Technical Report CS0884

Title: How to Forge DES-Encrypted Messages in $2^{28}$ Steps
Authors: Eli Biham
Abstract: In this paper we suggest {\it key-collision attacks}, and show that the theoretic strength of a cipher cannot exceed the square root of the size of the key space. As a result, in some circumstances, some DES keys can be recovered while they are still in use, and these keys can then be used to forge messages: in particular, one key of DES can be recovered with complexity $2^{28}$, and one key of (three-key) triple-DES can be recovered with complexity $2^{84}$.
CopyrightThe above paper is copyright by the Technion, Author(s), or others. Please contact the author(s) for more information

Remark: Any link to this technical report should be to this page (, rather than to the URL of the PDF files directly. The latter URLs may change without notice.

To the list of the CS technical reports of 1996
To the main CS technical reports page

Computer science department, Technion