Publications
Further development of this draft has ceased (November 17, 2017).
Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
Documentation
Topics
Date Published: July 2017
Comments Due:
Email Questions to:
Author(s)
Elaine Barker (NIST), Nicky Mouha (NIST)
Announcement
This draft is intended to supersede SP 800-67 Revision 1, which limits the TDEA block cipher to apply the cryptographic protection (e.g., encrypt) to 232 64-bit blocks under one key bundle. The draft SP 800-67 Revision 2 further lowers this limit to 220 64-bit data blocks per key bundle, following the announcement by NIST to update its guidance on the current use of TDEA.
This publication specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). When implemented in an SP 800-38-series-compliant mode of operation and in a FIPS 140-2-compliant cryptographic module, TDEA may be used by federal organizations to protect sensitive unclassified data. Protection of data during transmission or while in storage may be necessary to maintain the confidentiality and integrity of the information represented by the data. This Recommendation defines the mathematical steps required to cryptographically protect data using TDEA and to subsequently process such protected data. TDEA is made available for use by federal agencies within the context of a total security program consisting of physical security procedures, good information management practices, and computer system/network access controls.
This publication specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). When implemented in an SP 800-38-series-compliant mode of operation and in a FIPS 140-2-compliant cryptographic module, TDEA may be used...
See full abstract
This publication specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). When implemented in an SP 800-38-series-compliant mode of operation and in a FIPS 140-2-compliant cryptographic module, TDEA may be used by federal organizations to protect sensitive unclassified data. Protection of data during transmission or while in storage may be necessary to maintain the confidentiality and integrity of the information represented by the data. This Recommendation defines the mathematical steps required to cryptographically protect data using TDEA and to subsequently process such protected data. TDEA is made available for use by federal agencies within the context of a total security program consisting of physical security procedures, good information management practices, and computer system/network access controls.
Hide full abstract
Keywords
Block cipher; computer security; cryptography; data encryption algorithm; security; triple data encryption algorithm
Control Families
System and Communications Protection
Documentation
Publication:
Draft SP 800-67 Rev. 2 (pdf)
Supplemental Material:
None available
Document History:
07/18/17: SP 800-67 Rev. 2 (Draft)
