Abstract
We show that, in the ideal-cipher model, triple encryption (the cascade of three independently-keyed blockciphers) is more secure than single or double encryption, thereby resolving a long-standing open problem. Our result demonstrates that for DES parameters (56-bit keys and 64-bit plaintexts) an adversary’s maximal advantage against triple encryption is small until it asks about 278 queries. Our proof uses code-based game-playing in an integral way, and is facilitated by a framework for such proofs that we provide.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-540-34547-3_36
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Aiello, W., Bellare, M., Di Crescenzo, G., Venkatesan, R.: Security amplification by composition: The case of doubly-iterated, ideal ciphers. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 390–407. Springer, Heidelberg (1998)
Bellare, M., Goldwasser, S.: New paradigms for digital signatures and message authentication based on non-interactive zero knowledge proofs. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 194–211. Springer, Heidelberg (1990)
Bellare, M., Rogaway, P.: Code-based game-playing proofs and the security of triple encryption. Cryptology ePrint archive report 2004/331 (2006)
Diffie, W., Hellman, M.: Exhaustive cryptanalysis of the data encryption standard. Computer 10, 74–84 (1977)
Even, S., Goldreich, O.: On the power of cascade ciphers. ACM Transactions on Computer Systems 3(2), 108–116 (1985)
Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. In: Matsumoto, T., Imai, H., Rivest, R.L. (eds.) ASIACRYPT 1991. LNCS, vol. 739, pp. 210–224. Springer, Heidelberg (1993)
Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984) (earlier version in STOC 1982)
Halevi, S.: A plausible approach to computer-aided cryptographic proofs. Cryptology ePrint archive report 2005/181 (2005)
Kilian, J., Rogaway, P.: How to protect DES against exhaustive key search (an analysis of DESX). J. of Cryptology 14(1), 17–35 (2001) (earlier version in Crypto 1996)
Lucks, S.: Attacking triple encryption. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 239–253. Springer, Heidelberg (1998)
Maurer, U., Massey, J.: Cascade ciphers: The importance of being first. J. of Cryptology 6(1), 55–61 (1993)
Merkle, R., Hellman, M.: On the security of multiple encryption. Communications of the ACM 24, 465–467 (1981)
National Institute of Standards and Technology. FIPS PUB 46-3, Data Encryption Standard (DES), Also ANSI X9.52, Triple Data Encryption Algorithm modes of operation, 1998, and other standards (1999)
Shannon, C.: Communication theory of secrecy systems. Bell Systems Technical Journal 28(4), 656–715 (1949)
Shoup, V.: Sequences of games: A tool for taming complexity in security proofs. Cryptology ePrint archive report 2004/332 (2006)
Yao, A.: Theory and applications of trapdoor functions. In: IEEE Symposium on the Foundations of Computer Science (FOCS 1982), pp. 80–91. IEEE Press, Los Alamitos (1982)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bellare, M., Rogaway, P. (2006). The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In: Vaudenay, S. (eds) Advances in Cryptology - EUROCRYPT 2006. EUROCRYPT 2006. Lecture Notes in Computer Science, vol 4004. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11761679_25
Download citation
DOI: https://doi.org/10.1007/11761679_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34546-6
Online ISBN: 978-3-540-34547-3
eBook Packages: Computer ScienceComputer Science (R0)