Triple DES (also 3DES) is the encrypt-decrypt-encrypt EDE mode of the Data Encryption Standard (DES) cipher algorithm.

The encryption is done by

C = encryptk3(decryptk2(encryptk1(P))).
P ... plaintext
C ... ciphertext
ki ... key #i
encrypt, decrypt ... DES

Because DES is not a group, using it in EDE mode will increase its key size by a factor 3, making it 168 bits. Because of an attack it only has an effective key size of 112 bits, though.

A variant uses k1 = k3, thus reducing the key size to 112 bits. This mode is susceptible to some attacks, though, and should therefore not be used when key-storage is not a problem.

If k1 = k2 or k2 = k3, triple DES is equal to DES.

The use of three steps is essential to prevent meet-in-the-middle attacks. The choice of decryption for the middle step (as opposed to encryption) does not affect the security of the algorithm but instead lets tools that implement triple DES interoperate with legacy single DES tools.

See also: