PrepAway - Latest Free Exam Questions & Answers

What is this DES variant?

The ANSI X9.52 standard defines a variant of DES encryption with keys k1, k2, and k3 as: C = Ek3 [Dk2
[Ek1 [M]]] What is this DES variant?

PrepAway - Latest Free Exam Questions & Answers

A.
Double DES with an encryption and decryption with different keys

B.
Triple DES in the EEE mode

C.
Triple DES in theEDE mode

D.
DESX

Explanation:

This version of triple DES performs an encryption (E) of plaintext message M with key k1, a
decryption (D) with key k2 (essentially, another encryption), and a third encryption with key k3.
Another implementation of DES EDE is accomplished with keys k1 and k2 being independent, but
with keys k1 and k3 being identical. This implementation of triple DES is written as: C = Ek1 [Dk2 [Ek1
[M]]] Answer a is incorrect since, in DESX, input plaintext is bitwise XORed with 64 bits of additional
key material before encryption with DES, and the output of DES is also bitwise XORed with another
64 bits of key material. Answer b, DES in the EEE, mode is written as: C = Ek3 [Ek2 [Ek1 [M]]] where
three consecutive encryptions are performed on plaintext message, M, with three independent keys,
k1, k2, k3. Answer c is incorrect since the question contains three encryptions. Implementing two
DES encryptions does not provide the additional security anticipated over a single DES encryption
because of the meet-in-the-middle attack. Consider a DES cipher with a key size of p. A double
encryption will result in an effective key size of 2p and yield the final result R. Thus, one would
anticipate that one would have to search a key space of 22p in an exhaustive search of the keys.
However, it can be shown that a search of the key space on the order of 2p is all that is necessary.
This search is the same size as required for a single DES encryption. This situation is illustrated as
follows: The sequences shown illustrate the first DES encryption of a plaintext message M with all
keys k1 through k2p yielding the intermediate encrypted results C1 through C2p. Ek1 [M] C1 Ek2 [M]
C2 Ek2p [M] C2p If we have available ciphertext R where R = Ek2 [Ek1 [M]] for a pair of secret keys k1
and k2, for each key m there is only one key k such that Dm[R] = Ek[M] where D is the decipherment
of R back from the second DES encipherment. In other words, there are 2p possible keys that will
result in the pair [M,R] and, thus, can be found in a search of order 2p.


Leave a Reply