07:06

1 楼

能不能指点些资料查查，或者任何idea, 多谢了！

T*r2003-06-09 07:06

2 楼

http://www.rsasecurity.com/rsalabs/faq/3-2-6.html

【在 h**********r 的大作中提到】

: 能不能指点些资料查查，或者任何idea, 多谢了！

h*r2003-06-09 07:06

3 楼

恩， get two paper in the reference list.
Thx.

【在 T********r 的大作中提到】

: http://www.rsasecurity.com/rsalabs/faq/3-2-6.html

w*o2003-06-09 07:06

4 楼

1. It's a make-up scheme that defends exhaustive key search.
As key scheduling in Feistel structures incurs latency, 3DES
is very slow, normally can only get 1/3 speed of DES,
and 1/10 speed of AES.
2. Block size is only 64-bit, which is vulnerable to exhaustive
plaintext search when the input plaintext has low entropy.
For instance, English text has low entropy. Instead of
searching 2^64 random cases, you only need to search 2^26 (cannot
remember exact number) cases.
Othe

【在 h**********r 的大作中提到】

: 能不能指点些资料查查，或者任何idea, 多谢了！

w*o2003-06-09 07:06

5 楼

3DES is not vulnerable to these academia attacks.
These RSA people don't know Shannon's pure cipher system,
where EDE equals to E (E: encryption, D:decryption).
So-called double encryption and double key problem are not
justifiable in theory, as Shannon's pure cipher theory implied,
but these RSA people (including Ron Rivest) don't read Shannon's
result, and invent a set of vulnerable schemes, then attack
the vulnerable schemes to attract attention.
This is really amazing.

【在 h**********r 的大作中提到】

: 恩， get two paper in the reference list.
: Thx.

h*r2003-06-09 07:06

6 楼

THX a lot!

【在 w*******o 的大作中提到】

:
: 3DES is not vulnerable to these academia attacks.
: These RSA people don't know Shannon's pure cipher system,
: where EDE equals to E (E: encryption, D:decryption).
: So-called double encryption and double key problem are not
: justifiable in theory, as Shannon's pure cipher theory implied,
: but these RSA people (including Ron Rivest) don't read Shannon's
: result, and invent a set of vulnerable schemes, then attack
: the vulnerable schemes to attract attention.
: This is really amazing.

h*r2003-06-09 07:06

7 楼

EDE == E? I remember I this is proven to be false in Stalling's
Cryptography and Network Security

【在 w*******o 的大作中提到】

w*o2003-06-09 07:06

8 楼

no, the term "equal" here is about the sample space.
of course if "EDE=E", then why do the "DE" part?
check Shannon's pure cipher for details.

【在 h**********r 的大作中提到】

: EDE == E? I remember I this is proven to be false in Stalling's
: Cryptography and Network Security

h*r2003-06-09 07:06

9 楼

Maybe I make myself misunderstood, I really mean EDE != E, but I have not
read the proof of this. Does Shannon provide any idea about this? I know
his paper is a milestone, I will go to read it for sure. :) thx.

【在 w*******o 的大作中提到】

:
: no, the term "equal" here is about the sample space.
: of course if "EDE=E", then why do the "DE" part?
: check Shannon's pure cipher for details.