The use of 3DES in DeepSeek's iOS app and AES-256 encryption used by Make.com (assuming this is the case, as specific information about Make.com's encryption is not provided in the search results) highlights significant differences in security practices and encryption standards.
3DES in DeepSeek
DeepSeek's use of 3DES is problematic for several reasons:
- Insecure Algorithm: 3DES is a deprecated encryption algorithm that was officially deprecated in 2016 due to its vulnerabilities, such as being susceptible to differential and linear cryptanalysis[3][4].
- Key Length and Security: Although 3DES can use key lengths of up to 168 bits (three 56-bit keys), its effective security is much lower than AES. For instance, a 168-bit 3DES key has an effective security of about 112 bits, which is significantly weaker than AES-256[3][6].
- Hardcoded Keys: DeepSeek uses hardcoded encryption keys, which means every user's data is encrypted with the same key. This is a major security risk because if the key is compromised, all user data can be decrypted[1][4].
- Initialization Vector Issues: The app also reuses initialization vectors (IVs) and uses a NIL IV, which further weakens the encryption by making it easier for attackers to exploit patterns in the encrypted data[1][7].
AES-256 Encryption
AES-256 encryption, on the other hand, is considered highly secure and is widely used in applications requiring strong data protection:
- Security and Key Length: AES-256 uses a 256-bit key, which provides an extremely large key space, making it virtually uncrackable with current computing power[5][8].
- Encryption Process: AES operates on a substitution-permutation network, which is more secure than the Feistel network used by DES and 3DES. This structure provides strong resistance against various types of attacks[8][9].
- Speed and Efficiency: AES is generally faster than 3DES, especially in software implementations, due to its simpler and more efficient encryption process[3].
Comparison
In summary, the use of AES-256 encryption by Make.com (if applicable) would offer significantly better security compared to DeepSeek's use of 3DES. AES-256 provides a much larger key space, stronger resistance to attacks, and faster encryption processes, making it the preferred choice for protecting sensitive data. In contrast, DeepSeek's reliance on 3DES with hardcoded keys and other implementation flaws poses serious security risks for user data.
Additionally, DeepSeek's practice of sending sensitive data unencrypted and disabling App Transport Security further exacerbates these risks, whereas AES-256 encryption ensures that data remains confidential and secure during transmission and storage[4][7].
Citations:
[1] https://www.nowsecure.com/blog/2025/02/06/nowsecure-uncovers-multiple-security-and-privacy-flaws-in-deepseek-ios-mobile-app/
[2] https://stackoverflow.com/questions/992019/java-256-bit-aes-password-based-encryption
[3] http://article.nadiapub.com/IJSIA/vol9_no7/21.pdf
[4] https://appleinsider.com/articles/25/02/07/deepseeks-ios-app-sends-unencrypted-data-to-chinese-servers
[5] https://www.kiteworks.com/risk-compliance-glossary/aes-256-encryption/
[6] https://crypto.stackexchange.com/questions/24210/128-bit-3des-key-and-aes-key-whats-the-difference
[7] https://thehackernews.com/2025/02/deepseek-app-transmits-sensitive-user.html
[8] https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
[9] https://www.tutorialspoint.com/difference-between-aes-and-des-ciphers
[10] https://www.cybersecurityintelligence.com/blog/deepseek-exposes-sensitive-data-8245.html
[11] https://www.ubiqsecurity.com/128bit-or-256bit-encryption-which-to-use/
[12] https://www.reddit.com/r/networking/comments/59nnk6/3des_vs_aes_for_ipsec/