Rephrase statement on the security of two-key 3DES.

[openssl.git] / doc / crypto / des_modes.pod

diff --git a/doc/crypto/des_modes.pod b/doc/crypto/des_modes.pod
index d8148c86fc89a937291c1c8509acc725118afa93..da75e8007d454d1956a1c0153b1dc1cf691f9f88 100644 (file)
--- a/doc/crypto/des_modes.pod
+++ b/doc/crypto/des_modes.pod
@@ -6,7 +6,7 @@ Modes of DES - the variants of DES and other crypto algorithms of OpenSSL
 
 =head1 DESCRIPTION
 
-Several crypto algorithms fo OpenSSL can be used in a number of modes.  Those
+Several crypto algorithms for OpenSSL can be used in a number of modes.  Those
 are used for using block ciphers in a way similar to stream ciphers, among
 other things.
 
@@ -165,13 +165,13 @@ only one bit to be in error in the deciphered plaintext.
 
 =item *
 
-OFB mode is not self-synchronising.  If the two operation of
+OFB mode is not self-synchronizing.  If the two operation of
 encipherment and decipherment get out of synchronism, the system needs
-to be re-initialised.
+to be re-initialized.
 
 =item *
 
-Each re-initialisation should use a value of the start variable
+Each re-initialization should use a value of the start variable
 different from the start variable values used before with the same
 key.  The reason for this is that an identical bit stream would be
 produced each time from the same parameters.  This would be
@@ -204,8 +204,8 @@ just one key.
 =item *
 
 If the first and last key are the same, the key length is 112 bits.
-There are attacks that could reduce the key space to 55 bit's but it
-requires 2^56 blocks of memory.
+There are attacks that could reduce the effective key strength
+to only slightly more than 56 bits, but these require a lot of memory.
 
 =item *
 
@@ -248,3 +248,6 @@ it to:
 
 L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<idea(3)|idea(3)>,
 L<rc2(3)|rc2(3)>
+
+=cut
+