94111903.HTM

Newsgroups: sci.crypt
Path: illuminati.io.com!uunet!psinntp!fasttech!zeke
From: zeke@fasttech.com (Bohdan Tashchuk)

Subject: Re: Algorithms
Message-ID: 
Organization: Fast Technology --- Beaverton, OR
References: <199411180913.DAA06647@pentagon.io.com>
Date: Sat, 19 Nov 1994 21:07:33 GMT
Lines: 39

In <199411180913.DAA06647@pentagon.io.com> ritter@io.com (Terry Ritter) writes:

> Next, Triple-DES is being promoted as the major savior, since
> it will essentially function like DES, albeit with more key
> material.  Surprisingly, many systems people hate Triple-DES,
> because of the increased processing overhead.  It is a facile
> argument to say "get a larger computer" when it is difficult to
> keep up with processing growth as it is.

and also writes:

> The conventional approach:  "DES is strong unless you have a
> provable attack" does not serve us well to define the cipher of
> the future.  Not only do we not know whether or not someone has
> some effective attack *today*, we cannot even know what *tools* will
> be available for future analysis and understanding.  Our only hope
> of cipher success is the design of ciphers which are vastly stronger
> in every way we know, thus hopefully to serve well into tomorrow.

You can't have it both ways. You're not willing to pay the very modest
price of 3x the processing overhead for Triple-DES. And yet you imagine
vastly more effective attacks, doubtlessly using vastly more powerful
computers and specialized hardware, along with algorithms that have yet
to be invented.

Spending 3x the compute cycles of single-DES to encrypt information today
gives us an algorithm that most experts feel is much more than three times
as secure. Spending 10x or even 100x the compute cycles isn't an unreasonable
thing to ask. Computer power has increased by much more than this amount in
the time since DES was introduced.

Also, combinations of algorithms are very practical. People have proposed
        des | idea | des
and similar things many times before. We've got plenty of good algorithms
available to us today. There is no pressing need to invent a "vastly
stronger" cipher anytime soon.

-- 
Bohdan       The Failed Clinton Presidency - America Held Hostage - Day 669