MFT Resource Center


3DES is an encryption algorithm widely used in the finance industry. It improves upon the earlier block cipher DES and brings various benefits, such as its ease of implementation in hardware and software and its widespread support among cryptographic libraries and protocols.

3DES has been deprecated for use in applications since 2018. The cipher is scheduled to reach its end-of-life term after 2023.

What Does 3DES stand for?

The term 3DES first appeared in a 1995 RFC 1851 document. 3DES was built from an older encryption algorithm, DES, which stands for Data Encryption Standard. Its official names are Triple DES and Triple DEA (Data Encryption Algorithm).

Meaning of 3DES

All of 3DES's name variations reference how the cipher implements the DES algorithm three times for stronger security.

What is 3DES?

To understand how 3DES is used, it's necessary to review the underlying DES algorithm.

A Brief History of DES

In 1977, the National Security Agency (NSA) adopted DES as an official standard for the United States (US). DES has a key length of 56 bits and uses substitution boxes to obscure the relationship between its key and ciphertext.

Critics faulted these features and declared DES too insecure and vulnerable to brute force attacks; they even accused the NSA of deliberately weakening the standard to create a backdoor entrance. Nevertheless, the US federal government used DES as the standard cipher for unclassified data until 2002, when AES publicly emerged as a replacement.

The National Institute of Standards and Technology (NIST) delisted DES in 2005. Despite its inherent weaknesses, DES often receives credit for catalyzing modern-day academic research of cryptography.

How Does DES work?

DES uses a block cipher algorithm: A 64-bit block of plaintext data undergoes two permutations and 16 rounds of transformations to become encrypted ciphertext.

The transformations operate on one half of the block at a time. They are defined by the Feistel function, or F-function, which mixes a subkey into the bits, replaces the mixed bits with substitution boxes (S-boxes) from a table of lookup values, and permutes the S-box outputs into values known as P-boxes.

Since each 32-bit half block undergoes identical transformations in alternating rounds, DES has a symmetrical structure. This means DES encryption and decryption use the same algorithm and cost fewer computing resources.

DES also uses a 64-bit key. However, 8 bits are reserved for parity checking and eventually discarded; hence, the effective key length is 56 bits.

3DES Security: Tripling 56-Bit Keys

As computing speed and power evolved, DES became increasingly susceptible to brute force attacks. In 1995, an experimental network working group published RFC 1851 to recommend 3DES as a replacement for DES.

3DES strengthens DES security by using not one, not two, but three 56-bit DES keys. The 3DES encryption algorithm is described as follows, where K1, K2, and K3 are the three 56-bit keys:

3DES Encryption Algorithm

  1. Encrypt the plaintext using the DES algorithm and K1.
  2. Decrypt the resulting encrypted output using the DES algorithm and K2.
  3. Encrypt the resulting decrypted output using the DES algorithm and K3. 

This encryption algorithm outputs the 3DES ciphertext.

3DES Decryption Algorithm

The 3DES decryption algorithm works in the reverse:

  1. Decrypt the cyphertext using the DES algorithm and K3.
  2. Encrypt the resulting decrypted output using the DES algorithm and K2.
  3. Decrypt the resulting encrypted output using the DES algorithm and K1.

This decryption algorithm recovers the original plaintext.

Three-key 3DES is a method that strengthens 3DES security by specifying K1, K2, and K3 as independent key values. With a total key length of 168 bits, three-key 3DES is the only form of 3DES approved by NIST for current usage.

How is 3DES Used?

Since its adoption in the late 1990s, 3DES gained widespread usage in private industry. 3DES is particularly prominent in the finance and payments sector and underlies the worldwide EMV standard used to secure, chip-enabled credit card transactions.

Certain browser and media applications, such as Firefox and Mozilla Thunderbird, use 3DES to encrypt authentication credentials.

Is 3DES Still Secure?

Although more secure than DES, the 3DES standard remains vulnerable to certain kinds of attacks, including:

  • Meet-in-the-middle attacks
  • Chosen-plaintext attacks
  • Known-plaintext attacks
  • Block collision attacks, such as Sweet32

AES Replacement

As such, experts prefer the faster and more secure AES. OpenSSL and Microsoft dropped 3DES from their services in 2016 and 2018, respectively. In 2018, NIST issued a special publication disallowing 3DES usage after 2023.