Topics

A comment for the note of 3-Key Triple DES in the e-Government Recommended Ciphers List

December 13, 2005
CRYPTREC
Cryptographic Technique Monitoring Subcommittee

May 19, 2005: NIST has announced the withdrawal of the (single) Data Encryption Standard (DES) as specified in FIPS 46-3 because DES no longer provides the security that is needed to protect Federal government information(*1). On behalf of FIPS 46-3, NIST has completed Special Publication 800-67(*2), Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher. NIST is also encouraged to use TDEA and Advanced Encryption Standard (AES) since October 25, 1999.
On the other hand, the 3-Key Triple DES(*3) in the e-Government Recommended Ciphers List is noted as follows.
(Note3) When constructing a new system for e-Government,
128-bit block ciphers are preferable if possible.
(Note4) The 3-key Triple DES is permitted to be used
for the time being under the following conditions:
1) It is specified as FIPS 46-3
2) It is positioned as the de facto standard
As the above NIST's announcement keeps consistency with the specification of the 3-Key Triple DES in the e-Government Recommended Ciphers List, Cryptographic Technique Monitoring Subcommittee on June 20, 2005 and CRYPTREC Advisory committee on October 12, 2005 decided on an addition of the following information table at the end of the List without changing the body.

Information table for the E-Government Recommended Ciphers List
Date Location Before After Reason
October 12, 2005 Notes: 1) in (Note 4) It is specified as FIPS 46-3 It is specified as SP 800-67 A change of pointer to the spec document

(*1)http://csrc.nist.gov/publications/fips/05-9945-DES-Withdrawl.pdf
(*2)http://csrc.nist.gov/publications/nistpubs/800-67/SP800-67.pdf
(*3)Triple Data Encryption Algorithm (TDEA) can be optionally implemented using two identical keys and a third that is different. But CRYPTREC permits only using three distinctly different keys (called 3-key Triple DES).

If you have any opinion, comment, or inquiry about this topic, please contact us at the following address.
CRYPTREC Secretariat
E-mail : mail address