Edit WYSIWYGattachfile Attach PDF Raw View►More Actions▼More Actions


Restore topic to revision: You will be able to review the topic before saving it to a new revision

Copy text and form data to a new topic (no attachments will be copied though).
Name of copy:
You will be able to review the copied topic before saving

Rename/move topic... scans links in all public webs (recommended)
Rename/move topic... scans links in CBI_ComputerSecurity web only
Delete topic... scans links in all public webs (recommended)
Delete topic... scans links in CBI_ComputerSecurity web only

Revision Date Username Comment
705 Mar 2015 - 13:54sever408? 
605 Mar 2015 - 13:52sever408? 
505 Mar 2015 - 13:35sever408? 
405 Mar 2015 - 01:18sever408? 
305 Mar 2015 - 00:00sever408?(minor)  
204 Mar 2015 - 23:25sever408? 
104 Mar 2015 - 19:07sever408? 

Render style:     Context:


 History: r7 < r6 < r5 < r4 < r3
[X] Hide this message.
Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the University’s Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu
You are here: UMWiki>CBI_ComputerSecurity Web>WebPreferences>DraftTripleDES (revision 7)

Current Activitieslock Who is Who?lock People Programs Publications CSHW_2014 Systems Events Mechanisms

Triple-DES is an encryption standard that describes the Triple Data Encryption Algorithm (TDEA, used interchangeably with TDES), which applies the Data Encryption Algorithm multiple times with different keys in order to enhance encryption strength. At time of writing, NIST has authorized Federal organizations to use TDEA to protect sensitive, unclassified data. (1)

Rationale behind TDES

Single DES was created in the 1970's, containing a "key size" that even then was considered small. In the late 90's, the security company RSA issued "challenges" with cash prizes for decrypting a partial known plaintext phrase, half of which was disclosed to competitors, with knowledge of the latter half serving as proof that the encryption had been broken. (2) The first challenge broke the key in less than three months, but used only computers volunteered by private individuals -- home PCs, in other words. Further challenge winners broke the key in a matter of hours, using dedicated hardware well within the economic limits of a foreign government's procurement. As it became clear to US officials that DES could now be broken by both distributed and super-computing methods, NIST began developing the Advanced Encryption Standard (3), as well as exploring stopgap measures while that was being developed. The third challenge discovered the secret DES key in 22 hours on January 18th, 1999; the same year, a revision of the NIST document banned the implementation of DES in new systems.

Public Recognition

TDEA was first authorized for Federal cryptographic use in a Federal Information Processing Standards publication in 1999, replacing DEA as the preferred symmetric key encryption scheme; DEA only retained NIST approval for use in legacy systems. (4) In 2005, FIPS 46-3 was withdrawn by order of the Secretary of Commerce, downgrading the use of TDEA from a standard, to a "phase-out" stage in which DEA has been totally disallowed from securing sensitive data and TDEA is an approved method only until 2030. This 2030 sunset is intended to give organizations time to transition to AES, which has been approved for use with both unclassified and classified Federal information. (5)(6)(7)

Notes

1 , 6 : http://csrc.nist.gov/publications/nistpubs/800-67-Rev1/SP-800-67-Rev1.pdf

2 : Reports from the winners of each of the three contests can be found here: DES-I (http://www.interhack.net/pubs/des-key-crack/#rsa:des97), DES-II (http://gilchrist.ca/jeff/distrib-des2-2.html), DES-III(https://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19990119_deschallenge3.html , http://www.distributed.net/DES)

3 : http://csrc.nist.gov/archive/aes/pre-round1/aes_9701.txt

4 : FIPS 46-3, section 12: http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf

5 : http://www.gpo.gov/fdsys/pkg/FR-2005-05-19/pdf/05-9945.pdf

7 : http://csrc.nist.gov/groups/ST/toolkit/documents/aes/CNSS15FS.pdf


Topic revision: r7 - 05 Mar 2015 - 13:54:02 - sever408
 
Signed in as lewi0740 (NicLewis) | Sign out
UMWiki UMWiki
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UMWiki? Send feedback