alt Hacker NewsIt's true that 64 bits was known not to be enough when DES shipped decades ago, but there is some difference between "We know that's a bad idea" and a demo showing why, and so I think I'm OK with the word "broken" in that context.
There's a reason POCs matter right? Why you feel comfortable (even though I don't agree) saying multi-threaded Go doesn't have a memory safety problem and yet you wouldn't feel comfortable making the same claim for C++.
Replies
tptacek • yesterday at 5:14 PM
This semantic argument was more plausible before the original commenter claimed 3DES can be "broken with little effort".
➕ show 1 reply
I'm not a cryptographer but to me "broken" seems to imply that the core algorithm itself can be attacked. If merely applying it in certain ways as part of some larger system can fail then aren't most (possibly all) ciphers broken? It's entirely possible to do all sorts of stupid things.
Granted, a 2^32 block limit is pretty severe by modern standards.