Mastercard, Visa, and several other organizations use 3DES to encrypt and decrypt credit card data. The sweet32 attack placed 3DES in the spotlight, but how fragile is 3DES for a very small amount of info, like 16 digit string (the card number) + 3 digit string (the CVV) + 4 digit string (month/year of expiration)?
How susceptible is it to brute force, dictionary or collision attacks?
There are three main issues with 3DES that an application needs to be aware of:
Small block size – 3DES has a small 64-bit block size. When encrypting non-negligible amounts of data with a single key, a small block size makes the Sweet32 attack possible.
Meet-in-the-middle attack – Due to its construction, the effective strength is reduced from 168 bits to 112 bits by virtue of a generic attack called meet-in-the-middle.
Inefficiency – DES itself is not very fast, and 3DES is three times slower.
When encrypting a very small amount of data, 3DES is sufficiently secure if one does not need a high performance cipher or a security level above 112 bits. Its use in smart cards is not an issue. Some smart cards use much weaker ciphers, or ciphers with even smaller block sizes (e.g. Simon32/64).
To answer your individual questions:
How susceptible is it to brute force
It provides a 2168 security against naïve brute force, and 2112 against brute force augmented with a meet-in-the-middle attack. This is generally sufficient.
dictionary
The key is not derived from a human-generated passphrase, so dictionary attacks do not apply.
or collision attacks?
Collision attacks are usually an issue with hash functions, not block ciphers, although the Sweet32 attack can be considered a type of collision attack. The small block size does make collision attacks possible, but only if a large amount of data is encrypted with a given key.
