A Known-Plaintext Attack on Two-Key Triple Encryption

  • Paul C. van Oorschot
  • Michael J. Wiener
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 473)


A chosen-plaintext attack on two-key triple encryption noted by Merkle and Hellman is extended to a known-plaintext attack. The known-plaintext attack has lower memory requirements than the chosen-plaintext attack, but has a greater running time. The new attack is a significant improvement over a known-plaintext brute-force attack, but is still not seen as a serious threat to two-key triple encryption.

Key Words

triple encryption cryptanalysis DES 


  1. [Merk81]
    Merkle, R. and M. Hellman, “On the Security of Multiple Encryption”, Communications of the ACM, vol. 24, no. 7, pp. 465–467, July 1981. See also Communications of the ACM, vol. 24, no. 11, p. 776, November 1981.MathSciNetCrossRefGoogle Scholar
  2. [Diff77]
    Diffie, W. and M. Hellman, “Exhaustive Cryptanalysis of the NBS Data Encryption Standard”, Computer, vol. 10, no. 6, pp. 74–84, June 1977.CrossRefGoogle Scholar
  3. [FIPS46]
    “Data Encryption Standard”, National Bureau of Standards (U.S.), Federal Information Processing Standards Publication (FIPS PUB) 46, National Technical Information Service, Springfield VA, 1977.Google Scholar
  4. [BNR]
    Internal study, BNR, Ottawa, 1989.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  • Paul C. van Oorschot
    • 1
  • Michael J. Wiener
    • 1
  1. 1.BNROttawaCanada

Personalised recommendations