Triple DES


Triple DES (or TDES or DES3) is a variation of the Data Encryption Standard (DES) Symmetric Key Cipher that is three times slower than DES but provides stronger reliability.

The Cipher uses three 64-bit keys for a combined key length of 192 bits.

The Message is encrypted with the first key, decrypted with the second key, and then re-encrypted with the third key.

You MUST ensure that all three keys, are unique.

National Institute of Standards and Technology (NIST) has announced withdrawal of approval for Triple DES (also known as 3DES, TDES and sometimes DES EDE) in common protocols such as TLS and IPsec.

Triple DES cipher suffers from a fundamental weakness linked to its small (64-bit) blocksize, i.e. the size of plaintext that it can encrypt. In the common mode of operation CBC, each plaintext block is Bitwise XORed with the previous ciphertext before encryption. This means if you encrypt a lot of data and by chance you and get the same ciphertext block twice, an attacker can learn the Bitwise XOR of the two corresponding blocks of plaintext (he obtains this by Bitwise XORing the two preceding ciphertexts together).

How much plaintext do you need to encrypt before a collision becomes likely? The calculation is closely related to the Birthday Paradox.

Triple DES suffers from the same cryptographically Weak issue as similar to MD5

More Information#

There might be more information for this subject on one of the following: