> the saving grace is that 3DES is still considered secure. Nobody who wants to ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tialaramex on April 4, 2020 \| parent \| context \| favorite \| on: Zoom rolled their own encryption scheme, transmit ... > the saving grace is that 3DES is still considered secure. Nobody who wants to do AES-256 rather than AES-128 thinks 3DES is "still secure". 3DES is perhaps 112 bits of useful keyspace but it has 64-bit blocks which was already bad news when DES was invented. TLS 1.3 doesn't have a 3DES option at all. You can do AES 128 or AES 256 (or ChaCha20).

kevin_thibedeau on April 4, 2020 [–]

The USG still considers it secure and that will retard forward progress.

blattimwind on April 4, 2020 | [–]

There is an abundance of secure, widely reviewed symmetric ciphers for every imaginable application profile.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact