Raph Levien writes:
Double DES is subject to a "meet in the middle" attack (not a "man in the middle").
Yes, a silly mistake on my part, which shows I should proofread even the little messages before posting them. :) Gleeful readers are filling my mailbox hoping to be the first to point out this unfortunate error.
Thus, using three keys is more work for the attacker than using two. So, modern cryptographic usage is exactly as Bill said - three keys, three encryptions. For example, S/MIME recommends the use of DES-EDE3-CBC (the middle encryption is technically a decryption, although it doesn't really make any difference).
S/MIME aside, I was under the impression that the term "Triple-DES" referred to the encrypt-decrypt-encrypt operation using two distinct keys, proposed by some for adoption as the successor to single DES. Has this usage now changed in favor of the three key version? -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $