Skip to content
Advertisement

Why PyCryptoDome’s 3DES algorithm uses 128-bits or 192-bits key instead of 56-bits?

According to Wikipedia, 3DES’s cipher uses a 56-bits encryption key to encrypt data; but Pycryptodome’s 3DES class uses either 128-bits or 192-bits encryption key. Also both Pycryptodome’s AES’s and 3DES’s encryption speed are same, output is similar. Am I doing something wrong or is this 3DES a bit different?

Here’s my code to encrypt data with 3DES algorithm in Python:

from Crypto.Cipher import DES3
from Crypto import Random

key = 'Sixteen byte key'
iv = Random.new().read(DES3.block_size)
cipher_encrypt = DES3.new(key, DES3.MODE_OFB, iv)
plaintext = "Some data to encrypt with 3DES"
encrypted_text = cipher_encrypt.encrypt(plaintext.encode("utf-8"))

cipher_decrypt = DES3.new(key, DES3.MODE_OFB, iv)
cipher_decrypt.decrypt(encrypted_text)

Advertisement

Answer

Single DES has 56-bit effective key size, it is not 64. 8-bit is used for parity bits. 64-bit key size is in the standard and they are mostly discarded even before testing the parity of the each byte of the key.

DES was insecure for bruteforce therefore 2DES and 3DES was suggested for a workaround.

3DES defined as c = E(k3,D(k2,E(k1,m))) where E means encrypt D means decrypt.

There are 3 options for 3DES

  1. T3DEA which uses 3 independent keys, k1,k2, and, k3 with a 56*3 = 168-bit key size.
  2. 2TDEA which uses 2 independent keys where k1 = k3 with a 56*2 = 112-bit key size
  3. This time all keys are the same, k1=k2=k3 and we get a single DES, which already is insecure.

Although the option 1 and 2 can be seen as secure, they are not. The 64-bit block size of DES make it vulnerable to sweet32 attack like any other 64-it block size cipher. Either use AES with GCM or use ChaCha20 with Poly1305.

Note that the pycryptodome document already mentions this in a similar manner, too, since this is the standard.

key (bytes/bytearray/memoryview) – The secret key to use in the symmetric cipher. It must be 16 or 24 byte long. The parity bits will be ignored.

option 3 ( singe DES) is not supported and the library requires the keys 16 or 24 bytes where the parity bits are included. They are ignored, not checked. You can simply have 16 or 24-byte long random keys.

User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement