Is the 3DES encryption algorithm the best choice for S/MIME protocol?

The triple DES encryption algorithm was originally designed for the S/MIME protocol, but is it still the best choice for encryption? In this expert response, Randall Gamby describes the advantages and disadvantages to using 3DES.

Randall Gamby, HP

How can 3DES symmetric encryption be implemented in the S/MIME protocol?

Actually, the 3DES encryption algorithm was part of the original S/MIME protocol. However, 3DES -- also known as Triple DES, or the Triple Data Encryption Standard -- is based on the DES algorithm developed by an IBM team in 1974. Triple DES was originally designed to run in specialized hardware, so it's considered computationally expensive on general-purpose processors.

Because of the limitations of the key lengths used in 3DES and its poor execution on general-purpose computers, S/MIME eventually adopted AES as the standard for its encryption. AES, also known as Rijndael and FIPS-197, is a symmetric block cipher that can accept variable block and key lengths up to 256-bits and isn't restricted to the less secure 64-bit key lengths of 3DES. Plus, it would probably run a bit better on your server than 3DES. Because of this, it's hard to recommend using 3DES (even though it should be technically possible) because ultimately you'll be taking a giant step backward. But assuming you have a requirement due to a legacy system, I'd recommend doing some research on the Internet to find an old copy of the S/MIME protocol standard for guidance on how to integrate a 3DES encryption key into it.

This was last published in April 2010

Is the 3DES encryption algorithm the best choice for S/MIME protocol?

The triple DES encryption algorithm was originally designed for the S/MIME protocol, but is it still the best choice for encryption? In this expert response, Randall Gamby describes the advantages and disadvantages to using 3DES.

Dig Deeper on Disk and file encryption tools

AWS persiste : le CLOUD Act ne serait pas (vraiment) un problème

L’Anssi se fait conseiller en sécurité d’Active Directory

The difference between AES and DES encryption

UiPath : 568 M$ pour accélérer la R&D et éduquer le marché au RPA

Related Q&A from Randall Gamby

For minimum password length, are 14-character passwords sufficient?

How has enterprise SSO technology evolved?

The FIDO authentication framework: What do enterprises need to know?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

Privacy-preserving machine learning assuages infosec fears

How Azure, AWS, Google handle data destruction in the cloud

Multi-cloud security strategies rely on visibility, uniformity

SearchNetworking

Evolution of WLAN technology improves data rates, security

Future of wireless communications unifies 5G and Wi-Fi 6

SASE market emerges as the 'wave of the future'

SearchCIO

Dell, PwC, Peapod accelerate digital transformation initiatives

4 ways CIOs can drive IT cost savings during the pandemic

Post COVID-19 strategies for CIOs on leading through crisis

SearchEnterpriseDesktop

Microsoft launches Windows File Recovery tool

Citrix microapps look to ease office reopening

VMware Workspace One unifies reshaped digital workforces

SearchCloudComputing

Why enterprises choose multi-cloud environments

Oracle Cloud at Customer adds Dedicated Regions

How to evaluate cloud certification training

ComputerWeekly.com

How business software can stay clear of digital addiction

Orange, Nokia claim first successful trial of next-gen optical technology

NHS North West London boosts analytics use during Covid-19 outbreak