Triple DES
|
|
| Triple Data Encryption Standard | |||
| |||
| General | |||
| Designer(s) | IBM | ||
| First published | 1999 | ||
| Derived from | DES | ||
| Cipher(s) based on this design | - | ||
| Algorithm detail | |||
| Block size(s) | 64 bits | ||
| Key size(s) | 168 bits | ||
| Structure | Feistel network | ||
| Number of rounds | - | ||
| Best cryptanalysis | |||
| - | |||
In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. It was developed by Walter Tuchman (the leader of the DES development team at IBM) and is specified in FIPS Pub 46-3. There are several ways to use DES three times; not all are Triple-DES and not all are as secure.
Triple-DES is defined as performing a DES encryption, then a DES decryption, and then a DES encryption again.
- C = DESk3(DES-1k2(DESk1(P))).
with
- P — plaintext.
- C — ciphertext.
- k1, k2, k3 — 56-bit DES keys.
- DESk — DES encryption with key k.
- DES-1k — DES decryption with key k.
Triple-DES has a key length of 168-bits (three 56-bit DES keys), but because of an attack it has an effective key size of 112 bits. A variant uses k1 = k3, thus reducing the key size to 112 bits. This mode is susceptible to some attacks, though.
DES is not a group; if it were one, the Triple-DES construction would be equivalent to a single DES operation and no more secure. Veteran 3DES stands unbroken to this day (according to publicly available information), but its demise is inevitable due to the cipher's miserably slow speed. The original DES design was meant for hardware-only use and it lends itself particularly poorly to implementation on modern 32-bit operating systems. An appliance capable of 3 Mbit/s VPN throughput over 3DES could easily achieve 10-22 Mbits when using the Blowfish block cipher.
When k1 = k2 or k2 = k3, Triple DES is reduced to single DES, and this is often used to provide backward compatibility. The use of three steps is essential to prevent meet-in-the-middle attacks; double DES would have serious vulnerabilities. The choice of decryption for the middle step (as opposed to encryption) does not affect the security of the algorithm but instead lets tools that implement triple DES interoperate with legacy single DES tools.
After a public competition, the AES (Rijndael) cipher was chosen as the successor to DES and triple DES.
See also
References
- Stefan Lucks: Attacking Triple Encryption. Fast Software Encryption 1998: pp239–253
External links
- SCAN's entry for Triple DES (http://www.users.zetnet.co.uk/hopwood/crypto/scan/cs.html#DESede)
- Optimized 3DES source code in C (GPL license) (http://www.cr0.net:8040/code/crypto/des/)
| Block ciphers edit (https://academickids.com:443/encyclopedia/index.php?title=Template:Block_ciphers&action=edit) |
| Algorithms: 3-Way | AES | Akelarre | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | DEAL | DES | DES-X | FEAL | FOX | FROG | G-DES | GOST | ICE | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SEED | Serpent | SHACAL | SHARK | Skipjack | Square | TEA | Triple DES | Twofish | XTEA |
| Design: Feistel network | Key schedule | Product cipher | S-box | SPN Attacks: Brute force | Linear / Differential cryptanalysis | Mod n | XSL Standardisation: AES process | CRYPTREC | NESSIE Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key |