ITL Bulletin: Guidance on TDEA Block Ciphers (November 2017)   [open pdf - 163KB]

Alternate Title: Information Technology Laboratory (ITL) Bulletin: Guidance on TDEA Block Ciphers (November 2017)

This document is the Information Technology Laboratory (ITL) Bulletin for November 2017 from the National Institute of Standards and Technology. From the introduction: "As computing power becomes faster and cheaper, cryptographic methods that were reliable and secure yesterday become less so today. Only a few years after Gordon Moore, co-founder of Intel Corporation, noted that the number of transistors in a dense integrated circuit doubles approximately every two years, in 1977, the Data Encryption Algorithm (DEA) was adopted. A few decades later, computers had sufficient power to allow a successful brute force attack rather quickly. Fortunately, that same increase in power enabled stronger encryption, and the Triple Data Encryption Algorithm (TDEA) was introduced. TDEA provides a straightforward method for using three keys but remains compatible with DEA in one mode of its use. These three keys are collectively called a key bundle. But today, brute force attacks on TDEA are practical and inexpensive. With ciphers, it is important to consider the suitability of the algorithm for the intended purpose. The strength of a physical padlock may be sufficient for a gym locker but should not be used to lock the gate to Fort Knox. The National Institute of Standards and Technology (NIST) periodically provides recommendations about conditions under which a cryptographic algorithm should be applied. This guidance, while useful for anyone, is mandatory for federal agencies, federal contractors, and other organizations that process information on behalf of the federal government. To that end, NIST has created Special Publication (SP) 800-67, Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, which describes TDEA and the DEA cryptographic engine, and provides restrictions on TDEA usage."

Public Domain
Retrieved From:
National Institute of Standards and Technology: http://www.nist.gov/
Media Type:
Help with citations