Data Encryption Standard
The Data Encryption Standard (DES) is a method of encryption that became widely used in the United States from the late 1970s until the early 2000s. Originally developed from IBM's LUCIFER cipher, DES was modified for both commercial and government use, featuring a 56-bit key for encryption and decryption. Although it was considered secure for decades, advancements in computing power raised concerns about its vulnerability to brute force attacks. By the end of the twentieth century, researchers estimated that powerful computers could crack DES encryption in just a few days. To enhance security, Triple DES was introduced, which applied the encryption process three times with three separate keys, though it was still seen as inadequate for highly classified information. In response to the need for stronger encryption, a competition was held, resulting in the selection of the Rijndael algorithm in 2001, which was subsequently renamed the Advanced Encryption Standard (AES). AES is recognized for its speed and security, making it a preferred choice for securing sensitive digital communications today.
On this Page
Data Encryption Standard
Data Encryption Standard (DES) is a style of encryption that was common within the United States for several decades. Its use was legally mandated in several important economic fields. Despite its widespread use, the National Security Agency (NSA) recommended that the standard be changed to the Advanced Encryption Standard (AES) at the beginning of the twenty-first century. Encryption is necessary for all forms of secure digital communication. This includes monetary transactions, government communications, or other sensitive information. Even if a hacker manages to steal encrypted data, they likely will be unable to decipher the data without a specialized decryption key.
Background
People have attempted to hide communications from others for as long as writing has existed. Various codes and ciphers have been developed throughout history, and each has a secret key that allows certain individuals to understand their contents. For example, the ancient Greeks used parchment strips wrapped around a unique cylinder to encode their messages. To be legible, the parchment had to be wound around the cylinder. Without it, the message would not make sense. The ancient Romans also developed codes to make their letters illegible to anyone who was not supposed to read them. Their cipher involved substituting letters for other letters, making their messages appear to be nonsense.
As commercial and personal computer programming developed, software engineers realized that it would become necessary to keep some computer data secret while retaining the ability to transfer the information from one machine to another. They developed a special type of cipher utilized only by computers. The engineers called this process encryption.
In the 1960s, International Business Machines Corporation (IBM), a leading computer manufacturer, had its engineers work on encryption. Over time, they created the revolutionary LUCIFER cipher. Unlike its predecessors, LUCIFER encrypted data in blocks instead of one bit a time. It put information through several rounds of "confusion," during which the data was scrambled.
Encryption functions by jumbling data. In some cases, it scrambles computer code, and in others, it scrambles the text itself. Encryption programs scatter information according to a specific pattern. It then records this pattern and provides it to the user in the form of a key. Encryption keys are necessary to retrieve encrypted information. If an encryption key is lost, the information is typically not retrievable. This is why computer viruses called ransomware are so powerful. Ransomware forcibly encrypts specific information on a computer and then holds it ransom until a person pays for a decryption key. Without the key, the information is lost. However, no guarantee exists that paying a hacker will result in the delivery of the decryption key, so the data may be lost anyway.
Overview
In the 1970s, IBM decided to release LUCIFER commercially. At the same time, the US government called for a universal encryption standard to be used to test and rank all other forms of encryption. IBM's LUCIFER was chosen. However, it needed a variety of modifications to make it suitable for both commercial sales and its new role in government cybersecurity. The National Security Agency (NSA) volunteered several software engineers to aid in the transition. Once accepted, this newer version of LUCIFER was renamed the Data Encryption Standard (DES).
DES differs from LUCIFER in a variety of ways. For example, while LUCIFER could encrypt and decrypt using a 128-bit key, DES could only work with a 56-bit key. Many security experts worried that this shift would make it easier for hackers to break the encryption with a method called brute force attacks. A brute force attack is a type of trial-and-error method used to guess encryption. However, DES remained secure for decades. Additionally, DES contained several unexplained modifications from the NSA. It was later revealed that the NSA was securing the encryption against types of cyberattacks that were not yet public knowledge.
DES was considered a secure form of encryption until the end of the twentieth century. At that point, it was revealed that a powerful computer could take three days of processing to break the encryption created by DES without having any part of the key. However, as personal computers and supercomputers grew more powerful, this timeframe was rapidly decreasing. Software engineers who favored DES attempted to prolong its use with the creation of Triple DES. Triple DES encrypts the data three separate times, generating three different keys. All of these keys are necessary to unlock the data, effectively tripling the length of time necessary to break the encryption.
Despite the extra security provided by Triple DES, government researchers and academics decided that the standard level of national encryption needed to be revised and strengthened. While DES and Triple DES were still acceptable for nonclassified information, a new form of encryption that was considered virtually unbreakable was needed for sensitive classified information.
Software engineers created a contest similar to the one that was used to create DES. They challenged engineers to come forward with their best form of encryption. The contest ended on November 26, 2001, when an encryption algorithm called Rijndael, created by Vincent Rijmen and Joan Daemen, was selected as the winner. Rijndael was very fast, making it suitable for encrypting large chunks of data in a short time. If necessary, it could be used to encrypt the same data multiple times, much like DES. Most importantly, Rijndael created a more secure form of encryption than DES. After the conclusion of the contest, Rijndael was renamed the Advanced Encryption Standard (AES).
Bibliography
"Encryption - F.A.Q." Stanford University, cs.stanford.edu/people/eroberts/cs181/projects/1995-96/clipper-chip/encyptfaq.html. Accessed 5 May 2017.
Franciscus, Zainul. "What Is Encryption, and How Does It Work?" How-To Geek, 5 Nov. 2010, www.howtogeek.com/howto/33949/htg-explains-what-is-encryption-and-how-does-it-work. Accessed 5 May 2017.
"History of DES." University of Missouri—St Louis, www.umsl.edu/~siegelj/information‗theory/projects/des.netau.net/des%20history.html. Accessed 5 May 2017.
"Kerberos Encryption Types." Pennsylvania State University, www.identity.psu.edu/services/authentication-services/kerberos/kerberos-encryption-types. Accessed 5 May 2017.
"MIT Kerberos Documentation." Massachusetts Institute of Technology, web.mit.edu/kerberos/krb5-devel/doc/admin/enctypes.html. Accessed 5 May 2017.
Shelton, Barry K., and Chris R. Johnson. "A Brief History of Encryption." TechNewsWorld, 19 July 2010, www.technewsworld.com/story/70437.html. Accessed 5 May 2017.
Titcomb, James. "What Is Encryption, How Does It Work and What Apps Use It?" Telegraph, 29 Mar. 2017, www.telegraph.co.uk/technology/0/encryption-should-using. Accessed 5 May 2017.
Waddell, Robert. "Lucifer Cypher." Rochester Institute of Technology, www.cs.rit.edu/~ark/fall2012/482/team/u5/report.pdf. Accessed 5 May 2017.