Yes, the problem with 3DES isn't the key length, it's the 64bit block size which opens it up to birthday attacks if it's used in a stream for a long enough with the same key. Defending against this sort of attack is one of the reasons that a lot of VPN setups rekey the encrypted connection with the client at regular intervals. Note that once Gmail disables 3DES it's minimum block size supported will be 128bits.
scrapheap|9 months ago