现在还在使用 DES 或 3DES 吗?

发布于 2024-08-09 06:30:08 字数 89 浏览 9 评论 0原文

我已经编写了一个 DES 实现作为练习,现在想知道今天是否以及在何处使用(三重)DES。

我读过有关使用它的银行卡的信息,但我找不到任何可靠的来源。

I've written a DES implementation as an exercice and am now wondering if and where (triple-)DES is used today.

I've read about banking cards using it, but I can't find any reliable source for it.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(7

星軌x 2024-08-16 06:30:08

Triple-DES 至今仍在使用,但被广泛认为是一种传统加密算法。 DES 本质上是不安全的,而 Triple-DES 具有更好的安全特性,但仍然被认为存在问题。

NIST 是加密算法标准化的政府组织。最新的对称密钥加密算法 NIST 标准是 AES(高级加密标准)。事实上,NIST 的 AES 有很多很好的提名,包括后来成为 AES 的 Rijndael 算法,以及 Bruce Schneier 的 Blowfish、Twofish 算法和 Serpent 算法。

Triple-DES is still in use today but is widely considered a legacy encryption algorithm. DES is inherently insecure, while Triple-DES has much better security characteristics but is still considered problematic.

NIST is the government organization that standardizes on cryptographic algorithms. The most current symmetric-key encryption algorithm NIST standard is AES, the Advanced Encryption Standard. In fact, there were a number of good nominations to be NIST's AES, including the Rijndael algorithm which became AES, as well as Bruce Schneier's Blowfish, the Twofish algorithm, and the Serpent algorithm.

听不够的曲调 2024-08-16 06:30:08

编辑:@David Koontz 回复了这篇文章,我有机会回顾 5 年前的事情。我将在下面完整保留我的帖子,但对于现在阅读本文的任何人,如果有机会,请避免使用 3DES,如果没有,请让专家查看您的特定系统。不能保证一般答案适用于您的情况,尤其是在计算机安全方面。

是的。

3DES 已被破解,但是当密码学家说“已破解”时,这意味着非常具体的事情:攻击者可以在比暴力破解更短的时间内破解密钥。 3DES 的密钥长度为 168 位,通过一些中间相遇攻击技巧将其减少到 112 位。而且,引用维基百科的话,“NIST 指定它只有 80 位安全性。”

它的损坏相当严重,但即便如此,80 位仍然是一个非常大的数字;例如,3DES 非常适合击败那些资源比 NSA 少的人,如果运气好的话,它可能会持续 10 或 15 年。对于很多不使用 3DES 来保护昂贵物品的人来说,更换 3DES 的动机还不够高。

EDIT: @David Koontz replied to this post, and I had a chance to look 5 years into the past. I'm leaving my post intact below, but for anyone reading this now, avoid 3DES if you have the opportunity, and if not, get an expert to look at your specific system. There's no guarantee that a general answer will apply to your situation, in computer security especially.

Yes.

3DES is broken, but when a cryptographer says "broken," that means something very specific: that an attacker can break the key in better-than-brute-force time. 3DES has a key length of 168 bits, which is reduced to 112 bits by some meet-in-the-middle attack cleverness. And, to quote Wikipedia, "it is designated by NIST to have only 80 bits of security."

It's pretty badly broken, but even so, 80 bits makes for a very big number; 3DES is plenty good for beating people with fewer resources than the NSA, for example, and it will be for maybe 10 or 15 years, with some luck. The incentive to replace 3DES it isn't high enough for a lot of people who aren't using it to protect expensive things.

眼藏柔 2024-08-16 06:30:08

为了回答您在哪里使用 3DES 的问题,我想补充一点,Microsoft OneNote、Microsoft Outlook 2007 和 Microsoft System Center Configuration Manager 2012 使用 Triple DES 来密码保护用户内容和系统数据。

另请参阅:

  1. 1.Daniel Escapa 的 OneNote 博客 - 受密码保护部分的加密,2006 年 11 月
  2. Microsoft TechNet 产品文档 - Configuration Manager 中使用的加密控制技术参考,2012 年 10 月

To answer your question of where 3DES is being used, I would like to add that Microsoft OneNote, Microsoft Outlook 2007 and Microsoft System Center Configuration Manager 2012 use Triple DES to password protect user content and system data.

See also:

  1. 1.Daniel Escapa's OneNote Blog - Encryption for Password Protected Sections, November 2006
  2. Microsoft TechNet product documentation - Technical Reference for Cryptographic Controls Used in Configuration Manager, October 2012
∝单色的世界 2024-08-16 06:30:08

OpenSSL 库为 3DES 和许多其他加密算法提供可靠的源代码。 关于 DES_* 的 libcrypto 文档 描述了可用的功能。

The OpenSSL library provides reliable source code for 3DES and many other cryptographic algorithms. The libcrypto documentaton on the DES_* functions describes what is available.

温柔戏命师 2024-08-16 06:30:08

关于银行业,你是对的。但一切都发生在硬件层面。一种流行的技术是 HSM

You are right about banking. But everything happens in hardware level. One popular technology is HSM.

最近可好 2024-08-16 06:30:08

我敢打赌有些银行卡实际上使用三重DES。值得注意的是,(在现实世界中)经营一家企业与人们仅仅研究这个问题时的想法是多么不同。只是感兴趣还是手头有实际的挑战? (无论是学习作业还是其他)

I'll bet some banking cards in fact use triple des. It is remarkable how running a business ( in the real world ) diverges from what one would think just from studying the problem. Just interested or is there an actual challenge at hand? ( be it study assignment or otherwise )

甜心 2024-08-16 06:30:08

3DES 存在两个 CVE 问题中已描述的问题
这就是所谓的 SWEET32 问题。它的基本密码深度是 64 位(尽管使用了三轮),因此它也属于最初较弱的密码系列
从今天的角度看2017年的安全及其被攻破的概率
更频繁、更容易,不应再使用。

3DES has a Problem described already in two CVE Issues
which is called the SWEET32 Issue. Its base Cipher Dephth is 64Bit (though used along three Rounds) so it belongs to a Family of originally weak Ciphers as well
From today's Standpoint of Security in 2017 and its probability to be broken
more often and more easily, is should no longer be used.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文