Cryptography Reference
In-Depth Information
of the Amperif Corporation, the encryption operation
would be
E
1
D
2
E
1
while decryption would be
D
1
E
2
D
1
. Since
E
k
D
k
=
D
k
E
k
=
I
for all keys
k
, this triple encryption uses an
inverse pair of operations. There are many ways to choose
the three operations so that the resultant will be such a
pair; Tuchman suggested this scheme since if the two keys
are both the same, it becomes an ordinary single-key DES.
Thus, equipment with triple DES could be interoperable
with equipment that only implemented the older single
DES. Banking standards have adopted this scheme for
security.
It may seem that DES is very different from the cryp-
tosystems that preceded it—except that it is a product
cipher made up of transpositions and substitutions—
but it is in fact a logical continuation of them. In a sense
the DES was the logical culmination of a long history of
development of single-key cryptographic algorithms, and
it is this aspect that has been emphasized in the discus-
sion thus far. In another sense, however, the DES is quite
different from anything that preceded it. Cryptology has
traditionally been a secretive science, so much so that it
was only at the end of the 20th century that the principles
on which the cryptanalysis of the Japanese and German
cipher machines of World War II were based were declas-
sified and released. What is different about the DES is that
it is a totally public cryptographic algorithm. Every detail
of its operations—enough to permit anyone who wishes
to program it on a microcomputer—is widely available
in published form and on the Internet. The paradoxical
result is that what is generally conceded to have been one
of the best cryptographic systems in the history of cryp-
tology was also the least secret.
In January 1997 the National Institute of Standards
and Technology (NIST) issued a public request to submit
candidates to replace the aging DES. This time 15 viable
