Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST to Withdraw Special Publication 800-67 Revision 2

The specification of the Triple Data Encryption Algorithm (TDEA), NIST SP 800-67 Rev. 2, will be withdrawn January 1, 2024. The algorithm will be disallowed for applying cryptographic protection but will continue to be allowed for processing already-prot

NIST will withdraw Special Publication (SP) 800-67 Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, on January 1, 2024.

Background

Initially published in 2004, SP 800-67 specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). DEA was originally specified in Federal Information Processing Standards Publication (FIPS) 46, The Data Encryption Standard, which was withdrawn in 2005. TDEA, which uses three DEA keys for its operation, was designed as an interim replacement for DEA.

SP 800-67 was later revised in 2012 and 2017 to require the following limits on the number of data blocks produced:

  • 220 blocks, when two of the three keys are the same (2TDEA) in 2012,
  • 232 blocks, when all three keys are unique (3TDEA) in 2012, and
  • 220 blocks, for 3TDEA in 2017.

The 2017 revision also disallowed the use of 2TDEA.

In 2019, SP 800-131A Rev. 2, Transitioning the Use of Cryptographic Algorithms and Key Lengths, additional limitations were announced on the use of TDEA for applying cryptographic protection (i.e., encryption, key wrapping, and the generation of Message Authentication Codes (MACs)). In particular, this category of use of TDEA will be

  • deprecated for all applications through 2023, and
  • disallowed after December 31, 2023.

TDEA will continue to be allowed for the decryption, key unwrapping, and verification of MACs of already-protected data.

To reinforce the transition away from TDEA, SP 800-67 Rev. 2 will be withdrawn soon after December 31, 2023. However, SP 800-67 Rev. 2 will remain available online for historical purposes.

TDEA Validation

Testing of TDEA through the Cryptographic Algorithm Validation Program (CAVP) will remain available. Per SP 800-131A Rev. 2, any FIPS 140-3 validated modules that include TDEA for applying protection will be moved to the historical list after December 31, 2023. See the Algorithm Historical List Dates expandable table on the Cryptographic Module Validation Program (CMVP) programmatic transitions page for more information about the TDEA transition.

Contact

Inquiries about this announcement should be submitted to sp800-67comments [at] nist.gov (sp800-67comments[at]nist[dot]gov).

Released June 29, 2023