• ARTICLE
  • STRING
  • CONVERTER
  • ENCRYPT
  • NETWORK
  • MORE
    CHART
    MATH
    COORDINATE
    IMAGE
    FILE
  • ARTICLE
    STRING
    CONVERTER
    ENCRYPT
    NETWORK
    MORE
    CHART
    MATH
    COORDINATE
    IMAGE
    FILE
logo Online Tools
0 Comments Favorite Copy Link Share

3DES/TripleDES Encryption and Decryption


If you need to know about 3DES/TripleDES encryption algorithm, please carefully read the instructions of this tool to set relevant parameters correctly.
A newer symmetric encryption algorithm, Advanced Encryption Standard (AES), is available. Consider using the Aes instead of the TripleDES. Use TripleDES only for compatibility with legacy applications and data.
3DES/TripleDES Encryption and Decryption-summary

The online 3DES/TripleDES encryption and decryption tool provides online 3DES/TripleDES encryption and decryption test. The encryption and decryption supports five encryption modes: CBC, CFB, OFB, CTR and ECB, and the input and output supports three formats: hex, string and Base64.

3DES/TripleDES Encryption and Decryption-instructions

3DES (or Triple DES) is a triple data encryption algorithm. It is equivalent to applying DES encryption algorithm three times to each data block.
The length of a data block of 3DES encryption algorithm is 64 bits (8 bytes). If the length of the data to be encrypted is not a multiple of the block length, it is generally necessary to specify the padding method (except those that do not need to be padding) and align the data to be encrypted.
The length of 3DES encryption password supports 192 bits (24 bytes).

  1. Mode:
    ECB (Electronic Code Book) : This mode of operation is the simplest of all. The plaintext is divided into blocks . Then each block is encrypted with the same key and algorithm. Therefore, it produces the same result for the same block. This is the main weakness of this mode, and it's not recommended for encryption. It requires padding data.
    CBC (Cipher Block Chaining) : In order to overcome the ECB weakness, CBC mode uses an Initialization Vector (IV) to augment the encryption. First, CBC uses the plaintext block xor with the IV. Then it encrypts the result to the ciphertext block. In the next block, it uses the encryption result to xor with the plaintext block until the last block. In this mode, encryption can't be parallelized, but decryption can be parallelized. It also requires padding data.
    CTR (Counter) : This mode uses the value of a counter as an IV. It's very similar to OFB, but it uses the counter to be encrypted every time instead of the IV. This mode has two strengths, including encryption/decryption parallelization, and noise in one block does not affect other blocks.
    OFB (Output FeedBack) : This mode can be used as a stream cipher. First, it encrypts the IV. Then it uses the encryption results to xor the plaintext to get ciphertext. It doesn’t require padding data, and won't be affected by the noisy block.
    CFB (Cipher FeedBack) : This mode can be used as a stream cipher. First, it encrypts the IV, then it will xor with the plaintext block to get ciphertext. Then CFB encrypts the encryption result to xor the plaintext. It needs an IV. In this mode, decryption can be parallelized, but encryption can't be parallelized.
  2. Padding : Select whether to padding and how to pad the data blocks.The implementation mechanism of pkcs5padding and pkcs7padding is the same.
  3. Password : The password used for 3DES encryption and decryption will use the selected character set to convert the input password into a byte array. The length of the byte array is limited 24.
  4. IV : Initialize vector IV, which is not supported in ECB mode. The length of IV is 64 bits (8 bytes).
  5. In-Format : The format of input content can be string, hexadecimal string and base64 string. For 3DES decryption, the input format does not support string.
  6. Out-Format : The output format of the encrypted result or decrypted original content. For 3DES encryption, the output format does not support string.
  7. Charset : The selected charset will be used to convert the password and initialization vector into byte array, and the selected charset will be used for string-byte conversion of input and output format.