Skip to content

Instantly share code, notes, and snippets.

@typelogic
Last active January 26, 2020 16:18
Show Gist options
  • Select an option

  • Save typelogic/27f114e2122ab24abe1b940b59401871 to your computer and use it in GitHub Desktop.

Select an option

Save typelogic/27f114e2122ab24abe1b940b59401871 to your computer and use it in GitHub Desktop.
3des notes

27f114e2122ab24abe1b940b59401871 https://www.cs.sjsu.edu/~stamp/CS265/SecurityEngineering/chapter5_SE/tripleDES.html

Triple DES

Since DES uses a 56-bit key it is vulnerable to attack. Is it possible to use DES, but make the effective key length longer than 56 bits?

Suppose C = EK(P), where E is DES encryption of plaintext P with key K, and C is the resulting ciphertext. Let D be the corresponding decryption, so that P = DK(C).

The accepted way of making DES more secure is to use two keys, K1 and K2 in "EDE" mode

  C = EK1(DK2(EK1(P)))

Then decryption is

  P = DK1(EK2(DK1(C)))

This gives a key length of 112 bits, which is considered very secure.

Question: Why not use

  C = EK1(EK1(P))

instead?

Answer: There are still only 256 keys to try so there is no improvement in security.

Question: Why not use

  C = EK1(EK2(P))

instead?

Answer: Theoretically, there is a meet-in-the-middle attack that only requires about 257 work (though it also requires an impractical lookup table).

Question: Why is it EDE and not EEE?

Answer: With EDE, if we set K1=K2, then we get single DES.

Question: Why not use three different keys in triple DES?

Answer: You can, though it is not the standard. But then you would need to manage 3 keys while 2 keys (112 bits) is considered sufficiently secure. Also, you would lose backward compatibility with single DES.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment