Exploits Against Legacy Encryption – A Conversation with Cisco

Like This Blog 1

Added by Mike Danseglio April 4, 2013

You should already realize that you cannot just change your standard encryption algorithms and key lengths on a moment’s notice. Those are decisions that you made after careful research and testing. So while you might have some cryptography in place that isn’t the latest and greatest Elliptic Curve or Quantum Cryptography fad, you’re confident that it adequately protects your assets.

Or at least you selected cryptography that protected against known attacks when you selected it. And that’s the problem. Attackers never stop looking for exploits, be they weaknesses in the algorithm, attackable key sizes, or using Moore’s Law to simply brute force the math.

At the RSA Conference I had the pleasure of discussing a new type of possible attack against legacy encryption with Cisco Fellow David McGrew. He explains the potential weakness of 64-bit block ciphers including the American Data Encryption Standard (DES) and Triple-DES algorithms as well as the Soviet GOST 28147-89.

David and I we discuss the potential attacks as well as the fact that Triple-DES, or 3DES, is actually a 168-bit block cipher that uses three iterations of DES. Because 3DES is frequently used in IT today that topic is especially interesting. In fact, if your infrastructure supports mobile platforms like Apple iOS or Google Android, you probably have 3DES implemented right now. That makes watching this video even more important for you.

Check out the video of myself with David McGrew.

Be well and be safe!

Mike Danseglio -CISSP / CEH
Interface Technical Training – Technical Director and Instructor