kashani at Friday 27 June 2008, 02:28:21 > Here's a reference to the interesting meet-in-the-middle attack which > reduced 3DES key space down to 112 bits from 192. 3DES always had an effective key size of 112 bits, because it uses the original DES algorithm applied in the following scheme E1(D2(E1(M)) with two different 56-bit DES keys. 3DES never had 192 bit keys. The meet-in-the-middle attack has nothing to do with 3DES. In fact, 3DES was designed the way it works now to _prevent_ meet-in-the-middle attacks. Such attacks can be applied to ciphers, that apply a single algorithm with two different keys: E1(E2(M)) Mathematical, the key size of the latter cipher is equal to 3DES: 56+56 = 112. But the latter cipher is vulnerable to meet-in-the-middle attacks, which is why 3DES uses the second key to apply the DES decryption function with a different key right between the consecutive DES encryptions. > Obviously that was unknown when 3DES was built. I doubt. If meet in the middle was unknown at the time of 3DES development, we wouldn't have 3DES today, but 2DES, being as simple as E1(E2(M)). -- Freedom is always the freedom of dissenters. (Rosa Luxemburg)