Single DES has been cracked Why isnt double DES a solutionSo

Single DES has been cracked. Why isn\'t double DES a solution?

Solution

Double-DES is two successive DES instances.

We do not use 2DES because 2DES does not yield the security increase that you would believe. Namely, 2DES uses 112 key bits (two 56-bit DES keys) but offers a security level of about 2⁵⁷, not 2¹¹², because of a \"meet-in-the middle attack\". Hence, we use 3DES as it uses 168 key bits, but offers \"only\" 2¹¹² security (which is quite sufficient in practice).

Hence, we don\'t use double DES since we aim to use n-DES where n>2.

This can be summarized as: we use n-DES because a simple DES is too weak (a 56-bit key can be brute-forced by a determined attacker), but in order to really improve security, we must go to n 3. Of course, every additional DES implies some computational overhead (simple DES is already quite slow in software, 3DES thrice as much).