Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

3DES and birthday attacks #10

Closed
vouillon opened this issue Mar 3, 2014 · 1 comment
Closed

3DES and birthday attacks #10

vouillon opened this issue Mar 3, 2014 · 1 comment
Labels
security concern

Comments

@vouillon
Copy link

vouillon commented Mar 3, 2014

3DES is subject to birthday attacks: with over 32 gigabytes of data, there is about 50% chance that two 64-bit blocks have been similarly encoded; then, some information could be recovered by xoring them.

A workaround is to force a rekeying (renegotiation) much sooner. However, this adds some complexity to the implementation and it might be hard to check that this has been correctly implemented (and that it remains so over time).

As far as I know, other ciphers are not subject to this attack. In particular, AES uses 128-bit blocks, which makes the attack impossible.

References:
@hannesm
Copy link
Member

hannesm commented Dec 23, 2017

since the 0.9.0 release, 3DES is disabled by default, unclear when/how to remove the 3DES code entirely.

the library-initiated renegotiation after n bytes is at the moment out of scope.

@hannesm hannesm closed this as completed Dec 23, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security concern
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hannesm @vouillon