Nicolas George [2017-02-06 19:41:45+01] wrote: > L'octidi 18 pluviôse, an CCXXV, Teemu Likonen a écrit : >> I'm not expert in this area but from what I have read I'm quite sure >> that 3DES is still very much safe. There are no known practical attack >> methods and it's still used for serious encryption. > > I think you are mistaken. > > As a block cipher, even if there are no attacks against 3DES itself, it > is considered unsafe like all block ciphers with 64-bits blocks due to > birthday attacks. But that is not what we are talking about here. > > The 3DES-derived crypt() implementation is bad for nowadays passwords > for (at least) two reasons. Thanks for the info. Indeed I wasn't paying enough attention to this particular case.
Attachment:
signature.asc
Description: PGP signature