Data Encryption Standard: Difference between revisions
imported>Howard C. Berkowitz (New page: Now considered obsolescent, the '''Data Encryption Standard (DES)''' was issued in 1976 by the U.S. government, for use with sensitive but unclassified data. Used in its original form, it ...) |
imported>Howard C. Berkowitz No edit summary |
||
Line 1: | Line 1: | ||
{{subpages}} | |||
{{TOC-right}} | |||
Now considered obsolescent, the '''Data Encryption Standard (DES)''' was issued in 1976 by the U.S. government, for use with sensitive but unclassified data. Used in its original form, it is vulnerable to [[brute force]] attacks, <ref name=EFFcrack>{{citation | Now considered obsolescent, the '''Data Encryption Standard (DES)''' was issued in 1976 by the U.S. government, for use with sensitive but unclassified data. Used in its original form, it is vulnerable to [[brute force]] attacks, <ref name=EFFcrack>{{citation | ||
| url=http://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_descracker_pressrel.html | | url=http://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_descracker_pressrel.html |
Revision as of 11:53, 7 September 2008
Template:TOC-right
Now considered obsolescent, the Data Encryption Standard (DES) was issued in 1976 by the U.S. government, for use with sensitive but unclassified data. Used in its original form, it is vulnerable to brute force attacks, Cite error: Closing </ref>
missing for <ref>
tagEven when used in some stronger implementations such as triple DES, it still has a vulnerability against the technique of differential cryptanalysis, although its practical use against commercial traffic may not be a matter of enormous concern.
The DES software definition was issued as Federal Standard 1026 (FED-STD-1026), and simultaneously as Federal Information Processing Standard (FIPS) 46, for which several updates and enhancements were issued. It is less well known that FED-STD-1027, which was openly written by the National Security Agency, was issued simultaneously, and specified secure physical packaging for DES encryptors; those mechanical and electrical standards still are useful for stronger methods of encryption.
In 1998, DES was replaced, for for U.S. government use by the much stronger Advanced Encryption System (AES). While DES was never intended for classified information, although it was approved for such use in some specific cases, AES, with keys produced by NSA, may be used for classified traffic, as well as unclassified traffic. AES was selected in an open process, but its algorithm is public.[1]
DES history and controversy
It is a block cipher invented by IBM Corporation researchers, with the code name "Lucifer". In the submission of proposals to the U.S. government, IBM proposed a 64-bit key, but, on NSA recommendation, the key length was reduced to 56 bits. There was much controversy about the reduction in key length being made not to interfere with NSA cryptanalysis of DES. NSA also required that the mathematical theory used for certain parts of the DES processing, called "S-boxes", be classified.
While the U.S. Senate Intelligence Committee's independent experts concluded that NSA was not creating a back door, NSA did have a reason that surfaced in the 1980s: deep understanding of DES revealed the technique of differential cryptanalysis, considered much more sensitive that DES itself.
Technology
Specifically, DES is a member of the class of Feistel ciphers.
References
- ↑ Burr, William E., (U.S.) National Institutes of Standards and Technology