Add to collection(s) Add to saved
  1. No category
Uploaded by Michael Mitchell

The Triple Data Encryption Standard

advertisement 
The Triple Data Encryption Standard
With roots in the Data Encryption System (DES), the Triple Data Encryption System
(TDES) was first published in 1995 and is still utilized today as a secure method of encryption.
The TDES is a symmetrical block cipher with a key length of 168 bits, significantly longer than
its predecessor with a key length of only 56-bits (Davies et al., 2019). The goal of this research
paper is to explore the different facets of the TDES and how they work, giving us further insight
into the varieties of encryption techniques in modern day cryptography.
To understand the TDES, it is essential to understand the DES since the TDES is simply
a revitalized version of the DES. The DES was first developed in the early 1970s and influenced
by an algorithm designed by Horst Feistel. It ultimately became the US Government’s encryption
standard, filling this role until the late 90s when it became obsolete and reimplemented as the
TDES. In 1999, it was found that the DES in its original implementation could be cracked in as
little as 23 hours by a brute force attack. With the increase in computational power and decrease
in the cost of computer hardware, it was apparent that the standard had to be revised. Due to its
simple implementation and low cost of computational power, the DES is still used in smart cards
and limited-resource appliances (Phillips, 2018).
As I mentioned before, TDES is a symmetrical block cipher. Being symmetrical means
that the encryption and decryption of text is dependent only on a single cryptographic key that is
withheld by both parties in the communication. This is unlike encryption standards such as RSA
several others, which utilize a system of private and public keys to encrypt and decrypt messages
between individuals (Villanueva, 2015). Being a block cipher means that the cryptographic key
is applied to blocks of data (such as 64 contiguous bits) at a time. This method is generally better
when the size of the data is known, such as encrypting a file or specific-sized database field. This
is opposed to a stream cipher, which encrypts and decrypts text bit by bit. This method is better
for data with an unknown or irregular size, or if the data is being streamed continuously (Gibson,
2017).
With the lack of security in the original DES, the TDES was instituted, and is quite
simply the DES applied three times. Utilizing the DES algorithm, text is encrypted, decrypted,
and encrypted again, effectively tripling the key length from 56-bits to 168-bits. There are two
different effective key options: all the keys are independent (full 168-bit key strength), or two
keys are independent and the third key is the same as one of the first two (gives 112-bit key
strength). The first is by far the strongest, but with strength follows computational complexity
and time. The second key option is not as secure but is less complex and more efficient on time,
potentially sufficient depending on the application (Phillips, 2018).
Because the TDES is just the DES applied three times (Encrypt – Decrypt – Encrypt), a
breakdown of the process of DES is appropriate. The DES algorithm consists of three main
steps: the initial permutation, the round function that is repeated 16 times, and the final
permutation. In the initial permutation, the algorithm reorders the plaintext using a predefined
table method, rather than randomization (Figure 1). Essentially, each bit position of the plaintext
from one to sixty-four goes into its numbered position in the table, and the output string is each
row of the new table from top to bottom (Davies et al., 2019).
The round function is the bulk of the DES algorithm and consists of four major functions
or processes: The E function, exclusive-or, the DES S-Boxes, and the P function. The E function
takes in a 32-bit input (cutting the initially permuted plaintext in half and processing each string
separately) and expands it into a 48-bit block. This is done using a similar table-based method
that was used in the initial permutation (Figure 2). With each value in the table representing the
index or position in the 32-bit string being encrypted, the first two columns become the first two
bits for the new 6-bit block. The remaining 4 columns indicate the positions that will become the
four remaining bits for the new 6-bit block. In total, the expansion will result in 8 6-bit blocks,
expanding to a 48-bit block. The exclusive-or stage goes through a process of executing an
exclusive-or logical operator to the new 48-bit output with a 48-bit round key that is generated
after the initial permutation (Davies et al., 2019).
In the S-Box (Substitution Box) stage, the result from the previous step is broken into 8
6-bit pieces, and each piece is passed into its own unique S-Box (Figure 3). For each 6-bit piece,
the outer two bits are used to identify the row of the S-Box to use and the inner four bits are used
to determine which column to use. The S-Box is effectively downsizing each 6-bit piece back
down to 4-bits, returning to the original 32-bit size (Davies et al., 2019).
The final P function is another permutation function that has a 32-bit block as input from
the previous step and a 32-bit block output. The function has a permutation table (Figure 4) that
is not quite as structured as the initial permutation function, but it is not random and uses the
same process for each of the 16 rounds of DES. After the 16 rounds of DES, the final
permutation occurs, which is simply the inverse of the initial permutation that was conducted at
the beginning of the process (Davies et al., 2019).
With new and improved methods of cryptography, TDES sees less utilization in the
world of encryption. With a small block size of only 64-bits, messages encrypted with TDES are
susceptible to certain attacks such as block collision. However, TDES still finds its uses in the
electronic payment industry, password encryption, and website authentication for login
credentials (Phillips, 2018).
In summary, TDES is a cryptographic algorithm that has its roots in one of the earliest
encryption techniques developed and is still a viable method of encryption depending on the
means of its use. It is also notable that the implementation of the algorithm is relatively simple,
and it delivers its security by repeating its processes numerous times. Although there have since
been methods that have surpassed it in efficiency and security, DES and TDES remain as a
strong base for symmetric block ciphers and could even be improved upon as technology
advances.
Figure 1: Table used for initial permutation.
Figure 2: Table used for E function.
Figure 3: Example of an S-Box.
Figure 4: Permutation table used for P function.
References
Davies, I., Poston, H., & Dhandhania, K. (2019). A Detailed Description of DES and 3DES
Algorithms (Data Encryption Standard and Triple DES). Retrieved December 3, 2019, from
https://www.commonlounge.com/discussion/5c7c2828bf6b4724b806a9013a5a4b99.
Gibson, D. (2017, March 17). Symmetric Block Cipher Versus Stream Cipher. Retrieved December
3, 2019, from https://www.linkedin.com/pulse/symmetric-block-cipher-versus-stream-darrilgibson.
Phillips, G. (2018, June 21). 5 Common Encryption Types and Why You Shouldn't Make Your
Own. Retrieved December 3, 2019, from https://www.makeuseof.com/tag/common-encryptiontypes/.
Villanueva, J. C. (2015, March 15). Symmetric vs Asymmetric Encryption. Retrieved December 3,
2019, from https://www.jscape.com/blog/bid/84422/Symmetric-vs-Asymmetric-Encryption.
Related documents
homework-02
homework-02
planning a fair test
planning a fair test
CSIS 5857: Encoding and Encryption Assignment 2: DES and AES
CSIS 5857: Encoding and Encryption Assignment 2: DES and AES
1. Which of the following refers to coding and... data protection against unauthorized access where the same key is...
1. Which of the following refers to coding and... data protection against unauthorized access where the same key is...
2012
2012
Download
advertisement