Triple DES
| General | |
|---|---|
| First published | 1998 (ANS X9.52) |
| Derived from | DES |
| Cipher detail | |
| Key sizes | 168, 112 or 56 bits (keying option 1, 2, 3 respectively) |
| Block sizes | 64 bits |
| Structure | Feistel network |
| Rounds | 48 DES-equivalent rounds |
| Best public cryptanalysis | |
| Lucks: 232 known plaintexts, 2113 operations including 290 DES encryptions, 288 memory; Biham: find one of 228 target keys with a handful of chosen plaintexts per key and 284 encryptions | |
In cryptography, Triple DES (3DES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.
The original DES cipher's key size of 56 bits was generally sufficient when that algorithm was designed, but the availability of increasing computational power made brute-force attacks feasible. Triple DES provides a relatively simple method of increasing the key size of DES to protect against such attacks, without the need to design a completely new block cipher algorithm.
The Triple Data Encryption Algorithm (TDEA) is defined in each of:
The earliest standard that defines the algorithm (ANS X9.52, published in 1998) describes it as the "Triple Data Encryption Algorithm (TDEA)" — i.e. three operations of the Data Encryption Algorithm specified in ANSI X3.92 — and does not use the terms "Triple DES" or "DES" at all. FIPS PUB 46-3 (1999) defines the "Triple Data Encryption Algorithm (TDEA)", but also uses the terms "DES" and "Triple DES". It uses the terms "Data Encryption Algorithm" and "DES" interchangeably, including starting the specification with:
The Data Encryption Standard (DES) shall consist of the following Data Encryption Algorithm (DES) [sic] and Triple Data Encryption Algorithm (TDEA, as described in ANSI X9.52).
NIST SP 800-67 (2004, 2012) primarily uses the term TDEA, but also refers to "Triple DES (TDEA)". ISO/IEC 18033-3 (2005) uses "TDEA", but mentions that:
The TDEA is commonly known as Triple DES (Data Encryption Standard).
While none of the standards that define the algorithm use the term "3DES", this term is used by some vendors, users, and cryptographers.
Triple DES uses a "key bundle" that comprises three DES keys, K1, K2 and K3, each of 56 bits (excluding parity bits). The encryption algorithm is:
I.e., DES encrypt with K1, DES decrypt with K2, then DES encrypt with K3.
Decryption is the reverse:
I.e., decrypt with K3, encrypt with K2, then decrypt with K1.
...
Wikipedia