Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Data Encryption Standard
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{short description|Early unclassified symmetric-key block cipher}} {{Infobox block cipher | name = Data Encryption Standard | image = [[File:Data_Encription_Standard_Flow_Diagram.svg|300px|center]] | caption = The Feistel function (F function) of DES | designers = [[IBM]] | publish date = 1975 (Federal Register) (standardized in January 1977) | derived from = [[Lucifer (cipher)|Lucifer]] | derived to = [[Triple DES]], [[G-DES]], [[DES-X]], [[LOKI89]], [[ICE (cipher)|ICE]] | key size = 56 bits | block size = 64 bits | structure = Balanced [[Feistel network]] | rounds = 16 | cryptanalysis = DES has been considered unsecure right from the start because of the feasibility of [[brute-force attack]]s.<ref name="dh-exh"/> Such attacks have been demonstrated in practice (see [[EFF DES cracker]]) and are now available on the market as a service. As of 2008, the best analytical attack is [[linear cryptanalysis]], which requires 2<sup>43</sup> [[known plaintext]]s and has a time complexity of 2<sup>39β43</sup> (Junod, 2001).}} The '''Data Encryption Standard''' ('''DES''' {{IPAc-en|Λ|d|iΛ|Λ|iΛ|Λ|Ι|s|,_|d|Ι|z}}) is a [[symmetric-key algorithm]] for the [[encryption]] of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of [[cryptography]]. Developed in the early 1970s at [[IBM]] and based on an earlier design by [[Horst Feistel]], the algorithm was submitted to the [[National Bureau of Standards]] (NBS) following the agency's invitation to propose a candidate for the protection of sensitive, unclassified electronic government data. In 1976, after consultation with the [[National Security Agency]] (NSA), the NBS selected a slightly modified version (strengthened against [[differential cryptanalysis]], but weakened against [[brute-force attack]]s), which was published as an official [[Federal Information Processing Standard]] (FIPS) for the United States in 1977.<ref name=":3" /> The publication of an NSA-approved encryption standard led to its quick international adoption and widespread academic scrutiny. Controversies arose from [[classified information|classified]] design elements, a relatively short [[key length]] of the [[symmetric-key algorithm|symmetric-key]] [[block cipher]] design, and the involvement of the NSA, raising suspicions about a [[backdoor (computing)|backdoor]]. The [[S-box]]es that had prompted those suspicions were designed by the NSA to address a vulnerability they secretly knew ([[differential cryptanalysis]]). However, the NSA also ensured that the key size was drastically reduced so that they could break the cipher by brute force attack.<ref name=":3">{{cite web |url=https://www.schneier.com/blog/archives/2004/10/the_legacy_of_d.html |website=www.schneier.com |date=October 6, 2004 |title=The Legacy of DES - Schneier on Security}}</ref>{{fv|date=September 2024|reason=Schneier doesn't seem to claim, explicitly or otherwise, that the NSA's tweaks weakened the cipher enough so that they could brute force it at the time.}} The intense academic scrutiny the algorithm received over time led to the modern understanding of block ciphers and their [[cryptanalysis]]. DES is insecure due to the relatively short [[56-bit encryption|56-bit key size]]. In January 1999, [[distributed.net]] and the [[Electronic Frontier Foundation]] collaborated to publicly break a DES key in 22 hours and 15 minutes (see {{Section link|2=Chronology|nopage=y}}). There are also some analytical results which demonstrate theoretical weaknesses in the cipher, although they are infeasible in practice{{citation needed|date=April 2025}}. DES has been withdrawn as a standard by the [[National Institute of Standards and Technology|NIST]].<ref name="Lazo" /> Later, the variant [[Triple DES]] was developed to increase the security level, but it is considered insecure today as well. DES has been superseded by the [[Advanced Encryption Standard]] (AES). Some documents distinguish between the DES standard and its algorithm, referring to the algorithm as the '''DEA''' ('''Data Encryption Algorithm''').
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)