Triple DES Algorithm in .NET

Kyriakos,

You can read more in-depth material about DES encryption here. As you already know triple DES is a based on DES, so once you know how DES functions, you should hopefully be able to make the jump to Triple DES, which you can read about here.

Hope that helps.

Hello to everyone,

Recently, I came across a scenario which required some data encryption routines applied to general binary files. I decided to use the managed code provided by .NET that implements the Triple Des algorithm (TripleDESCryptoServiceProvider object). Everything works fine as long as we stay within the .NET framework but what if the encryption or decryption routine is implemented on a different platform? (e.g. using Java's Cryptographic libraries). In that case, a file encrypted with a Java or Delphi platform is not easily decrypted with a C# e.g. routine of the .NET framework. For this reason I would like to know more about the actual implementation of the DES and Triple DES algorithms in .NET, from an algorithmic point of view (The algorithm uses some permutations, XOR operations, some bits of the key are ignored etc). Any kind of help would be highly appreciated.

Thank you,
Kyriakos Petrakos

Here is some info about how .net uses DES and 3DES:
machineKey Element (ASP.NET Settings Schema)

Enreil, Kenobewan, thank you for the really informative links. As one could see on the DES description, 3DES algorithm is virtually a three times application of the DES algorithm for each block of 8 bytes (64 bits). Assuming that 3DES takes as input a 192 bit key, it splits the key, generating 3 64 bits keys k1, k2, k3. After the splitting occurs, we have an iterative application of the following execution pattern for each 8-byte block of the original file, starting from the 1st (leftmost) block:

b1 = DES_Encrypt(k1, block); (1)
b2 = DES_Decrypt(k2, b1); (2)
b3 = DES_Encrypt(k3, b2); (3)

The resulting b3 is the encoded block corresponding to the initial "block" of bytes. The CBC version of the algorithm uses subsequently the b3 in order to encode the following pair of 8 bytes. The CBC version uses also an Initial Vector of 8 bytes in order to encode the leftmost 64 bits of the file, as the first 64 bits of the file do not have a previous "block". The question now is formulated as follows: Where exactly is the Initial Vector (IV) used in the .NET implementation? Each application of DES_Something in the lines (1),(2),(3) above requires an IV, assuming that we use the CBC version of the algorithm. Does line (2) uses the IV that we provide the general TripleDES algorithm or uses as IV the block already encrypted in line (1)? The MSDN description does not go so deep into the implementation of the algorithm and does not touch this one as well as similar matters (e.g. which IV is used when the second block of the file is encrypted? Do we continue to use the initial IV of the algorithm or we encode the second block based on the output of the first block)?

Thank you in advance,
Kyriakos Petrakos