Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Is the Triple DES Unbreakable?
- Thread starter BMW
- Start date
have a look at they've done stuff re:breaking DES encryptions.
===============
Security Forums
===============
Security Forums
BMW -
No encryption is unbreakable. That includes triple-DES, IDEA, and the new AES (Rjindael). You only have to throw enough hardware at it, like the folks at distributed.net have done, and make good decisions about how best to attack.
If you had asked, "Is triple-DES unbreakable within a month?", then the answer is yes, assuming the attacker doesn't get lucky and find the key first thing.
Chip H.
No encryption is unbreakable. That includes triple-DES, IDEA, and the new AES (Rjindael). You only have to throw enough hardware at it, like the folks at distributed.net have done, and make good decisions about how best to attack.
If you had asked, "Is triple-DES unbreakable within a month?", then the answer is yes, assuming the attacker doesn't get lucky and find the key first thing.
Chip H.
Filksinger
MIS
Distributed.net notwithstanding, Triple-DES will not be cracked by brute force in the near future.
There are two possible weaknesses to a standard symetrical cryptographic protocol. First, the key length may be too short. Second, the protocol may be flawed.
In the first case, you get DES. DES was broken, not because of inherent weaknesses, but because the key length was too short. A sufficiently long key length is effectively immune to this approach. Triple DES has a sufficiently long key length that, even if distributed.net included every computer on Earth at this time, millions of years of calculations would be needed to crack it. It would be much faster to wait for Moore's law to catch up. If Moore's Law holds up, in 150 years you'll be able to crack it on a pocket calculator. If quantum computing lives up to its promises, it may be possible to crack it on a special-purpose quantum computer much sooner than that.
In the second case, many protocols have proven vulnerable. DES, on the other hand, hasn't proven to have more than minor, theoretical weaknesses. Generally accepted theoretical proofs exist that show that Triple-DES is secure as DES is. This also means that if someone can actually crack DES (instead of doing a brute force search on the key like distributed.net did), then Triple-DES fails immediately. So far, the top cryptographers in the world have tried for decades, without result.
The biggest worry of many people is that the NSA might have a secret way of cracking it. This is highly improbable. DES is the most thoroughly analyzed cryptographic protocol in the world, and it has been proven time and again that the NSA hasn't been the best at cryptography for some time. The idea that they could design a deliberately broken protocol so well that 20 years later we are still trying to find a hole they designed in is extremely unlikely.
So, while no protocol is guaranteed unbreakable (except the "one time pad" technique, which is absolutely unbreakable, but very inconvenient to use), Triple-DES is a safer bet than almost any other protocol.
Though, personally, I prefer IDEA.
There are two possible weaknesses to a standard symetrical cryptographic protocol. First, the key length may be too short. Second, the protocol may be flawed.
In the first case, you get DES. DES was broken, not because of inherent weaknesses, but because the key length was too short. A sufficiently long key length is effectively immune to this approach. Triple DES has a sufficiently long key length that, even if distributed.net included every computer on Earth at this time, millions of years of calculations would be needed to crack it. It would be much faster to wait for Moore's law to catch up. If Moore's Law holds up, in 150 years you'll be able to crack it on a pocket calculator. If quantum computing lives up to its promises, it may be possible to crack it on a special-purpose quantum computer much sooner than that.
In the second case, many protocols have proven vulnerable. DES, on the other hand, hasn't proven to have more than minor, theoretical weaknesses. Generally accepted theoretical proofs exist that show that Triple-DES is secure as DES is. This also means that if someone can actually crack DES (instead of doing a brute force search on the key like distributed.net did), then Triple-DES fails immediately. So far, the top cryptographers in the world have tried for decades, without result.
The biggest worry of many people is that the NSA might have a secret way of cracking it. This is highly improbable. DES is the most thoroughly analyzed cryptographic protocol in the world, and it has been proven time and again that the NSA hasn't been the best at cryptography for some time. The idea that they could design a deliberately broken protocol so well that 20 years later we are still trying to find a hole they designed in is extremely unlikely.
So, while no protocol is guaranteed unbreakable (except the "one time pad" technique, which is absolutely unbreakable, but very inconvenient to use), Triple-DES is a safer bet than almost any other protocol.
Though, personally, I prefer IDEA.
- Status