PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
Triple-length DES operations in CBC mode, with double or triple-length keys, are performed using outer CBC as defined in X9.52. X9.52 describes this mode as TCBC. The mathematical representations of the CBC encrypt and decrypt operations are as follows:
DES3-CBC-E( {K1,K2,K3}, P) = E( K3, D( K2, E( K1, P + I)))
DES3-CBC-D( {K1,K2,K3}, C) = D( K1, E( K2, D( K3, P))) + I
The value I is either an 8-byte initialization vector or the previous block of cipher text that is added to the current input block. The addition operation is used is addition modulo-2 (XOR).