No Panacea

Many times I get questions on the use of DES/3DES/AES/IDEA versus other block ciphers. I try to explain the differences in performance, and strength of each cipher rather than saying a is better than b. In regards to the US, there as a CNSS Advisory Memorandum issued March 2005 that speaks to the military use of DES and 3DES (”Advisory Memorandum on the Retirement of Data Encryption Standard (DES) Based Cryptography to Protect National Security Systems“)

Here are the key points:

• DES is to be retired (and Triple DES using ONLY one key)
• Triple DES using two keys to be retired by 2008
• Triple DES using any mode to be retired by 2015

The report does not mention the use of the Advanced Encryption Standard (AES) or any future retirement dates on it.

Military Information Technology has an interesting Q&A with NSA IA Director Richard C. Schaeffer Jr.

Is it paranoia if it’s true? This video demonstrates how election results could be rigged by installing malicious software. Software is installed in the Diebold machines by swapping memory cards. More technical information can be found on the Princeton voting site.