Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

TripleDES key sizes - .NET vs Wikipedia

According to Wikipedia, TripleDES supports 56, 112, and 168-bit key lengths, but the System.Cryptography.TripleDESCryptoServiceProvider.LegalKeySizes says it only accepts 128 and 192-bit key lengths.

The system I'm developing needs to be interoperable (data encrypted by my code needs to be decryptable in PHP, Java, and Objective-C) and I don't who is correct in this case.

So who should I believe? And how can I be sure my encrypted data is portable?

like image 650
Dai Avatar asked Jul 20 '11 17:07

Dai


People also ask

How long is a 128-bit key?

A 128-bit level of encryption has 2128 possible key combinations (340,282,366,920,938,463,463,374,607,431,768,211,456 – 39 digits long) and 256-bit AES encryption has 2256 possible key combinations (a number 78 digits long).

What is the recommended key length for RSA?

Since 2015, NIST recommends a minimum of 2048-bit keys for RSA, an update to the widely-accepted recommendation of a 1024-bit minimum since at least 2002.

What is the size of the key in Triple DES?

Triple DES specifies the use of three distinct DES keys, for a total key length of 168 bits.

What is the size of the key in the algorithm?

In cryptography, key size or key length is the size (measured in bits or bytes) of the key used in a cryptographic algorithm (such as a cipher). Typical key sizes in modern symmetric ciphers are 128, 192, and 256 bits. Older symmetric ciphers used only 40, 56, or 64 bits, which can be broken by brute force.


1 Answers

Wikipedia does not say TripleDES supports 56 bit keys. The "keying options" talk about "triple-length" keys and "double-length" keys, the latter "reduces the key size to 112 bits". The effective key size for the original DES is 56 bit. Such a key is constructed from 64 bit input though, where 8 bits remain unused. The "triple-length" key option thus works with a three times 56 bit (=168) constructed from three times 64 bit (=192 bit) and the "double-length" option works with two times 56 bit keys (=112) constructed from two times 64 bit (=128).

As your TripleDESCryptoServiceProvider needs to derive the actual keys from the 64 bit-based input first, it will only take either 128 bits (double-length) or 192 bits (triple-length) as input and then internally derive the 168 or 112 bit actual keys from that input.

That's standard procedure for TripleDES, so you should have no problems with portability across platforms.

like image 132
emboss Avatar answered Sep 28 '22 12:09

emboss