Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Can oracle support encryption on some sensitive field in database?

Re: Can oracle support encryption on some sensitive field in database?

From: Allen Kistler <ackistler_at_yahoo.com>
Date: 20 Nov 2001 07:53:50 -0800
Message-ID: <9e3d4fab.0111200753.3e75619f@posting.google.com>


Pete Finnigan <pete_at_peterfinnigan.demon.co.uk> wrote in message news:<iAD5GcAp0n87EwAO_at_peterfinnigan.demon.co.uk>...
> Hi
>
> Actually the 3DES is triple DES and has a 168 bit key, not 112, but its
> still DES and is known to be a weak algorithm as its symmetrical. You
> would be better using a public algorithm that uses public and private
> keys.

This is a slight digression, but ....

3DES uses two 56-bit keys, hence 3DES essentially has a 112-bit key.

M = cleartext
C = ciphertext
K1 = first key
K2 = second key

Start with M
Encrypt with K1
Decrypt with K2
Encrypt with K1
You get C

Why not use three keys (K1, K2, and K3)? Because then it's possible to find two keys (K1' and K2') which give you the same result. In fact there are exactly 2^56 sets of such keys. So even though you used 168 bits worth of keys, you only got 112 bits worth of encryption.

So if you only get 112 bits worth of encryption anyway, why do the last encryption step?
Because if you don't, there are about 2^55 sets of (K1' and K2') that produce the same result. So even though you used 112 bits worth of keys, you only got about 57 bits worth of encryption. Received on Tue Nov 20 2001 - 09:53:50 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US