On the Security of Double and 2-Key Triple Modes of Operation


The DES has reached the end of its lifetime due to its too short key length and block length (56 and 64 bits respectively). As we are awaiting the new AES, triple (and double) encryption are the common solution. However, several authors have shown that these multiple modes are much less secure than anticipated. The general belief is that these schemes should not be used, as they are not resistant against attacks requiring 2 chosen plaintexts. This paper extends the analysis by considering some more realistic attack models. It also presents an improved attack on multiple modes that contain an OFB mode and discusses practical solutions that take into account realistic constraints.

DOI: 10.1007/3-540-48519-8_16

Extracted Key Phrases

7 Figures and Tables

Cite this paper

@inproceedings{Handschuh1999OnTS, title={On the Security of Double and 2-Key Triple Modes of Operation}, author={Helena Handschuh and Bart Preneel}, booktitle={FSE}, year={1999} }