Design and Implementation of Triple DES Encryption Scheme

The speed of exhaustive key searches against DES after 1990 began to cause discomfort amongst users of DES. However, users did not want to replace DES as it takes an enormous amount of time and money to change encryption algorithms that are widely adopted and embedded in large security architectures. The DES algorithm was replaced by the Advanced Encryption Standard (AES) by the National Institute of Standards and Technology (NIST). The pragmatic approach was not to abandon the DES completely, but to change the manner in which DES is used. DES is often used in conjunction with Triple DES. It derives from single DES but the technique is used in triplicate and involves three sub keys and key padding when necessary, such as instances where the keys must be increased to 64 bits in length. Known for its compatibility and flexibility, software can easily be converted for Triple DES inclusion. Therefore, it may not be nearly as obsolete as deemed by NIST. This led to the modified schemes of Triple DES (sometimes known as 3DES).3DES is a way to reuse DES implementations, by chaining three instances of DES with different keys. 3DES is believed to still be secure because it requires 2^112 brute-force operations which is not achievable with foreseeable technology. While AES is a totally new encryption that uses the substitution-permutation network, 3DES is just an adaptation to the older DES encryption that relied on the balanced Feistel network. But since it is applied three times, the implementer can choose to have 3 discrete 56 bit keys, or 2identical and 1 discrete, or even three identical keys. This means that 3DES can have encryption key lengths of 168, 112, or 56 bit encryption key lengths respectively. But due to certain vulnerabilities when reapplying the same encryption thrice, it leads to slower performance. In this paper we present a pipelined implementation in VHDL, in Electronic Code Book (EBC) mode, of this commonly used Cryptography scheme with aim to improve performance. We achieve a 48-stage pipeline depth by implementing a TDES key buffer and right rotations in the DES decryption key scheduler. We design and verify our implementation using ModelSim SE 6.3f and Xilinx ISE 8.1i. We gather cost and throughput information from the synthesis and Timing results and compare the performance of our design to common implementations presented in other literatures.