On the Security of 2-Key Triple DES. / Mitchell, Christopher J.

In: IEEE Transactions on Information Theory, Vol. 62, No. 11, 11.2016, p. 6260-6267.

Research output: Contribution to journalArticle

Published

Documents

Links

Abstract

This paper reconsiders the security offered by 2- key triple DES, an encryption technique that remains widely used despite recently being de-standardised by NIST. A generalisation of the 1990 van Oorschot-Wiener attack is described, constituting the first advance in cryptanalysis of 2-key triple DES since 1990. We give further attack enhancements that together imply that the widely used estimate that 2-key triple DES provides 80 bits of security can no longer be regarded as conservative; the widely stated assertion that the scheme is secure as long as the key is changed regularly is also challenged. The main conclusion is that, whilst not completely broken, the margin of safety for 2-key triple DES is slim, and efforts to replace it, at least with its 3-key variant, and preferably with a more modern cipher such as AES, should be pursued with some urgency.
Original languageEnglish
Pages (from-to)6260-6267
Number of pages8
JournalIEEE Transactions on Information Theory
Volume62
Issue number11
Early online date19 Sep 2016
DOIs
Publication statusPublished - Nov 2016
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 26925003