Triple Data Encryption Standard (3-DES) and Rivest-Shamir-Adleman (RSA)

Triple Data Encryption Standard (3-DES) and Rivest-Shamir-Adleman (RSA) are encryption algorithms used to transform clear-text communications into “ciphertext” Kurose & Ross (2010, p691) that can be transmitted between source and destination over a network that presents potential security (e.g. eavesdropping) threats whilst remaining confidential and maintaining data integrity.

DES uses symmetric key cryptography with a 64-bit key according to RSA Laboratories (2010). Indeed RSA Laboratories (2010) states that DES, as opposed to 3-DES, encryption when tested under a brute force attack was broken extremely quickly due to the limited number of permutations possible in the algorithm. Hence 3-DES is considered more secure as “this means that the input data is, in effect, encrypted three times”, which although still vulnerable to eavesdropping attacks (as with RSA), presents a greater range for encryption keys. RSA uses asymmetric which essentially implies that RSA employs a greater level of complexity than DES (and 3-DES) as the RSA key may be as large as 2048-bit and key contents are extrapolated by the use of formula, rather than by substitution. Fry & Langhammer (2005) state that with RSA a public encryption key is made available which is calculated, using two primes p and q, by the greatest common divisor of (p – 1)(q – 1) which also introduces vulnerabilities in terms of eavesdropping attacks.

If we assume for the time being that the only other major security threat to cracking the code of these algorithms is that the data may be sniffed and left for an unlimited period of time with an attacker using brute force to guess all combinations of characters that go into each type of key. The attacker, even with the most advanced computing power at their disposal today, would not be able to perform enough calculation iterations to produce results and in this sense only could we consider 3-DES and RSA secure. It is only a matter of time, as Kanjilal (2010) reported that 1024-bit RSA was cracked in four days by researchers at the University of Michigan, with increased computing power and advanced cracking algorithms that this will be the case, especially with the advent of new technologies like quantum computing.

References

Anderson, R (2010) Security Engineering: A Guide to Building Dependable Distributed Systems (2nd Edition). Wiley Publishing.

Fry, J. & Langhammer, M (2005) RSA & Public Key Cryptography in FPGAs [Online]. Available via the EBSCO Discovery Service (Accessed 22 May 2011).

Kanjilal, C (2010) 1024 bit RSA Cracked, new Milestone [Online]. Available at http://techie-buzz.com/tech-news/1024-bit-rsa-cracked.html (Accessed 22 May 2011).

Kurose & Ross (2010) Computer Networking: A Top-Down Approach (Fifth Edition). Addison Wesley.

RSA Laboratories (2010) What is triple-DES? [Online]. Available at http://www.rsa.com/rsalabs/node.asp?id=2231 (Accessed 22 May 2011).