Is the 3DES encryption algorithm the best choice for S/MIME protocol?

The triple DES encryption algorithm was originally designed for the S/MIME protocol, but is it still the best choice for encryption? In this expert response, Randall Gamby describes the advantages and disadvantages to using 3DES.

Randall Gamby, HP

How can 3DES symmetric encryption be implemented in the S/MIME protocol?

Actually, the 3DES encryption algorithm was part of the original S/MIME protocol. However, 3DES -- also known as Triple DES, or the Triple Data Encryption Standard -- is based on the DES algorithm developed by an IBM team in 1974. Triple DES was originally designed to run in specialized hardware, so it's considered computationally expensive on general-purpose processors.

Because of the limitations of the key lengths used in 3DES and its poor execution on general-purpose computers, S/MIME eventually adopted AES as the standard for its encryption. AES, also known as Rijndael and FIPS-197, is a symmetric block cipher that can accept variable block and key lengths up to 256-bits and isn't restricted to the less secure 64-bit key lengths of 3DES. Plus, it would probably run a bit better on your server than 3DES. Because of this, it's hard to recommend using 3DES (even though it should be technically possible) because ultimately you'll be taking a giant step backward. But assuming you have a requirement due to a legacy system, I'd recommend doing some research on the Internet to find an old copy of the S/MIME protocol standard for guidance on how to integrate a 3DES encryption key into it.

This was last published in April 2010

Dig Deeper on Disk and file encryption tools

The difference between AES and DES encryption Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between AES and DES.

UiPath : 568 M$ pour accélérer la R&D et éduquer le marché au RPA Le spécialiste du RPA a réalisé une levée de fond conséquente de 568 M$ qui servira à accélérer sa R&D et mener des programmes d’accompagnement et d’éducation dans les milieux universitaires. Des fusions-acquisitions sont également au programme.

Triple DES: How strong is the data encryption standard? Expert Jon Callas explains how strong the Triple DES symmetric encryption algorithm actually is and offers guidance on how it compares to other widely used block ciphers.

Data Encryption Standard (DES) The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.

Ecoles & Entreprises : des formations qui suivent ou anticipent les tendances IT Innovation en « fab lab », internet des objets, cloud, mobilité, mais aussi préparation aux exigences des métiers d'ingénieur-manager et à la transformation digitale des entreprises : autant de thèmes stimulant les relations écoles-entreprises.

Google pousse Dart vers la standardisation Ecma La firme de Mountain a en effet décidé d’ouvrir un groupe de travail au sein du très populaire organisme de standardisation - Javascript, C#, CLI sont notamment des standards Ecma - dont le but est de publier des spécifications standard du langage

Related Q&A from Randall Gamby

How has enterprise SSO technology evolved?

Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses. Continue Reading

The FIDO authentication framework: What do enterprises need to know?

Enterprises need a full understanding of the FIDO authentication framework before switching to its technology. Expert Randall Gamby looks at the most... Continue Reading

Which is safer: an HSM appliance or a virtual appliance?

A self-managed HSM appliance may be the safer external key management system to use with your organization's encryption keys. Here's why. Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

Benefits of using Azure Security Center for security assessments

Author Yuri Diogenes discusses how Azure Security Center helps admins achieve full cloud visibility, conduct security assessments...

Use Azure Security Center to conduct a security posture assessment

In this excerpt from Chapter 4 of Microsoft Azure Security Center, the authors outline how to use the software to ...

How container adoption affects container security

Scalability and efficiency make container adoption an attractive option for enterprises today. Learn how containerization has ...

SearchNetworking

5 common SD-WAN challenges and how to prepare for them

SD-WAN technology has its fair share of risk factors, some of which include security, deployment and quality of service. Find out...

The top 10 network security best practices to implement today

Even as security techniques improve, attackers are becoming more adept. Learn about 10 network security best practices and how ...

SD-WAN explained in 15 key terms and phrases

This SD-WAN glossary delves into the various capabilities, technologies and components that encompass SD-WAN, explained with 15 ...

SearchCIO

Don't let edge computing security concerns derail your plans

Security concerns give many IT organizations pause when considering edge computing. But the potential problems can be overcome ...

Risk-based digital identity benefits CIOs, CMOs and customers

Asking customers to reaffirm their digital identities by sharing private information undermines CX and data security. Instead, ...

Agile practices endure and continue to adapt

As the 20th anniversary of the Agile Manifesto approaches, Agile practices remain vital to software development and are being ...

SearchEnterpriseDesktop

Project Limitless' 5G PC and what desktop admins need to know

Qualcomm and Lenovo have partnered to produce a 5G-enabeled PC that could be a game-changer for remote workers. IT must prepare ...

Jamf Protect offers visibility, protection for macOS admins

Jamf Protect, the new endpoint security software announced at JNUC 2019, provides organizations with a native macOS tool that ...

Compare Windows 10 OS editions to determine the best fit

Organizations deploying Windows 10 must choose between multiple Windows 10 OS editions. Delve into the different features that ...

SearchCloudComputing

AI-driven development trends shake up the cloud market

Enterprises are increasingly interested in AI, and cloud vendors are in a race to adapt their platforms to meet those needs. See ...

A primer on Alibaba Cloud for Western enterprises

When Western cloud users think of major cloud providers, it's typically the top three: AWS, Google Cloud Platform and Microsoft ...

AWS, Azure and Google peppered with outages in same week

Cloud outages hit AWS, Microsoft Azure and Google Cloud within the past week, an outcome that suggests customers must take a more...

ComputerWeekly.com

Is facial recognition happening too fast?

In this week’s Computer Weekly, as the information commissioner calls on police forces to slow down the introduction of facial ...

DevOps and storage: APIs and flexibility key

The details of back-end storage are irrelevant to DevOps engineers, but they need enough of it, when they want it, and the ...

The Security Interviews: Applying AI to Lego, and security

Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds ...

Is the 3DES encryption algorithm the best choice for S/MIME protocol?

The triple DES encryption algorithm was originally designed for the S/MIME protocol, but is it still the best choice for encryption? In this expert response, Randall Gamby describes the advantages and disadvantages to using 3DES.

Dig Deeper on Disk and file encryption tools

Related Q&A from Randall Gamby

How has enterprise SSO technology evolved?

The FIDO authentication framework: What do enterprises need to know?

Which is safer: an HSM appliance or a virtual appliance?

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

Benefits of using Azure Security Center for security assessments

Use Azure Security Center to conduct a security posture assessment

How container adoption affects container security

SearchNetworking

5 common SD-WAN challenges and how to prepare for them

The top 10 network security best practices to implement today

SD-WAN explained in 15 key terms and phrases

SearchCIO

Don't let edge computing security concerns derail your plans

Risk-based digital identity benefits CIOs, CMOs and customers

Agile practices endure and continue to adapt

SearchEnterpriseDesktop

Project Limitless' 5G PC and what desktop admins need to know

Jamf Protect offers visibility, protection for macOS admins

Compare Windows 10 OS editions to determine the best fit

SearchCloudComputing

AI-driven development trends shake up the cloud market

A primer on Alibaba Cloud for Western enterprises

AWS, Azure and Google peppered with outages in same week

ComputerWeekly.com

Is facial recognition happening too fast?

DevOps and storage: APIs and flexibility key

The Security Interviews: Applying AI to Lego, and security

Dig Deeper on Disk and file encryption tools

Related Q&A from Randall Gamby

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.