Triple DES (3DES)
- Block diagrams
- Mathematical functions
3DES cipher was developed because DES encryption, invented in the early 1970s and protected by a 56-bit key, turned out to be too week and easy to break using modern computers of that time. The effective security which 3DES provides is 112 bits, when an attacker uses meet-in-the-middle attacks.
For several years, Triple DES was often used for electronic payments (for example, in EMV standard). New protocols based on the cipher are still being created and maintained (as for 2016). It was also used in several Microsoft products (for example, in Microsoft Outlook 2007, Microsoft OneNote, Microsoft System Center Configuration Manager 2012) for protecting user configuration and user data.
Triple DES algorithm performs three iterations of a typical DES algorithm. In its strongest version, it uses a secret key which consists of 168 bits. The key is then divided into three 56-bit keys.
- encryption using the first secret key
- decryption using the second secret key
- encryption using the third secret key
The encryption and decryption operations may be presented as mathematical equations.
c = E3(D2(E1(m)))
m = D1(E2(D3(c)))
3DES with shorter keys
Using DES decryption operation in the second step of 3DES encryption provides backward compatibility with the original DES algorithm. In this case, the first and second secret keys, or the second and third secret keys should be identical, and their value is not important.
c = E3(D1(E1(m))) = E3(m)
c = E3(D3(E1(m))) = E1(m)
It is also possible to use the 3DES cipher with a secret key of size of 112 bits. In this case, the first and third secret keys should be identical. Such an approach is stronger than simple DES encryption used twice (with two separate 56-bit keys) because it provides better protection against meet-in-the-middle attacks.
c = E1(D2(E1(m)))