**Triple DES** (also 3DES) is the encrypt-decrypt-encrypt EDE mode of the Data Encryption Standard (DES) cipher algorithm.

The encryption is done by

- C = encrypt
_{k3}(decrypt_{k2}(encrypt_{k1}(P))).

- P ... plaintext
- C ... ciphertext
- k
_{i}... key #i - encrypt, decrypt ... DES

A variant uses k_{1} = k_{3}, thus reducing the key size to 112 bits. This mode is susceptible to some attacks, though, and should therefore not be used when key-storage is not a problem.

If k_{1} = k_{2} or k_{2} = k_{3}, triple DES is equal to DES.

The use of three steps is essential to prevent meet-in-the-middle attacks. The choice of decryption for the middle step (as opposed to encryption) does not affect the security of the algorithm but instead lets tools that implement triple DES interoperate with legacy single DES tools.

See also: