6

I am trying to verify a Triple DES Key Component generated by PC Crypto. The key portion is:

E6F1081FEA4C402CC192B65DE367EC3E

and the KCV value that should be returned is:

212CF915

In theory, it should be calculated as: encryption of binary 0's with the key portion with 3DES.

I have been trying the following link, but the calculation doesn't work. http://tripledes.online-domain-tools.com/

I used the following parametrization on the online tool.

http://tripledes.online-domain-tools.com/

Could anyone confirm that the calculation is performed as I mentioned?

mikeazo
  • 39,117
  • 9
  • 118
  • 183
neif
  • 181
  • 1
  • 1
  • 9

3 Answers3

9

Three problems here:

  1. The online tool used expects a 24-byte (48 hex-character) key; thus you should enter E6F1081FEA4C402CC192B65DE367EC3EE6F1081FEA4C402C as the key, duplicating the first 8 bytes; this is the customary way to extend a two-block triple DES key of 16 bytes to a three-block triple DES key of 24 bytes.

  2. You gave 16 bytes (32 hex chars) as input, which is twice as many bytes as required; this doesn't affect the computation of the KCV though.

  3. The KCV value is supposed to be the first 3 bytes (6 hex chars) of the result, not 4 bytes (8 hex chars).

When this is fixed, the KCV 212cf9 is correctly obtained using the tool.

Note: it is a bad idea to use an online tool in order to check a real key, just like it is a bad idea to use an online RNG to generate a real key.

fgrieu
  • 149,326
  • 13
  • 324
  • 622
2

I just put together a tiny python (python 3) example that calculates the KCV that PC Crypto is issuing (first 4 bytes of the encryption of binary 0's with the key portion). I can confirm that the execution worked. The script is based on the official IBM documentation (I had access to the official repository although I wasn't able to find the docs online to reference them).

import binascii
import hashlib
import base64
from pyDes import *

data = '000000000000000000000000000000'
key = 'E6F1081FEA4C402CC192B65DE367EC3E'

key = binascii.unhexlify(key)
data= binascii.unhexlify(data)

print('key: ' + str(key))

k = triple_des(key, ECB, "\0\0\0\0\0\0\0\0", pad=None, padmode=PAD_PKCS5)
d = k.encrypt(data)

print('KCV: ' + str(binascii.hexlify(d)[0:8]))
neif
  • 181
  • 1
  • 1
  • 9
-1

Key: E6F1081FEA4C402CC192B65DE367EC3E Algorithm: 3DES ECB Crypto operation: Decoding Data: 212CF915 Padding Method: None

Decoded data: EBB7EC7B4CC5C804 DES operations count: 3

[2016-10-12 12:58:39] DEA Keys: Key parity enforcement finished

Key: E6F1081FEA4C402CC192B65DE367EC3E Key length: 32 Parity enforced: Even New key: E7F0091EEB4D412DC093B75CE266ED3F KCV: 212CF9

Key: E6F1081FEA4C402CC192B65DE367EC3E Algorithm: 3DES ECB Crypto operation: Encryption Data: 212CF9 Padding Method: Zeros

Encrypted data: 13894FA653595256 DES operations count: 3

[2016-10-12 13:02:09] DES/3DES operation finished

Key: E6F1081FEA4C402CC192B65DE367EC3E Algorithm: 3DES ECB Crypto operation: Encryption Data: 212CF9 Padding Method: None

Encrypted data: 4242424242420000 DES operations count: 0

Seng Vue
  • 11