MD should use more robust encryption

sth's Avatar


08 Jan, 2012 01:22 AM

If I look at my data file correctly it seems that MD uses the DES encryption. This is an old encryption standard promulgated by NIST several years ago. Many projects have shown that this is relatively easy encryption to break. The computation power to break it is significant but available to many.

I would like to encourage the use of the AES encryption also known as Rijndael. This is the new "Advanced Encryption Standard" adopted by NIST and is substantially more secure. There are several public libraries to implement this standard. For more information see

Data Encryption Standard quote: "DES is now considered to be insecure for many applications."

Advanced Encryption Standard

  1. 1 Posted by Ben Spencer on 08 Jan, 2012 04:37 PM

    Ben Spencer's Avatar

    agree with you that DES is not secure and Moneydance uses triple DES. I am not convinced that 3DES is insufficient. While 3DES it is certainly crack-able in better than brute force time the amount of resources necessary to crack 3DES in a reasonable amount of time are very significant. To the extent that it is secure in a practice sense. According to wikipedia "NIST considers [3DES] keying option 1 to be appropriate through 2030". I think it is a bit optimistic to think that 3DES will still be relevant in 2030. Perhaps you have more up to date information on the time it takes to crack 3DES. If it is the case that it can be cracked with less than a massive cluster of computers with GPUs in a reasonable time I will prioritise the ticket.

    Ben Spencer
    Moneydance Support

  2. 2 Posted by sth on 09 Jan, 2012 02:58 PM

    sth's Avatar

    3DES is probably secure enough. The 112 bit effective length (assuming there are 3 independent keys) is probably more secure than the pass phrase most people use. The file header seemed to imply single DES which I do have problems with.

    I haven't seen a recent crack of 3DES and it is still used by most financial institutions. The move to AES will take place eventually but as you point out there is no hurry and no need to address it now. Thanks for the clarification that MD used 3DES and not DES, I just saw the DES phrase in the file header and was not clear on the algorithm used.

  3. Tom Freeman closed this discussion on 09 Jan, 2012 09:51 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac