# Triple DES

## Introduction:

TDES is another name for triple DES. ** It is an asymmetric key block cipher, which means that the same key can be utilized to encrypt and decode data in fixed-length blocks of bits**. It is known as "Triple DES" since it encrypts data with the DES cipher three times.

When DES was first invented in 1976, it required a key size of around 56 bits to provide appropriate protection against brute-force assaults. Because computers have gotten more affordable and powerful, the 3DES algorithm can now employ DES three times in a row, thereby ending brute-force attacks on modern systems.

The Triple Data Encryption Algorithm (3DES) improves the widely used DES algorithm. 3DES use the key that is a symmetric block cipher. 3DES was created for the encryption of 64-bit blocks of data by using three unrelated 64-bit keys.

Each key is utilized as an input in the DES block. Without creating an entirely new cryptosystem, 3DES can exploit a potential flaw in DES. 3-DES enhances the key size of DES by advancing the algorithm three times in advance with three different keys. Because DES employs a 56-bit key, it is inefficient for encrypting sensitive information.

## Data encryption standard:

Encryption keys must be safeguarded against a compromise in confidentiality, integrity, or availability (CIA) that is frequent in a Men in the Middle attack. As a result, the DES (Data Encryption Standard) algorithm implements numerous rounds of encryption & decryption.

To lessen the reliance on memory, DES employs an online method of cryptographic implementation, encrypting and decrypting on the fly so that keys are not required to be kept during transmission.

DES is a block cipher-based technology that uses a memoryless algorithmic method to encrypt and decrypt massive plaintext data units. This technique is performed several times to generate plaintext-ciphertext block pairs.

From 1980 through 2004, the Data Encryption Standard, created in 1977, was the world's de facto option for block cipher-based cryptosystem implementations. DES, in particular, is built on the Feistel cipher design paradigm, which alternately employs substitution and permutation operations, as shown here:

The Feistel blocks employ several round functions between a data block and a subkey, resulting in the same size as the inputs. The subkey encrypts the first half of an input block, and the result is XORed with the other half of the data blocks. After this technique is repeated numerous times, the data becomes encrypted, and the mathematical functions become invertible. The ciphertext can be decrypted using the same block procedure and key schedule.

## The DES operations:

Consider the following DES cryptographic operations:

**Expansion:** Using expansion permutations, the half block of a 32-bit is enlarged to 48 bits.

**Key mixing:** For each round, the XOR operation is performed on the information along with 16 subkeys within 48-bit length.

**Substitution:** The resulting block is subdivided into 6-bit blocks & processed with the Substitute box, which provides a nonlinear modification of the input data utilizing the lookup table for the S-box.

**Permutation:** Using the P-box, the result is rearranged utilizing a fixed permutation.

## The triple-DES algorithm:

Let's go on to Triple DES. The Triple-DES implementation of algorithms is described below:

The encryption scheme is denoted as follows:

- EK3(DK2(EK1(P(x))) = C(x)
- Encrypt plaintext with key K1, decrypt with key K2, & encrypt the result with key K3.

Now the decryption scheme is as follows:

- DK3(EK2(DK1(C(x))) = P(x)
- Decrypt the plaintext with key K1, encrypt with key K2, & decrypt the result with key K3.

Where:

- The plaintext is P(x)
- C(x) is the ciphertext
- EK is the key-based encryption
- DK denotes decryption with key K

## When to utilize DES instead of Triple DES:

The DES block cipher method is particularly suitable for low-memory hardware computing units because the same code or circuit architecture may be used for decryption and encryption.

Only a year later, in 1978, was the Triple-DES method implemented. It employs three DES rounds for encryption and decoding. This system uses a 168-bit key, providing increased security but is slower than routine DES implementation.

In 1999, a Triple DES variant that uses the same key for all three runs of the DES (as well as inverse-DES) algorithm was introduced. The 2-TDES method is used here, with a key size of 112 bits.

Three DES passes rather than two are intended to avoid Man in the Middle attacks. An adversary could read the encrypted output of the DES pass at each end of the stream in a situation with Double-DES implementation. The relationships among the block set and the mathematical operator, could then be determined by brute force. Keys that provide identical results in each direction could likewise be recognized as potential DES implementation solutions. This is a classical collision attack, which may be faster than a brute-force attack.

Here are the specifications from NIST (publication 800-67):

In 1977, single DES offered 56-bit security, which needed to be improved compared to rival methods.

Double DES increased security to 72 bits.

Until 2009, the 80-bit level of security of the 2-key Triple DES, which utilizes the same key values for Keys K1 & K3, was sufficient.

At last, the Triple DES system, which employs three distinct keys, provides a 100-bit level of safety that is considered adequate until 2030.

## DES 3-KEY TRIPLE:

Before beginning to use 3TDES, the user needs to develop and distribute the 3TDES key K, which consists of three separate DES keys, K1, K2, and K3. Hence, the actual 3TDES key is 356 = 168 bits long. The encryption process is described below.

The encryption-decryption procedure is as follows:

- Plaintext block encryption using a single DES key, K1.
- Encrypt the result of step 1 with single DES and key K2. Finally, use single DES using key K3 for encryption of the outcome of step 2.
- Step 3 yields the ciphertext.
- The decryption of ciphertext is a backward procedure. The user decrypts first with K3, then with K2, and then with K1.

Because Triple DES is designed as encrypt-decrypt-encrypt operations, a 3TDES (hardware) application for a single DES might be used by setting K1, K2, and K3 to the same value.

The second form of triple-DES (2TDES) is identical to the third variant (3TDES), except that K1 replaces K3. To put it another way, the user encrypts the plaintext block using key K1, decrypts it with key K2, and then encrypts it again with key K1. As a result, the key length for 2TDES is 112 bits.

Triple DES system is substantially safer than single DES systems, but they are a much longer process than single DES encryption.

## Key Features of 3DES:

**3DES Block Cypher Encryption Key Features:** 3DES is a block cipher encryption technique that operates on a 64-bit block of simple text at a time.

**Symmetric key encrypting:** 3DES employs a symmetric key encrypting scheme, which means that the same key is utilized for both encryption & decryption.

**Triple Layer Encryption:** (3DES) encrypts plain text three times with three separate keys, therefore the name Triple DES.

**Variable Key Size:** 3DES enables variable key sizes ranging from 128 - 192 bits compared to DES.

## 3DES Advantages:

**Enhanced Security:**Compared to DES, the triple-layered encryption technology of 3DES gives greater security.**Widely Used:**3DES is a popular encryption method incorporated in many standard encryption methods & protocols.**Compatible:**3DES is backward compatible with DES and can be utilized in older DES systems.**Customizable Key Sizes:**3DES enables varying key sizes, making it more flexible to security requirements.

## 3DES's Limitations:

**Slow Speed:**3DES is slower than other encrypted algorithms because of its triple-layered encryption method.**Limited Key Size Options:**While 3DES supports a variety of key sizes, a maximum length of a key is just 192 bits, which may need to be increased for some applications' security requirements.

## 3DES Applications:

3DES is frequently utilized in a variety of applications, including:

**Financial Transactions:**3DES safeguards economic activities like Internet banking, processing of credit cards, & electronic fund transfers.**Virtual private networks (VPNs):**3DES protects virtual private networks (VPNs), allowing remote sites to interact securely.**Healthcare Systems:**3DES safeguards patient data in healthcare systems, including electronic health records & medical imaging systems.**Government Communications:**3DES is used to encrypt government communications, including military communications, for safe data transfers.

## Conclusion:

Triple DES is a popular encryption algorithm that offers increased security due to its triple-layered encrypting technique. While it has significant drawbacks, such as slower speed and fewer key size possibilities, it is widely utilized in various applications, including banking transactions, healthcare systems, and government communications. For organizations wishing to secure sensitive data, 3DES is a fantastic solution.