# Comparison of Triple DES and RC4

What is Triple DES?
First, let’s discuss what Triple DES, aka “3DES” is.  It’s a cryptography method based on the Data Encryption Standard (DES). DES is a block cipher designed to encrypt and decrypt data blocks that contain 64 bits by utilizing a 64-bit key. Singh, G., & Supriya, S. (2013).  The main difference between the two encryption implementations is that Triple DES utilizes the DES cipher three times during its encryption/decryption processes by utilizing three key combinations totaling 168 bits, each of the three keys being 56 bits long.

Don't use plagiarized sources. Get Your Custom Essay on
Comparison of Triple DES and RC4
Just from \$13/Page

If you need assistance with writing your essay, our professional essay writing service is here to help!
Essay Writing Service

“There are three options to use a combination of sub – key that has become standard in the encryption process and decryption process using 3DES cryptographic method, that are: 1. Three sub – key have different combinations (3K3DES). 2. K1 and K2 have different combinations, whereas K1and K3have the same combinations (2K3DES). 3. Three sub – key has the same combinations.” Ratnadewi, Adhie, R. P., Hutama, Y., Saleh Ahmar, A., & Setiawan, M. I. (2018). Triple DES has been implemented to secure electronic payments, email, and web browsers.
What is RC4?
Now, let’s discuss what RC4 is.  RC4 is an acronym for “Rivest Cipher 4”, which is a stream cipher developed by Ron Rivest of RSA Security in 1987.  It processes either input or unit data at one time, which can either be bits or a byte.  By doing so, the encryption/decryption process can be based on the variable length, and the RC4 algorithm doesn’t have add extra bytes to encrypt or wait for a certain amount of data input before it’s processed.
The algorithm for RC4 has two stages, key generation and encryption.   The first phase is key generation and tends to be the most difficult, as it’s used to generate a variable encryption which utilizes two arrays, states and keys, and the results of merged steps.  “This merger operation consists of swapping, modulo, and other formulas. Modulo operation is the process that produces the residual value of the shares. “For example, 11 divided by 4 is 2 with the rest of division is 3, if 7 modulo 4, it will produce 3. The variable emerges from the encryption key generation process will be conducted XOR with the plaintext to produce encrypted text.” Sumartono, I., Siahaan, A., & Mayasari, M. (2016).
While the RC4 algorithm is very simple and easy to implement, a key problem is that if it is implemented improperly, it may lead to weak cryptographic systems. This is one of the key reasons why RC4 is slowly being phased out. The weaknesses behind RC4 as a TLS cipher due to statistical biases in the keystream has been well documented [RFC7465], and these statistical   numbers are certainly a concern for any consumer of the RC4 cipher.  However, the RC4 Kerberos encryption types have additional flaws.  “These flaws reduce the security of applications that use the encryption types; the weakening   occurs for various reasons, including the weakness of the password hashing algorithm, the reuse of key material across protocols, and the lack of a salt when hashing the password.” Internet Engineering Task Force (IETF). (2018).  Also, other weaknesses were found with RC4 biases, where testers attacked a WPA-TKIP network within an hour. They were surprised that this was possible using only known biases, and expect these types of attacks to further improve in the future. Based on their results, they are strongly urging people to stop using RC4 altogether. Vanhoef, M., & Piessens, F. (2015).
Regarding Triple DES, in 2001 AES (Advanced Encryption Standard) was created with the intent of coexisting with 3DES and eventually replacing it by 2030, thereby allowing for a gradual replacement.  However, there have been multiple vulnerabilities uncovered which appear to accelerating the process. For example, the “Sweet32” exploit took advantage of an issue with collision attacks in 3DES. After the exposure of this exploit, the NIST proposed that 3DES encryption be deprecated, and soon thereafter, restricted its usage. Deprecated meaning in this case that the use of the algorithm and key length is still allowed; however, the user must bear some of the risk involved. As guidance via draft by NIST on July 19, 2018, the “Triple Data Encryption Algorithm (TDEA or 3DES) is officially being retired. The current guidelines are proposing that, after a period of public consultation, 3DES is deprecated for all new applications and usage is disallowed after 2023.” Henry, J. (2018).
While AES would be my first choice to replace 3DES and RC4, for now, 3DES would be my choice as it’s still supported for a few more years, while the users of RC4 has mostly been told to stop using it right away.
In the RSA public key encryption scheme, each user has a public key, e, and a private key, d. Suppose Bob leaks his private key. Rather than generating a new modulus, he decides to generate a new public and new private key. Is this safe?  First, let’s review what RSA is.
What is RSA?
RSA is an acronym for its designers (Rivest, Shamir, and Adleman).  RSA is one of the best-known cryptosystems out there for digital signatures or key exchange.  It utilizes both variable key size and encryption block size, and implements prime number for generation of both the private and public keys.  These keys are then used for the encryption and decryption process.
Suppose Bob leaks his private key. Rather than generating a new modulus, he decides to generate a new public and new private key. Is this safe?
The biggest concern with the RSA keys is that their weak key generation makes RSA very susceptible to attacks.  Therefore, it has to be done properly. Here are the steps needed to happen in order to generate secure RSA keys:

