Triple DES

In cryptography, Triple DES is a block cipher derived from the Data Encryption Standard (DES) cipher by using it three times. Triple DES is also known as TDES or, more standard, TDEA (Triple Data Encryption Algorithm ^[1]).

When it was discovered that a 56-bit key of DES is not enough to protect from brute force attacks, TDES was chosen as a simple way to enlarge the key space without a need to switch to a new algorithm. The use of three steps is essential to prevent meet-in-the-middle attacks that are effective against double DES encryption.

In general TDES with three different keys (3-key {k₁, k₂, k₃} TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3-key TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. A variant, called two-key TDES (2-key TDES), uses k₁ = k₃, thus reducing the key size to 112 bits and the storage length to 128 bits. However, this mode is susceptible to certain chosen-plaintext or known-plaintext attacks ^{[2] [3]} and thus it is designated by NIST to have only 80 bits of security ^[4].

By design, DES and therefore TDES, suffer from slow performance in software.^[5] TDES is better suited to hardware implementations^[5], and indeed where it is still used is likely to be within a hardware implementation.

TDES is slowly disappearing from use, largely replaced by the Advanced Encryption Standard (AES). One large-scale exception is within the electronic payments industry, which still uses 2TDES extensively and continues to develop and spread standards based upon it (e.g. EMV, the standard for inter-operation of IC cards; also called "Chip cards", and IC capable POS terminals and ATM's). This guarantees that TDES will remain an active cryptographic standard well into the future.

• DES-X
• Data Encryption Standard (DES)
• Advanced Encryption Standard (AES)