Search code examples
iosobjective-c3descommoncrypto

How to use 2TDEA option of 3DES with CommonCrypto


When I am encrypting data with CCCrypt() with 3DES algorithm I have to provide 24bytes long key like for 3TDEA option of 3DES. From a reason I have use 2TDEA with 16bytes long key. But when I use 16byte key, CCCrypt() fails. What to do with it?

result = CCCrypt(kCCEncrypt, 
                 kCCAlgorithm3DES, 
                 kCCOptionPKCS7Padding | kCCOptionECBMode, 
                 desKey, 
                 24, 
                 nil,
                 dataBlock, 
                 dataBlockSize, 
                 outputData.mutableBytes, 
                 outputData.length, 
                 &outLength); 

Solution

  • Disclaimer

    Anyone who will read this:

    It's obsolete, deprecated and not secure.

    3DES & 2TDEA

    Triple DES = 3DES, TDES, TDEA, Triple DEA. It has many names, but all of them refer to the same cipher. It's a DES applied three times to each data block.

    You can visit Triple DES article on Wikipedia to learn more about it. Several Keying options exists and you're interested in the 2nd one:

    K1 and K2 are independent, and K3 = K1. Sometimes known as 2TDEA or double-length keys. This provides a shorter key length of 112 bits and a reasonable compromise between DES and Keying option 1, with the same caveat as above. This is an improvement over "double DES" which only requires 256 steps to attack. NIST has deprecated this option.

    You have 16 bytes (K1, K2). This keying option says that K3 = K1. Which means that you have to copy the first 8 bytes and append them.

    • AAAAAAAA11111111 (16 bytes, K1, K2)
    • AAAAAAAA11111111???????? (24 bytes, K1, K2, K3?)
    • AAAAAAAA11111111AAAAAAAA (24 bytes, K1, K2, K3 where K3 = K1)