# AES Vs. 3DES block ciphers

Hi, I am Babur Butter and I am with the ACE Team.

Advance Encryption Standard (AES) and Triple DES (TDES or 3DES) are commonly used block ciphers. Whether you choose AES or 3DES depend on your needs. In this post I would like to highlight their differences in terms of security and performance.

Since 3DES is based on DES algorithm I will talk about DES first. DES was developed in 1977 and it was carefully designed to work better in hardware than software. DES performs lots of bit manipulation in substitution and permutation boxes in each of 16 rounds. For example, switching bit 30 with 16 is much simpler in hardware than software. DES encrypts data in 64 bit block size and uses effectively a 56 bit key. 56 bit key space amounts to approximately 72 quadrillion possibilities. Even though it seems large but according to today’s computing power it is not sufficient and vulnerable to brute force attack. Therefore, DES could not keep up with advancement in technology and it is no longer appropriate for security.

Because DES was widely used at that time, the quick solution was to introduce 3DES which is secure enough for most purposes today. 3DES is a construction of applying DES three times in sequence. 3DES with three different keys (K1, K2 and K3) has effective key length is 168 bits (The use of three distinct key is recommended of 3DES.). Another variation is called two-key (K1 and K3 is same) 3DES reduces the effective key size to 112 bits which is less secure. Two-key 3DES is widely used in electronic payments industry. 3DES takes three times as much CPU power than compare with its predecessor which is significant performance hit. AES outperforms 3DES both in software and in hardware.

The Rijndael algorithm has been selected as the Advance Encryption Standard (AES) to replace 3DES. AES is modified version of Rijndael algorithm. Advance Encryption Standard evaluation criteria among others was:

• Security

• Software & Hardware performance

• Suitability in restricted-space environments

• Resistance to power analysis and other implementation attacks

Rijndael was submitted by Joan Daemen and Vincent Rijmen. When considered together Rijndael’s combination of security, performance, efficiency, implementability, and flexibility made it an appropriate selection for the AES.

By design AES is faster in software and works efficiently in hardware. It works fast even on small devices such as smart phones, smart cards etc. AES provides more security due to larger block size and longer keys. AES uses 128 bit fixed block size and works with 128, 192 and 256 bit keys. Rigndael algorithm in general is flexible enough to work with key and block size of any multiple of 32 bit with minimum of128 bits and maximum of 256 bits.

Note:

• AES is replacement for 3DES according to NIST both ciphers will coexist until the year 2030 allowing for gradual transition to AES.

• Even though AES has theoretical advantage over 3DES for speed and efficiency in some hardware implementation 3DES may be faster where support for 3DES is mature.

References:

2) Handbook of Applied cryptography

You can also find copy of this book on line at University of Waterloo web site http://www.cacr.math.uwaterloo.ca/hac/