Loading DES / 3DES Cipher...
Encrypt and decrypt data using DES or Triple DES (3DES) with configurable mode, padding, key, and IV.
DES requires a 16-character hex key (8 bytes).
Leave empty to use a zero IV. If provided, must be exactly 16 hex characters (8 bytes).
Encrypt and decrypt data using DES (Data Encryption Standard) or Triple DES (3DES). Supports CBC and ECB modes with configurable padding. Key, IV, and data are parsed from hex or text.
DES (Data Encryption Standard) is a symmetric block cipher standardized by NIST in 1977. It uses a 56-bit effective key (8 bytes, of which 8 bits are parity) and operates on 64-bit blocks. DES was considered secure for two decades before hardware brute-force attacks became feasible. Triple DES (3DES or TDES) applies the DES cipher three times with two or three independent keys, producing an effective key strength of 112 or 168 bits. 3DES was the recommended replacement for DES and is still found in legacy payment systems, banking protocols, and older enterprise software. Both algorithms have been deprecated by NIST but remain relevant for compatibility, forensics, and CTF challenges.
Input:
Algorithm: DES Mode: CBC Key: 0123456789abcdef IV: 0000000000000000 Input: Hello World
Output:
Encrypted (Base64): abc123...== (varies by key)
What is the difference between DES and 3DES?
DES uses a single 56-bit key and was broken by brute force in 1998. 3DES applies DES three times: encrypt with K1, decrypt with K2, encrypt with K3. With three independent keys (K1 != K2 != K3) the effective strength is 112 bits (due to meet-in-the-middle attacks), which is considered acceptable for legacy applications but not for new systems.
What is the difference between CBC and ECB mode?
ECB (Electronic Codebook) encrypts each block independently. Identical plaintext blocks produce identical ciphertext blocks, leaking patterns. ECB is insecure for most real-world data. CBC (Cipher Block Chaining) XORs each plaintext block with the previous ciphertext block before encryption, requiring an IV for the first block. CBC hides patterns and is the standard choice.
Why does 3DES need a 48 hex character key?
3DES uses three DES keys, each 8 bytes long. 3 keys x 8 bytes = 24 bytes. Represented as hexadecimal that is 48 characters (2 hex digits per byte). Some implementations allow 16 bytes (32 hex chars) where K3 = K1, giving 112-bit effective strength.
Is 3DES still used today?
3DES is considered deprecated. NIST disallowed its use after 2023 for new applications. However it remains in legacy payment card processing (EMV), banking systems, XML encryption, and older enterprise middleware. It is important to understand for security audits and penetration testing of legacy infrastructure.
What padding schemes are supported?
PKCS7 is the standard - it pads the last block with bytes equal to the number of padding bytes added. Zero Padding pads with null bytes. No Padding requires the input length to be an exact multiple of 8 bytes (the DES block size). PKCS7 is recommended for interoperability.