May 19, 2005: NIST has announced the withdrawal of
the (single) Data Encryption Standard (DES) as specified in FIPS 46-3
because DES no longer provides the security that is needed to protect Federal government information(*1).
On behalf of FIPS 46-3,
NIST has completed Special Publication 800-67(*2),
Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher.
NIST is also encouraged to use TDEA and Advanced Encryption Standard (AES) since October 25, 1999.
On the other hand,
the 3-Key Triple DES(*3)
the e-Government Recommended Ciphers List
is noted as follows.
(Note3) When constructing a new system for e-Government,
128-bit block ciphers are preferable if possible.
(Note4) The 3-key Triple DES is permitted to be used
for the time being under the following conditions:
1) It is specified as FIPS 46-3
2) It is positioned as the de facto standard
As the above NIST's announcement keeps consistency
with the specification of the 3-Key Triple DES in
the e-Government Recommended Ciphers List,
Cryptographic Technique Monitoring Subcommittee on June 20,
2005 and CRYPTREC Advisory committee on October 12,
2005 decided on an addition of the following information table at the
end of the List without changing the body.
|Information table for the E-Government Recommended Ciphers List
|October 12, 2005
||Notes: 1) in (Note 4)
||It is specified as FIPS 46-3
||It is specified as SP 800-67
||A change of pointer to the spec document
(*3) Triple Data Encryption Algorithm (TDEA) can be optionally
implemented using two identical keys and a third that is different.
But CRYPTREC permits only using three distinctly different keys
(called 3-key Triple DES).