How to set theTripleDES Key in .NET / C#

Question

I'm working with TripleDES in C# and according to the MSDN entry, TripleDES can function with two or three 56-bit keys and uses three iterations of DES. However, I can't figure out how to specify how many keys to use, and what those keys are. In fact, all examples I can find of show TripleDES.CreateEncryptor() being called with one or no keys. In addition, the TripleDES class only has one Key property.

How do I specify the second and third keys for TripleDES?

Thanks in advance.

Answer 1

If you look at the Key property, you'll see: "This algorithm supports key lengths from 128 bits to 192 bits in increments of 64 bits.".

If you want 2-key TripleDES, set the key to a 16-byte key. If you want 3-key TripleDES, set it to a 24-byte key. See this post for more information

The wikipedia entry, lists the different keying options.

The reason is there is a meet-in-the-middle attack, and 2-key TripleDES let's you avoid the attack while only using two keys. Unfortunately, there are other attacks, and so NIST considers it's strength to be about 80-bits of security. 3-key TripleDES is also vulnerable, and only has an effective strength of 112-bits.

If you have a choice, you should prefer AES over TripleDES.