U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST to Withdraw Special Publication 800-67 Revision 2
June 29, 2023

NIST will withdraw Special Publication (SP) 800-67 Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, on January 1, 2024.

Background

Initially published in 2004, SP 800-67 specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). DEA was originally specified in Federal Information Processing Standards Publication (FIPS) 46, The Data Encryption Standard, which was withdrawn in 2005. TDEA, which uses three DEA keys for its operation, was designed as an interim replacement for DEA.

SP 800-67 was later revised in 2012 and 2017 to require the following limits on the number of data blocks produced:

  • 220 blocks, when two of the three keys are the same (2TDEA) in 2012,
  • 232 blocks, when all three keys are unique (3TDEA) in 2012, and
  • 220 blocks, for 3TDEA in 2017.

The 2017 revision also disallowed the use of 2TDEA.

In 2019, SP 800-131A Rev. 2, Transitioning the Use of Cryptographic Algorithms and Key Lengths, additional limitations were announced on the use of TDEA for applying cryptographic protection (i.e., encryption, key wrapping, and the generation of Message Authentication Codes (MACs)). In particular, this category of use of TDEA will be

  • deprecated for all applications through 2023, and
  • disallowed after December 31, 2023.

The scheduled withdrawal of SP 800-67 Rev. 2 will signify that TDEA is no longer an approved block cipher. TDEA will continue to be allowed for the decryption, key unwrapping, and verification of MACs of already-protected data, and SP 800-67 Rev. 2 will remain available online for historical purposes.

TDEA Validation

Testing of TDEA through the Cryptographic Algorithm Validation Program (CAVP) will remain available. Per SP 800-131A Rev. 2, any FIPS 140-3 validated modules that include TDEA for applying protection will be moved to the historical list after December 31, 2023. See the Algorithm Historical List Dates expandable table on the Cryptographic Module Validation Program (CMVP) programmatic transitions page for more information about the TDEA transition.

Contact

Inquiries about this announcement should be submitted to sp800-67comments@nist.gov.

Related Topics

Security and Privacy: encryption, key management, message authentication

Created June 29, 2023, Updated July 13, 2023