KCV Value – 3DES Encryption

What is KCV (Key Check Value) in the context of 3-DES Encryption? Is there good documentation on what is KCV and how it can be used in 3-DES Encryption?

Calculating KCV with DES Key

I’m having a problem with generating a KCV for a DES key in C#.NET In reference to this answer, the KCV for the DES key 0123456789ABCDEF is D5D44F (as only the first 3 bytes are considered) and it

3DES Encryption / Decryption using ECB in iOS

i’m making an application , in which i have to encrypt a string using 3DES encryption in ECB mode. i m using mykey as a key. + (NSData *)tripleDesEncryptData:(NSData *)inputData key:(NSData *)keyDat

3des encryption and decryption in iOS

I am working on 3DES encryption and decryption. I have done encryption successfully. For decryption, I am using this code but not getting exact result. My encryption string is CHc3TsfJgYs= and key i

Encryption in iPhone with 3DES

I need encrypt a NSString with 3DES and i cant do it. Its return me a big NSString in result: ccStatus = CCCrypt(kCCEncrypt, kCCAlgorithm3DES, kCCOptionECBMode | kCCOptionPKCS7Padding , vkey, //12345

3DES encryption with CBC mode in objective c

I am trying to encrypt a NSString using 3DES with CBC mode encryption on iOS. Same encryption method is being used on ASP.NET as well and the encrypted string they are getting works with the webservic

C# 3DES encryption to C decryption

I have created a C# assembly that does 3DES encryption/encryption and tested it. I now need to decrypt the data on a remote machine for an install. .NET is not guaranteed to be present when my native

3des encryption in iPhone padding issue

I have a problem using 3DES encryption in my iPhone app. I have 9 byte message to be encrypted. When I use kCCOptionECBMode, the first 8 byte block is encrypted correctly (I have a sample result produ

Image Encryption using 3DES

I am doing encryption and decryption of an image using 3DES. After encrypting an image I am not able to see an encrypted image. Can any one please tell me why is this happening? I am using a jpeg imag

3DES encryption in iPhone app always produces different result from 3DES encryption in Java

I have to encrypt a string in my iPhone app. The encryption scheme is 3DES/CBC/PKCS5 padding and I have to convert in objective-c this Java code: public class MessageEncrypt { public String encryptStr

3des encryption in iphone

i am fairly new to iOS development and objective c. I am developing an application which will send encrypted data to a server. The server uses 3des with cbc and no padding. I have read most of the rel


“6.15 Key Check Value
Purpose: The data is used to prove that a card/processor has access to aspecific DES key value.
Format: Binary, 3 bytes
Contents: The three leftmost bytes of the result of encrypting eight bytes of zeros by the DES key concerned” (source)
“The Key Check Value for any DES key will be computed by encrypting 8 bytes of ’00’ using ECB 3DES with the key concerned” (source)

“The key check value (abbreviated KCV or CV) of a DES/3DES key is the result of encrypting 16 hexadecimal zeroes using the key. For example, the key check value of the single-length DES key 0123456789ABCDEF is equal to D5D44FF720683D0D. This information is useful when transmitting DES/3DES keys in an encrypted fashion and is usually send by the sender to ensure that the recipient has correctly received the key.” (source)
To me, it seems this is some sort of checksum.

KCV’s are used within e.g. the PKCS#11 standard for hardware security devices. Imagine you need to import secret keys, possibly in multiple parts. Then you need to verify that the import succeeded. You simply check a block encrypt of all zeros (or the leftmost part of it) against a previously calculated KCV value. As symmetric algorithms are supposed to be invulnerable against known plain text/cipher text attacks, you don’t leak any information about the key.

For hardware security devices the keys are normally not extractable; they may therefore not be available for hash methods, or the hash method itself may not even be available. So performing a key encryption on all zero’s is a nice method of creating a secure checksum. For other keys, such as RSA keys, hashing (SHA-1) is normally used instead of encryption to identify the (value of the) key.

In software you can simply create a block containing only zero’s and then perform ECB encryption or CBC encryption with an IV set to all zero’s. Then take x bytes as the KCV. The number of bytes in the KCV depends on the standard used. If you use less than 3 bytes you may run into keys with the same value even by accident.

Note that a KCV does leak a bit of information; it shows what a ciphertext encryption a block of all zero’s looks like. If you perform CBC encryption with a random IV, that should not matter much.

Lets keep in line with RobIII: source (note: FTP)