1975 (Federal Register) (standardized in January 1977)
Derived from
Lucifer
Successors
Triple DES, G-DES, DES-X, LOKI89, ICE
Cipher detail
Key sizes
56 bits
Block sizes
64 bits
Structure
Balanced Feistel network
Rounds
16
Best public cryptanalysis
DES has been considered unsecure right from the start because of the feasibility of brute-force attacks.[1] Such attacks have been demonstrated in practice (see EFF DES cracker) and are now available on the market as a service. As of 2008, the best analytical attack is linear cryptanalysis, which requires 243 known plaintexts and has a time complexity of 239–43 (Junod, 2001).
The Data Encryption Standard (DES/ˌdiːˌiːˈɛs,dɛz/) is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cryptography.
Developed in the early 1970s at IBM and based on an earlier design by Horst Feistel, the algorithm was submitted to the National Bureau of Standards (NBS) following the agency's invitation to propose a candidate for the protection of sensitive, unclassified electronic government data. In 1976, after consultation with the National Security Agency (NSA), the NBS selected a slightly modified version (strengthened against differential cryptanalysis, but weakened against brute-force attacks), which was published as an official Federal Information Processing Standard (FIPS) for the United States in 1977.[2]
The publication of an NSA-approved encryption standard led to its quick international adoption and widespread academic scrutiny. Controversies arose from classified design elements, a relatively short key length of the symmetric-key block cipher design, and the involvement of the NSA, raising suspicions about a backdoor. The S-boxes that had prompted those suspicions were designed by the NSA to remove a backdoor they secretly knew (differential cryptanalysis). However, the NSA also ensured that the key size was drastically reduced so that they could break the cipher by brute force attack.[2] The intense academic scrutiny the algorithm received over time led to the modern understanding of block ciphers and their cryptanalysis.
DES is insecure due to the relatively short 56-bit key size. In January 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes (see § Chronology). There are also some analytical results which demonstrate theoretical weaknesses in the cipher, although they are infeasible in practice. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. This cipher has been superseded by the Advanced Encryption Standard (AES). DES has been withdrawn as a standard by the National Institute of Standards and Technology.[3]
Some documents distinguish between the DES standard and its algorithm, referring to the algorithm as the DEA (Data Encryption Algorithm).
^Cite error: The named reference dh-exh was invoked but never defined (see the help page).
^ ab"The Legacy of DES - Schneier on Security". www.schneier.com. October 6, 2004.
^Cite error: The named reference Lazo was invoked but never defined (see the help page).
and 26 Related for: Data Encryption Standard information
The DataEncryptionStandard (DES /ˌdiːˌiːˈɛs, dɛz/) is a symmetric-key algorithm for the encryption of digital data. Although its short key length of...
Advanced EncryptionStandard (AES), also known by its original name Rijndael (Dutch pronunciation: [ˈrɛindaːl]), is a specification for the encryption of electronic...
cryptography, the International DataEncryption Algorithm (IDEA), originally called Improved Proposed EncryptionStandard (IPES), is a symmetric-key block...
was markedly more open and transparent than its predecessor, the DataEncryptionStandard (DES). This process won praise from the open cryptographic community...
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext...
attract a large amount of cryptanalysis. DataEncryptionStandard (DES, now obsolete) Advanced EncryptionStandard (AES) RSA the original public key algorithm...
Transparent DataEncryption (often abbreviated to TDE) is a technology employed by Microsoft, IBM and Oracle to encrypt database files. TDE offers encryption at...
Homomorphic encryption is a form of encryption that allows computations to be performed on encrypted data without first having to decrypt it. The resulting...
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing...
transparent process for replacing the outdated DataEncryptionStandard (DES) by an Advanced EncryptionStandard (AES). Cybersecurity policy expert Susan Landau...
This article details the various tables referenced in the DataEncryptionStandard (DES) block cipher. All bits and bytes are arranged in big endian order...
Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may...
commercial encryption on the rapidly growing field of wired money transfer. The U.S. Government's introduction of the DataEncryptionStandard in 1975 meant...
the original on 2003-12-04. Description: The RSA encryption method. The first public-key encryption method. Shamir, A. (November 1979). "How to share...
cyberattack or a data breach. Disk encryption refers to encryption technology that encrypts data on a hard disk drive. Disk encryption typically takes...
volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for...
cipher was selected in 1974 as the base for what would become the DataEncryptionStandard. Lucifer's key length was reduced from 128 bits to 56 bits, which...
JSON Web Encryption (JWE) is an IETF standard providing a standardised syntax for the exchange of encrypted data, based on JSON and Base64. It is defined...
including the US DataEncryptionStandard, the Soviet/Russian GOST and the more recent Blowfish and Twofish ciphers. In a Feistel cipher, encryption and decryption...
ciphers and hash functions, including a theoretical weakness in the DataEncryptionStandard (DES). It was noted by Biham and Shamir that DES was surprisingly...
include the commonly used AES (Advanced EncryptionStandard) which replaced the older DES (DataEncryptionStandard). Insecure symmetric algorithms include...
Disk encryption is a special case of data at rest protection when the storage medium is a sector-addressable device (e.g., a hard disk). This article presents...
unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume...