3DES Will Blow Your Mind

It would take 32 TRILLION years to crack 3DES with a super computer.  The Universe has been around for about 13 billion years.

Even if advanced interstellar travelers brought us a machine that could crack DES in ONE minute, it would still take 260,000 years to crack 3DES.  Yeah.

3DES is a symmetric encryption machine.  It encrypts the hell out of data making it near-impossible to figure out the original form in a reasonable time.  3DES is gonna be around for a long time even though AES is a stronger algorithim.

Stuff About 3DES

  • Applies DES 3 times (encrypt, encrypt/decrypt, encrypt) with different keys

  • Technically has a key length of 168 bits (DES uses 56 bit key length, 56×3), but effectively uses 112 bits (56×2)  to prevent MITM attacks

  • 64 bit symmetric block cipher, just like DES

DES has been cracked.  It would have been secure back in the days of the Cray X-MP, but now we have multiple processors load balanced to work in parallel and crack DES in about a week.

It is the sheer amount of time that has to be taken (with supercomputers) to crack 3DES which makes it a stronger option over DES.

Meaning, it takes longer to crack.

To prove this to myself, I used a neat little program called Cryptool to perform the following steps:

Choose Plaintext

Below is a piece of plaintext about private network information that needs to be encrypted.

Create an Encryption Key

As we’re all learning in our CISSP studies, DES uses a 64 bit key length with 56 bits being usable.

3DES in this instance is using DES twice with 112 usable bits.

The symmetric key is the numbers 1-9 repeating over.

Resulting Ciphertext

 

 

 

 

Work Factor

As you can see, a brute force on 3DES using ECB is going to take a significantly longer period of time than DES using ECB.

To be precise, it would take 21 SEXTILLION years to crack 3DES with my computer (not taking into account Moore’s Law).

DES would take 17,000 years.

 

Fun Note

I’m in my early 30s, and currently running an  Intel i7 CPU 3.0 Ghz with 8GB of RAM.

If I live to be 100 years old, the progress on either of those brute force attacks will probably still remain at 0%.

The Cryptography domain was intimidating at first, but after reading such mind blowing numbers and what measures are taken to provide confidentiality, integrity, and non-repudiation, cryptography started to become pretty cool.

 

  • param83

    Thanks for the info.
    Can you please clarify on when one will chose AES over 3DES (I mean under what scenario or situation)?

  • studynotesandtheory

    @param83:disqus Sure, I’ll give you an example from real life!

    So at my job we setup a lot of connections that require strong encryption. We always suggest that customers use AES over 3DES, as it is the stronger encryption suite. But it is also slower because of all the math calculations. But when I say slower, it means just seconds slower, so not that much of a difference.

    Also, if you are using a hashing algorithm like SHA, it is best coupled with an encryption such as AES, to combine the strengths of both the strongest encryption and hashing algorithm. Does that make sense? If we are using 3DES for encryption, then we suggest MD5 for hashing, and not SHA. If we use AES for encryption, we don’t recommend using a weaker hashing like MD5.

    So 3DES goes with MD5, and AES goes with SHA. Does that help? Let me know! Thanks!

    So to basically answer your question, AES is the stronger encryption that should be used over 3DES!

  • ofus

    3DES is old, slower, and vulnerable to multiple attacks. Always use AES over 3DES. Never, ever, ever use MD5, which has been broken for a long time.

    • studynotesandtheory

      Agreed 100%.

Search