DES (Data Encryption Standard)

  • 1970: the need of a standard cipher for civilians was identified.

  • 1972: NBS opens a contest for a new cipher, requiring:

    • The cryptographic algorithm must be secure to a high degree.

    • Algorithm details described in an easy-to-understand language.

    • The details of the algorithm must be publicly available.

      • So that anyone could implement it in software or hardware.

    • The security of the algorithm must depend on the key.

      • Not on keeping the method itself (or part of it) secret.

    • The method must be adaptable for use in many applications.

    • Hardware implementations of the algorithm must be practical.

      • i.e. not prohibitively expensive or extremely slow.

    • The method must be efficient.

    • Test and validation under real-life conditions.

    • The algorithm should be exportable.

Proposal and Adoption

  • 1974: new contest

    • Proposal based on Lucifer from IBM.

    • 64-bit blocks.

    • 56-bit keys.

      • 48-bit subkeys (key schedules).

    • Diffusion and confusion.

      • Feistel networks.

      • Permutations, substitutions, expansions, compressions.

      • 16 iterations.

    • Several modes of operation.

      • ECB (Electronic Code Book), CBC (Cypher Block Chaining).

      • OFB (Output Feedback), CFB (Cypher Feedback).

  • 1976: adopted at US as a federal standard

Architecture

Offered Security

Key selection

  • Most 56-bit values are suitable.

  • 4 weak, 12 semi-weak keys, 48 possibly weak keys.

    • Equal key schedules (1, 2 or 4).

    • Easy to spot and avoid.

Known attacks

  • Exhaustive key space search.

Key length

  • 56 bits are actually too few.

  • Exhaustive search is technically possible and economically interesting.

Multiple encryption

  • Double encryption.

    • Theoretically not more secure.

  • Triple DES (3DES).

    • With 2 or 3 keys.

    • Equivalent key length of 112 or 168 bits.

    • Secure but ...slow!

  • DES-X

    • K1 ⊕ DES(K2) ⊕ K3.

    • Total key length = 64 + 56 + 64 = 184 bits.

Last updated