What Is DES and 3DES?
DES
The Data Encryption Standard (also known as DES) is a cipher (method of encryption) selected as an official Federal Information Processing Standard (FIPS) for the U.S in 1976, and was subsequently used internationally as a widespread encryption method. The algorithm was initiall controverssial, with classied design elements, a relatively short key length annd suspicions about a National Security Agency (NSA) backdoor. DES consequently came under intense academic scrutinty and motivated the modern understanding of block ciphers and their cryptanalysis.
DES is now Insecure
Des is now insecure for most applications. This is due to the 56-bit key size being too small. DES keys have been broken in less than 24 hours. There are also some results which demonstrate theoretical weaknesses in the cipher itself, although they have not been demonstarted to work in any way (source wikipedia). For some reason or another 3DES is considered secure (a.k.a. triple DES) but there are still theoretical attack methods.
In recent years, the standard cipher has been superseded by the Advanced Encryption Standard (AES).
Designer of DES:
DES - Data Encryption Standard
The Feistel function (F function) of DES
Designer(s): IBM
First published: 1975 (standardized on January 1977)
Derived from: Lucifer
Successor(s): Triple DES, G-DES, DES-X, LOKI89, ICE
Key size(s): 56 bits
Block size(s): 64 bits
Structure: Feistel network
Rounds: 16
Best public cryptanalysis:
DES is now considered insecure because a brute force attack is possible (see EFF DES cracker). As of 2004, the best analytical attack is linear cryptanalysis, which requires 243 known plaintexts and has a time complexity of 239-43 (Junod, 2001); under a chosen-plaintext assumption, the data complexity can be reduced by a factor of four (Knudsen and Mathiassen, 2000).
This article is licensed under the GNU Free Documentation License. It uses material from Wikipedia
Azio’s Computer Log » About: Linear CryptAnalysis said,
October 19, 2006 @ 8:25 pm
[...] History Mitsuru Matsui discovoered linear cryptanalysis methodology , who first applied the technique to the FEAL cipher (Matsui and Yamahgishi) in 1992. Matsui published an attack on the DES algorotihm also, as mentioned in a previous azio.org article:what is DES and 3DES. [...]
saqib ali said,
October 19, 2006 @ 10:13 pm
very good. but why does 3TDES (3 Distinct Keys) has a effective key-length of 112-bit ???
Understanding this is important to understanding why even 3TDES is considered insecure, theoretically
Here is the explanation.
—————-
So, triple DES involves three keys, K1, K2, K3. Write single-DES encryption with a key K and plaintext block x as E(K, x), and decryption as D(K, x). Triple DES encryption is E(K3, D(K2, E(K1, x))).
Suppose you’re given a plaintext block x and corresponding ciphertext y. For each possible K3, compute D(K3, y), and store the result in a table. This takes about 2^56 work, and uses 2^56 blocks of memory.
Now, for each pair K1, K2, compute D(K2, E(K1, x)). If this matches one of the values in the table, find the corresponding K3, and test the whole key against some other plaintext/ciphertext pairs. Continue until you’re done. This step takes no extra memory and requires 2^112 time.
——————–
saqib
http://www.full-disk-encryption.net
azio said,
October 19, 2006 @ 11:56 pm
Hey Saqlib,
Thanks for your response on my blog, I thought I’d reply here and on my blog, Indeed you are correct. I think that what you mean is that the 3TDES has a much likelier chance of collision or success from linear cryptanalysis , and could, in the right circumstances be as insecure as DES, perhaps.
I would add these details to my blog but I think they stand out quite well in your comment!
Best Wishes,
Azio
Keith said,
October 20, 2006 @ 1:09 pm
There are also methods such as BlowFish. In whatsoever, it is always useful to use 3DES rather than DES.
What Is DES and 3DES? « Security News said,
October 16, 2007 @ 4:50 pm
[...] read more | digg story [...]