Double-DES is two successive DES instances, while Triple-DES is three successive DES instances.
Use 3DES and not 2DES because 2DES does not yield the security
increase that you would believe. Namely, 2DES uses 112 key bits (two
56-bit DES keys) but offers a security level of about 257, not 2112, because of a "meet-in-the middle attack" which is well explained there
(not to be confused with "man-in-the-middle", a completely different
concept). Similarly, 3DES uses 168 key bits, but offers "only" 2112
security (which is quite sufficient in practice). This also explains
why 3DES is sometimes used with a 112-bit key (the third DES key is a
copy of the first): going to 168 bits does not actually make things more
secure.
This can be summarized as: we use n-DES because a simple DES is too weak (a 56-bit key can be brute-forced by a determined attacker), but in order to really improve security, we must go to n ≥ 3.
Of course, every additional DES implies some computational overhead
(simple DES is already quite slow in software, 3DES thrice as much).
No comments:
Post a Comment