RE: telnet vs ssh on Core equipment , looking for reasons why ?

[Roeland Meyer <rmeyer () mhsc com>]

> From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu]
> Sent: Tuesday, July 31, 2001 3:10 PM
>
> On Tue, 31 Jul 2001 14:59:25 PDT, Roeland Meyer said:
>
> > You are probably aware, but EFF published the DES crack. I 
> understand that
> > it is  now an issue of cracking DES in less than 12 hours. 
> 3DES is better
> > but it only amounts to DES with a 128-bit key.
>
> Actually, 3DES has a 112 bit effective key.  However, 
> although that's only
> double the key length, the *difficulty* is a bit more than 
> twice as much.
> Assuming a brute-force of a 56-bit key in 12 hours, then a 112 bit key
> will take (given the same resources) 2**56 * 12 hours, which is about
> 864,691,128,455,135,232 hours which works out to 
> 98,709,032,928,668 years,
> which is about 4,000 times the current estimated age of the universe.
>
> This analysis of course assumes that the EFF crack is a brute-force,
> and not a result of differential cryptanalysis or exploitation of a
> flaw in the DES S-boxes or similar.  Schneier's 'Applied Cryptography'
> lists an attack that's around 2**47 rather than 2**56, 
> assuming you can
> get the victim to encrypt several gigabytes of text of your 
> choosing with
> his key....

 ... and then they load it on www.distributed.net