“Large Prime Number Generation: Two large prime numbers pp and qq need to be generated. These numbers are quite large: At least 512 digits, but 1024 digits is considered safe.
Modulus: From the two large numbers, a modulus nn is generated by multiplying ppand qq.
Totient: The totient of n,ϕ(n)n,ϕ(n) is calculated.
Public Key: A prime number is calculated from the range [3,ϕ(n))[3,ϕ(n)) that has a greatest common divisor of 11 with ϕ(n)ϕ(n).
Private Key: Since the prime in step 4 has a gcd of 1 with ϕ(n)ϕ(n), we are able to determine its inverse with respect to modϕ(n)modϕ(n).” Steyn, B. (2012). The effectiveness of the RSA algorithm is derived from the fact that it’s difficult to convert the large integers into prime numbers.

There are other factors to consider. One is that the strengths with RSA are based on the keys that utilize large prime numbers. Another is the “Common modulus attack”, where if everyone is given the same modulus “n” but different (e,d) pair, then under certain conditions, it is possible to decrypt the message without d.”  Preetha, M., & Nithya, M. (2013). This is the step Bob wanted to skip (not generating the new modulus), therefore it is a not a safe alternative for key replacement.
CONCLUSION
Considering the risk involved with skipping some steps and generating both the public and private keys, Bob should not generate both keys for distribution.
REFERENCES

Champlain College. (2019). Week 3: Assignment – DES, RC4 and RSA. Retrieved from https://champlain.instructure.com/courses/1072154/assignments/10950864
Internet Engineering Task Force (IETF). (2018). RFC 8429: Deprecate Triple-DES (3DES) and RC4 in Kerberos. Retrieved from https://www.rfc-editor.org/rfc/rfc8429
Preetha, M., & Nithya, M. (2013). A STUDY AND PERFORMANCE ANALYSIS OF RSA ALGORITHM. International Journal of Computer Science and Mobile Computing, 2(6), 126-139. Retrieved from https://www.ijcsmc.com/docs/papers/June2013/V2I6201330.pdf
Ratnadewi, Adhie, R. P., Hutama, Y., Saleh Ahmar, A., & Setiawan, M. I. (2018). Implementation Cryptography Data Encryption Standard (DES) and Triple Data Encryption Standard (3DES) Method in Communication System Based Near Field Communication (NFC). Journal of Physics: Conference Series, 954, 012009. doi:10.1088/1742-6596/954/1/012009
Singh, G., & Supriya, S. (2013). A Study of Encryption Algorithms (RSA, DES, 3DES and AES) for Information Security. International Journal of Computer Applications, 67(19), 33-38. doi:10.5120/11507-7224
Sumartono, I., Siahaan, A., & Mayasari, M. (2016). An Overview of the RC4 Algorithm. IOSR Journal of Computer Engineering (IOSR-JCE), 18(6), 67-73. Retrieved from DOI: 10.9790/0661-1806046773
Vanhoef, M., & Piessens, F. (2015). All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS. Retrieved from www.rc4nomore.com/vanhoef-usenix2015.pdf

# What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

#### Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

#### On-Time Delivery

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

#### Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

#### Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

#### Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

#### Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.

#### Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

# Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

##### Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

##### Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

##### One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

##### Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

## Free Features \$66FREE

• Most Qualified Writer \$10FREE
• Plagiarism Scan Report \$10FREE
• Unlimited Revisions \$08FREE
• Paper Formatting \$05FREE
• Cover Page \$05FREE
• Referencing & Bibliography \$10FREE
• Dedicated User Area \$08FREE

#### Our Services

• On-time Delivery

We create perfect papers according to the guidelines.

##### Professional Editing

We seamlessly edit out errors from your papers.

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

# Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

Categories
All samples
Essay (any type)
Essay (any type)
The Value of a Nursing Degree
Nursing
2

# It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.

# Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

# See How We Helped 9000+ Students Achieve Success

#### We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

• Clear elicitation of your requirements.
• Customized writing as per your needs.

#### We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

• Proactive analysis of your writing.
• Active communication to understand requirements.