Triple DES: True Statements and Overview | CCIE Security Exam

Triple DES: True Statements

Prev Question Next Question


Which three statements about triple DES are true? (Choose three.)



Click on the arrows to vote for the correct answer

A. B. C. D. E.


Triple DES (3DES) is a symmetric-key encryption algorithm that uses three keys, each of which is 56 bits long. Here are the explanations for the three true statements about 3DES:

A. For 3DES, ANSI X9.52 describes three options for the selection of the keys in a bundle, where all keys are independent. ANSI X9.52 specifies three ways to select keys for the 3DES algorithm. In each of these options, three different keys are used to encrypt data, but the way in which these keys are used is different. These options are known as Keying Option 1, Keying Option 2, and Keying Option 3. In all three options, the three keys used are independent of each other.

B. A 3DES key bundle is 192 bits long. To use 3DES, three 56-bit keys are concatenated together to form a key bundle. Therefore, the length of the key bundle is 168 bits (56 bits × 3 keys), not 192 bits.

C. A 3DES keyspace is 168 bits. The key space is the total number of possible keys that can be used in an encryption algorithm. In the case of 3DES, each key is 56 bits long, so the total key space is 2^56 x 2^56 x 2^56 = 2^168. Therefore, the 3DES keyspace is 168 bits.

D. CBC, 64-bit CFB, OFB, and CTR are modes of 3DES. 3DES can be used with several modes of operation, including Cipher Block Chaining (CBC), 64-bit Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR) modes. These modes determine how the algorithm encrypts data and how it handles errors and other issues that may arise during the encryption process.

E. 3DES involves encrypting a 64-bit block of plaintext with the 3 keys of the key bundle. 3DES encrypts data in 64-bit blocks using three keys. In each round of encryption, the plaintext is encrypted with the first key, then decrypted with the second key, and finally encrypted again with the third key. This process is repeated three times to provide stronger encryption than single DES. Therefore, 3DES involves encrypting a 64-bit block of plaintext with the 3 keys of the key bundle.