0

Is Triple DES similiar to RSA in that the message size you can encrypt is limited (unlike AES)?

Yes you can break the message size into parts and apply it, but I'm not interested in doing that so I want to know if Triple DES has this same "limitation" like RSA?

I know AES is better suited for my situation where the message size can be large, but I'm not the only one making the decision on the algorithm.

Nike Dattani
  • 191
  • 1
  • 14
user1361315
  • 165
  • 1
  • 5
  • 1
    TDES is similar to AES-256 in that it enciphers blocks of limited size (64-bit for TDES, 128-bit for AES-256), smaller than the key (like 168 or 192 bits depending on convention for TDES, 256 bits for AES-256). The size of an RSA-encrypted piece of data is also limited to less than the key size (slightly for naive RSA, more so for secure RSA) but comparison with block ciphers is mostly meaningless. For all three, large amounts of data can be safely encrypted, with appropriate operating modes (or hybrid encryption for RSA). – fgrieu Jun 05 '13 at 21:40

3 Answers3

2

Triple DES and AES are the very same type of scheme: - symmetric block cypher, which also implies fixed size; block sizes are 64 bit for DES, 128 for AES.

RSA is asymmetric, and the key length determines the size of plain- and ciphertext. Therefore, with a fixed key length you also have an (almost; length may vary by 1 dependant on choice of primes) fixed size.

Your main error is, that you attribute the mode of operation to AES, which is false. In general, mode of operation describe how to use a block cipher of fixed length to encrypt large amounts of data or a stream of data (e.g. secure channels, etc.). Although they are defined on symmetric ciphers, you could also use them for asymmetric encryption(RSA, etc.), but it is not practical to do (see hybrid encryption)

Edit: Thanks @ poncho for pointing out, that AES has a fixed block size of 128 bit (and keys with 128, 192 or 256 bit), and the original Rijndael cipher supported all three sizes for keys and blocks.

tylo
  • 12,654
  • 24
  • 39
  • Using standard blockcipher modes of encryption with RSA isn't just impractical, it's totally broken for some modes. For other modes the non integral block-size of RSA prevetns use entirely. – CodesInChaos Jun 06 '13 at 14:49
  • 2
    Correction: the block size for AES is fixed at 128 bits. Now, Rijndael (the AES submission that became AES) does allow other block sizes; AES is that subset of Rijndael that is limited to the NIST's original conditions (128 bit blocks, 128, 192 or 256 bit keys) – poncho Jun 06 '13 at 15:42
  • poncho, you are right, of course. The block size is fixed and the key size supports the other formats. However, AES also has a limited size (without MoO), in contrast to the assumption in the question. – tylo Jun 10 '13 at 16:20
0

TL;DR: No, they're not. Regardless of how you interpret the question (more on that below), the message size for 3DES (and other symmetric block ciphers) is not related to the key size in any way.

Now, there's a couple of different ways to interpret the question. First of all, what do we mean by "the message size of a block cipher"? If we mean the longest message that can be encrypted directly by a single evaluation of the block cipher, then that would be the block size of the cipher. This can be equal to the key size, but it doesn't have to be. For example:

  • (Single) DES has a 64 bit block size and an (effectively) 56 bit key.

  • Two-key Triple DES still has the same 64 bit block size as single DES, but the key length is doubled to 112 bits.

  • Three-key Triple DES has a key size of 3 × 56 = 168 bits, but still a 64 bit block size. (However it's rarely used since, despite the nominally higher key size, it's not significantly more secure than two-key 3DES.)

  • AES has a 128 bit block size, but its key size is either 128, 192 or 256 bits depending on which of the three standard AES variants you're using.

  • Rijndael (the original version of the cipher that was standardized as AES) is more flexible, allowing both the block size and the key size to be chosen independently of each other as any multiple of 32 bits between 128 and 256. (Whether this flexibility is good or bad is debatable. Certainly the non-standardized block and key sizes have been analyzed far less thoroughly than the AES ones.)

However, almost nobody ever uses a block cipher like (triple) DES or AES by itself. Rather, block ciphers are normally used with some mode of operation that turns the block cipher into a more general encryption scheme capable of encrypting messages of variable length.

Most modes of operation do have a message length limit beyond which their security proofs (which typically prove that breaking the claimed security properties of the mode of operation is as hard as breaking the underlying block cipher) no longer hold. However, this limit (which may vary depending on the block size of the cipher and other parameters of the mode) is typically on the order of $2^{32}$ (i.e. about 4 billion) cipher blocks or more. So unless your messages can be more than several gigabytes long, you can basically ignore these limits.

Can similar modes of operation be defined for RSA? Theoretically, yes. In practice, however, there are no standards for this, because it would be a silly thing to do. RSA encryption is slow and (with the padding needed to make it actually secure) produces ciphertext than is many times longer than the original plaintext message. Thus, even if you could use RSA with some mode of operation to encrypt long messages, it would be really inefficient.

The standard way to "encrypt long messages with RSA" is instead to use hybrid encryption: first pick a random key for a symmetric block cipher like AES (or 3DES), encrypt the message with the random key using some suitable mode of operation, and then encrypt the random key with RSA.

Ilmari Karonen
  • 46,120
  • 5
  • 105
  • 181
-2

Is triple des similiar to rsa in that the message size you can encrypt is limited (unlike AES)?

If you mean they both are block ciphers, then yes.

Smit Johnth
  • 1,681
  • 4
  • 17
  • 27
  • 1
    I don't see how this addresses the question, in fact I find it somewhat misleading. AES is a block cipher too and you can encrypt more than one block of data with 3DES. – Thomas Jun 06 '13 at 00:54
  • One AES opeation can encrypt only one block, for every thing else you need modes of operations. – Smit Johnth Jun 06 '13 at 16:45
  • 1
    Which applies to both AES and 3DES, so you're missing the "unlike AES" part. – Thomas Jun 07 '13 at 01:13
  • 3
    Triple DES and RSA are not both block ciphers. The question was not about AES. – tylo Jun 10 '13 at 16:27
  • Triple DES and RSA [b]are [/b] block ciphers. https://en.wikipedia.org/wiki/Triple_DES – Smit Johnth Jun 10 '13 at 17:35
  • 1
    No, RSA is NOT a block cipher (unless you're using a nonstandard definition of the term "block cipher") – poncho Jun 18 '13 at 14:39
  • @poncho And would you explain why? – Smit Johnth Jun 20 '13 at 22:57
  • 1
    @SmitJohnth: if we look at, say, http://cacr.uwaterloo.ca/hac/about/chap7.pdf we see the assumption that we use the same key to encrypt and decrypt; that is, it is a symmetric cipher. RSA is, in normal usage, uses different keys (which is essentially the only reason we put up with the costs of doing RSA). I suppose you could propose an RSA variant for which keys could both encrypt and decrypt; I would claim that such a variant is no longer RSA. – poncho Jun 21 '13 at 01:33
  • @poncho lol block cipher must not be symmetric, should it? – Smit Johnth Jun 22 '13 at 15:53