[tor-talk] time to disable 3DES?

Yawning Angel yawning at schwanenlied.me
Tue Oct 8 04:03:38 UTC 2013

* Lee <ler762 at gmail.com> [2013-10-07 21:49:29 -0400]:
> On 10/7/13, Yawning Angel <yawning at schwanenlied.me> wrote:
> > * Lee <ler762 at gmail.com> [2013-10-07 15:58:19 -0400]:
> >> Isn't it time to quit using DES?
> >>
> >> Finally gave TBB a try (version 2.3.25-13), seems to me that the
> >> firefox component needs a lot of hardening.
> >
> > DES != 3DES, and supporting 3DES suites is standard across major browsers.
> Right.  But is it still safe to use?

Why wouldn't it be?  As far as I can tell you have yet to come up with any
convincing reason as to why it's broken beyond "the NSA had a hand in it's
design[0]" and "the name has DES in it".

Note that Stephan Lucks' attack requires too many known plaintexts to be
relevant in this context and is still (probably) computationally infeasable.

> So...  if you're visiting a web site that does only 3DES encryption,
> is that good enuf or do you say no thanks & go elsewhere?

*shrugs*  If I noticed, it would be amusing since the webserver is buring a lot
of CPU by using 3DES, and I would question the system adminstrator's
sanity/competence, but on it's own, it's not a sufficient reason for me to
ignore the site.

This is getting offtopic so I will stop now.

Yawning Angel

[0]: If that's sufficient reason to drop something, the only cipher suite on the
list that you would have left is TLS_RSA_WITH_RC4_128_MD5.

More information about the tor-talk mailing list