Data Encryption Standard (or DES according to AbbreviationFinder) is an encryption standard, ie an algorithm or method for encrypting data or information, originally developed by IBM at the request of the NBS (of the English National Bureau of Standard, Office National Standardization, now called NIST, of the English National Institute of Standards and Technology, National Institute of Standardization and Technology) of the United States and later modified and adopted by the government of that same country in 1977 as the encryption standard for all sensitive unclassified information.
This encryption standard is widely used throughout the world, despite the discrepancies that exist regarding its use, due to some criteria regarding the short length of its key, and suspicions of a back door or back door. This algorithm is also known as DEA (Data Encryption Algorithm) and in recent years it has been replaced by AES (Advanced Encryption Standard).
The 15 of maypole of 1973, the NBS today called NIST, called on the Federal Register for creating an algorithm of encryption that meets the following requirements:
- Offer a high level of security related to a small key used for encryption and decryption.
- Be understandable.
- Do not depend on the confidentiality of the algorithm.
- Be adaptable and affordable.
- Be efficient and exportable.
The 27 of August of 1974, IBM proposed ” Lucifer “, an algorithm developed between 1973 and 1974, and developed by Horst Feistel, thanks to the NSA (National Security Agency, Agency National Security) was amended on 23 of November of 1976, becoming DES. DES was approved by the NBS in 1978. DES was standardized by the ANSI (American National Standard Institute) under the name of ANSI X3.92, better known as DEA (Data Encrytion Algorithm, Data Encryption Algorithm).
The IBM team dedicated to the design and analysis of this algorithm consisted of Feistel, Walter Tuchman, Don Coppersmith, Alan Conheim, Carl Meyer, Mike Matyas, Roy Adler, Edna Grossman, Bill Notz, Lynn Smith, and Bryant Tuckerman.
In 1980, NIST standardized the different modes of operation of the algorithm. It worked on 128- bit blocks, the key having the same length. It was based on Boolean logical operations and could be easily implemented, both in software and hardware.
DES working principle
It is a 64-bit block symmetric cipher, of which 8 bits (one byte) are used as a parity check (to verify the integrity of the key). Each of the parity key bits (1 every 8 bits) is used to control one of the key bytes for odd parity, that is, each of the parity bits is set to have an odd number of “1” within the byte to which it belongs. Therefore, the key has a “useful” length of 56 bits, that is, only 56 bits are actually used in the algorithm.
The algorithm is responsible for carrying out combinations, substitutions and permutations between the text to be encrypted and the key, ensuring at the same time that the operations can be carried out in both directions (for decryption). The combination of substitutions and permutations is called product cipher.
The key is 64-bit encoded and is made up of 16 4-bit blocks, generally listed k1 through k16. Since “only” 56 bits are used for encryption, there can be up to 256 (or 7.2 * 1016) different keys.
The algorithm as standard
DES was approved as a standard in November 1976 and published on January 15, 1977, authorized for unclassified data use only. In 1983 it was confirmed as a standard, and also in the years 1988, 1993 and 1998, this last year defining TripleDES. In 2002, DES was superseded by the AES advanced encryption standard, although to this day DES continues to be widely used worldwide.
In 1990, Eli Biham and Adi Shamir developed cryptanalysis differential, which looked for pairs of plaintext and pairs of ciphertext. This method works with a maximum of 15 rounds. On the other hand, although a 56-bit key offers a huge number of possibilities, many processors can calculate more than 106 keys per second. Because of this, when a large number of machines are used at the same time, it is possible for a large organism to find the correct key. A short-term solution requires three DES ciphers to be chained using two 56-bit keys (this equates to one 112-bit key). This process is called TripleDES, called TDES (sometimes 3DES or 3-DES). TDES allows you to significantly increase the security of DES, but has the disadvantage of requiring more resources for encryption and decryption. Various types of triple DES encryption are generally recognized:
- DES-EEE3: Triple DES encryption with 3 different keys.
- DES-EDE3: a different key for each of the triple DES operations (encryption, decryption, encryption).
- DES-EEE2 and DES-EDE2: a different key for the second operation (decryption).
The DES encryption system was updated every 5 years. In 2000, during its last review and after a 3-year evaluation process, NIST selected as a new standard an algorithm designed jointly by two Belgian candidates, Mr. Vincent Rijmen and Mr. Joan Daemen. The new algorithm, called by its inventors RIJNDAEL is the algorithm called to replace, from now on, DES.