4

I have been reading about the 3DES algorithm and I cannot understand one part. In 3DES we do following operation: $$C=E[K_3,D[K_2,E[K_1,P]]].$$ Where $C$ is ciphertext, $P$ is plaintext, $E$ is DES encryption and $D$ is DES decryption.

In the second part we have the decryption with $K_2$. How can we decrypt a cipher with one key ($K_2$) which was encrypted with another one ($K_1$)?

Paŭlo Ebermann
  • 22,656
  • 7
  • 79
  • 117
Erfan
  • 141
  • 1
  • 3

2 Answers2

6

I do not understand how can we decrypt a cypher which was encrypted with $K_1$, with $K_2$.

Triple DES essentially involves three encryptions on the plain text. First is using $K_1$, second using $K_2$, and third using $K_3$. Now one may argue that $K_2$ is not being used for encryption but decryption. Well, technically speaking, encryption and decryption are just the same, and are only the reverse of each other in all ciphers using the feistel cipher structure. So actually decryption with $K_2$ does nothing but jumble-up the message further more. We are not decrypting the cipher in the real sense. We are adding another layer of obscurity with a second key.

Paŭlo Ebermann
  • 22,656
  • 7
  • 79
  • 117
pnp
  • 176
  • 4
  • 1
    ...and using the same key for the 3 operations allowed a 3DES system to revert to DES for legacy systems (pre-internet, 1970's kind) with the same code. – ixe013 Jun 05 '12 at 13:01
  • 2
    For a full answer of why the middle operation decrypts, see http://crypto.stackexchange.com/questions/2060/why-do-we-use-encrypt-decrypt-encrypt-ede-in-3des-rather-than-encrypting-thre – poncho Jun 05 '12 at 17:47
  • 2
    Actually, encryption and decryption are not the same, but are (given a fixed key) different bijective operations on the set of all blocks (${0,1}^{64}$ for DES). They should be the inverses of each other to be called "encryption" and "decryption", though. Also, welcome to Cryptography Stack Exchange. If you register your account here (using the same OpenID as on security.SE), you can take ownership of your post again, edit it and comment. – Paŭlo Ebermann Jun 05 '12 at 20:25
  • so according to your answer 3des is, C=E[K3,E[K2,E[K1,P]]]? – arif Jan 24 '18 at 18:41
0

DES a block cipher (Encryption) can be thought of as a pseudo random permutation(PRP), and as property of pseudo random permutation (PRP), its inverse(Decryption) is also(PRP).

It's like doing decryption will as much secure as doing encryption. Because of PRP property both are equally secure otherwise it would not have been a PRP.

e-sushi
  • 17,891
  • 12
  • 83
  • 229
Shishir
  • 81
  • 4