I've written a DES implementation as an exercice and am now wondering if and where (triple-)DES is used today.
I've read about banking cards using it, but I can't find any reliable source for it.
A:
The OpenSSL library provides reliable source code for 3DES and many other cryptographic algorithms. The libcrypto documentaton on the DES_* functions describes what is available.
Greg Hewgill
2009-10-24 21:41:03
A:
I'll bet some banking cards in fact use triple des. It is remarkable how running a business ( in the real world ) diverges from what one would think just from studying the problem. Just interested or is there an actual challenge at hand? ( be it study assignment or otherwise )
Nicholas Jordan
2009-10-24 21:44:20
Hey, no there's no immediate challenge. I'm just thinking about chosing DES as subject for a small speech in future.
svens
2009-10-24 21:49:39
ojrac's got the overview on what you are asking, google for Rijndael and just keep following links until you have enough to make your structure coherent and presentable. Right at the moment I favor KHAZAD (IPA: /xaˈzad/) is a block cipher designed by Paulo S. L. M. Barreto together with Vincent Rijmen because I find, ahem, copywrong, issues to be a greater intrusion portal than what cipher it is you are using. Google "Snake Oil FAQ" -> that if anything should be the subject of your speech. ( ps - those are recognized masters so be polite about it )
Nicholas Jordan
2009-10-26 22:23:01
+2
A:
Triple-DES is still in use today but is widely considered a legacy encryption algorithm. DES is inherently insecure, while Triple-DES has much better security characteristics but is still considered problematic.
NIST is the government organization that standardizes on cryptographic algorithms. The most current symmetric-key encryption algorithm NIST standard is AES, the Advanced Encryption Standard. In fact, there were a number of good nominations to be NIST's AES, including the Rijndael algorithm which became AES, as well as Bruce Schneier's Blowfish, the Twofish algorithm, and the Serpent algorithm.
Justice
2009-10-24 21:46:16
+1
A:
Yes.
3DES is broken, but when a cryptographer says "broken," that means something very specific: that an attacker can break the key in better-than-brute-force time. 3DES has a key length of 168 bits, which is reduced to 112 bits by some man-in-the-middle attack cleverness. And, to quote Wikipedia, "it is designated by NIST to have only 80 bits of security."
It's pretty badly broken, but even so, 80 bits makes for a very big number; 3DES is plenty good for beating people with fewer resources than the NSA, for example, and it will be for maybe 10 or 15 years, with some luck. The incentive to replace 3DES it isn't high enough for a lot of people who aren't using it to protect expensive things.
ojrac
2009-10-24 21:54:21