ου γαρ εστιν κρυπτον ο ου φανερον γενησεται ουδε αποκρυφον ο ου γνωσθησεται και εις φανερον ελθη
Wersja PL ENG Version

Triple DES (3DES)

  • Description
  • Algorithm
  • Block diagrams
  • Mathematical functions
  • Implementation
3DES cipher is quite popular block symmetric cipher, created based on DES cipher. It was presented in 1998, and described as a standard ANS X9.52. It is also called Triple Data Encryption Algorithm (TDEA).
Block cipher with symmetric secret key
Block length = 64 bits
Key length = 56, 112, or 168 bits

3DES cipher was developed because DES encryption, invented in the early 1970s and protected by a 56-bit key, turned out to be too week and easy to break using modern computers of that time. The effective security which 3DES provides is 112 bits, when an attacker uses meet-in-the-middle attacks.

For several years, Triple DES was often used for electronic payments (for example, in EMV standard). New protocols based on the cipher are still being created and maintained (as for 2016). It was also used in several Microsoft products (for example, in Microsoft Outlook 2007, Microsoft OneNote, Microsoft System Center Configuration Manager 2012) for protecting user configuration and user data.

Triple DES algorithm performs three iterations of a typical DES algorithm. In its strongest version, it uses a secret key which consists of 168 bits. The key is then divided into three 56-bit keys.

3DES Encryption

  1. encryption using the first secret key
  2. decryption using the second secret key
  3. encryption using the third secret key

The encryption and decryption operations may be presented as mathematical equations.

Encryption:
    c = E3(D2(E1(m)))

Decryption:
    m = D1(E2(D3(c)))

3DES with shorter keys

Using DES decryption operation in the second step of 3DES encryption provides backward compatibility with the original DES algorithm. In this case, the first and second secret keys, or the second and third secret keys should be identical, and their value is not important.

    c = E3(D1(E1(m))) = E3(m)
    c = E3(D3(E1(m))) = E1(m)

It is also possible to use the 3DES cipher with a secret key of size of 112 bits. In this case, the first and third secret keys should be identical. Such an approach is stronger than simple DES encryption used twice (with two separate 56-bit keys) because it provides better protection against meet-in-the-middle attacks.

    c = E1(D2(E1(m)))

 
Transformations in 3DES
3DES is using exactly the same operations for decrypting and encrypting as DES algorithm.

Each iteration of DES algorithm executes the following operations for all input data blocks: the initial permutation, 16 iterations of Feistel functions, and the final permutation.

During key manipulation, the following operations are executed: binary rotation, PC-1 permutation, and PC-2 permutation.

For more details, please visit the description of DES encryption.

Site under development.