Rephrase statement on the security of two-key 3DES.

[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776. Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
2002-03-05 15:29:30 +00:00 · 2002-03-05 15:29:30 +00:00 · 2c17323e15
commit 2c17323e15
parent 870694b3da
1 changed files with 2 additions and 2 deletions
--- a/doc/crypto/des_modes.pod
+++ b/doc/crypto/des_modes.pod
@ -204,8 +204,8 @@ just one key.
 =item *

 If the first and last key are the same, the key length is 112 bits.
-There are attacks that could reduce the key space to 55 bit's but it
-requires 2^56 blocks of memory.
+There are attacks that could reduce the effective key strength
+to only slightly more than 56 bits, but these require a lot of memory.

 =item *