I am implementing an application that needs to use TripleDES encryption with keys of size 112 bits (14 bytes), is that possible in C#, since the documentation states that the algorithm permits keys only in the range 128-192 bits.
1
-
I wonder what would happen if you left pad the 112 bit key with zero bytes to make it 128.Roland Mai– Roland Mai2012-09-02 12:43:18 +00:00Commented Sep 2, 2012 at 12:43
Add a comment
|
1 Answer
The 128-bit key size is the 112-bit version. With each 64-bit DES key, 8 bits are parity.
[Edit: Following paragraph is from an incorrect reading of the above question, which is two-key TripleDES rather than DoubleDES. Thanks to GregS for pointing this out.]
Also note that double DES is not stronger than normal DES due to a meet in the middle attack. Only use double DES for backwards compatibility. Consider AES for most purposes (or the older RC4 for SSL until TLS 1.1. or better BEAST attack protection is more prevalent).
7 Comments
akton
@JonSkeet It does two rounds of encryption so yes brute forcing it takes longer. However, if you have access to both the ciphertext and plaintext, the man in the middle attack is possible and almost halves the protection. That is why TripleDES is in common use rather than DoubleDES.
akton
@GregS, yes, you are correct. I misread the original question. I will fix my answer.
Ibrahim Najjar
So i have received the 14 bytes to use as the DES key over the network, how to make them work with your explanation, should i pad the key, should i set the parity bits my self, or what to do ?
akton
@Sniffer TripleDES can run in two key or three key modes so you were not wrong before. As with most things cryptographic, it's just more complex than you (,me and everyone else) first thought.
|