Cryptography Reference
In-Depth Information
Figure 4-7 DES 32-bit round function.
The S-boxes in the third step are the most critical part of the cipher. The rest of DES is fairly straightforward
and predictable; thus, a very large part of the security of DES rests in the values of the S-boxes.
4.6.3 Triple DES
An ever-growing flaw with DES is its limited key strength, as already mentioned. Despite this, the algorithm
was widely used for decades, and few debilitating weaknesses were found in the algorithm. In order to combat
the key weakness but prevent hardware and software manufacturers from having to completely change products
that utilize DES, a way to extend the life was proposed in the form of triple DES (or, more commonly written,
3DES).
The 3DES method is fairly similar to how it sounds: We essentially run the cryptographic algorithm three
times, each time with a potentially different key. We don't just encrypt three times on one end and decrypt three
times on the other end, though. Instead, we encrypt and decrypt plaintext P (and corresponding ciphertext C)
with three keys, K 1 , K 2 , and K 3 (in that order), by computing
Hence, 3DES is sometimes referred to as DES-EDE (for “Encrypt-Decrypt-Encrypt”).
There are a few notes to make here. We have three keys, so wouldn't we have a key of length 56 × 3 = 168
bits? The answer is — sometimes, but not usually.
In most implementations of 3DES, there is a 112-bit key; we let K 1 and K 2 be distinct keys, and K 3 = K 1 . The
official specification also allows for two additional modes: using three distinct keys (for a full 168-bit key) and
having all three keys be the same. Note that if all three keys are the same, then the first two operations of the
encryption cancel each other out, as do the final two of the decryption, which creates the standard DES cipher-
ing scheme. This allows software and hardware made for 3DES to also be easily converted back to the original
DES as well (although it will be slower because of the wasted time of encrypting and decrypting with no end
result).
 
Search WWH ::




Custom Search