3DES Encryption Algorithm - IPsec VPN Tutorial Guide
3DES (Triple DES or Three DES)
3DES is simply the DES symmetric encryption algorithm, used three times on the same data. Data is encrypted, and then the same data is encrypted two more time using DES encryption algorithm, and hence where the name triple DES came from. Of course this makes the encryption stronger and more difficult to break.
3DES or Triple DES, however, was later replaced by AES which proves to be the strongest encryption algorithm.
3DES is a block cipher which uses 48 rounds in its computation (transpositions and substitutions), and has a key length of 168 bits.
The process of 3DES works as follows;
1) Data is encrypted using a 56-bit key
2) Data is decrypted using a different key
3) Data is encrypted using a completely new key
When the 3DES process is complete, data is sent to its final destination.
However 3DES works in a number of other modes as well. As shown above, it is basically encrypted, decrypted and finally encrypted again using 3 different keys. This is known as DES-EDE3.
There are also the following modes as described below:
- DES-EDE3 – Encrypt, Decrypt and Encrypt with 3 unique keys as mentioned above.
- DES-EEE3 – A block of data is encrypted, and encrypted again with a different key and finally encrypted once more with another key, using a total of 3 unique keys.
- DES-EDE2 – Here we only use two keys, in which the first and last encryption is done using exactly the same key.
- DES-EEE2 – Finally, this also uses two keys, the first and last encryption is done using the same key.
If you’re wondering what happened to Double-DES? This was also developed and tested but was later found to have weaknesses and is no stronger than DES, and so was considered obsolete.
As well as DES and 3DES, some other common symmetric encryption algorithms are AES, blowfish, Twofish, IDEA, CAST, SAFER, Skipjack and RC.
Further Reading
Wikipedia's guide to 3DES (Triple DES)