I want to calculate the storage requirements for a possible attack on a cryptographic algorithm known as 2DES. The algorithm is given below:

The algorithm as described in (a Cryptography book) . It is based on the observation that, if we have

C = E(K2, E(K1, P))

then (see Figure 7.1a)

X = E(K1, P) = D(K2, C)

Given a known pair, (P, C), the attack proceeds as follows. First, encrypt P for all

2^56 possible values of K1. Store these results in a table and then sort the table by the

values of X. Next, decrypt C using all 256 possible values of K2. As each decryption

is produced, check the result against the table for a match. If a match occurs, then

test the two resulting keys against a new known plaintext–ciphertext pair. If the two

keys produce the correct ciphertext, accept them as the correct keys.

Storage for:

Given a known pair, (P, C), the attack proceeds as follows. First, encrypt P for all

2^56 possible values of K1- 2^56 units of storage

If each hash key takes n bytes of data then: n * 2^56

For decryption, we are not storing anything in the hard disk.

Is the above result correct? Some body please guide me.

Zulfi.