Editing Data Encryption Standard (section)

=== The algorithm as a standard ===
Despite the criticisms, DES was approved as a federal standard in November 1976, and published on 15 January 1977 as [[Federal Information Processing Standard|FIPS]] PUB 46, authorized for use on all unclassified data. It was subsequently reaffirmed as the standard in 1983, 1988 (revised as FIPS-46-1), 1993 (FIPS-46-2), and again in 1999 (FIPS-46-3), the latter prescribing "[[Triple DES]]" (see below). On 26 May 2002, DES was finally superseded by the Advanced Encryption Standard (AES), following [[Advanced Encryption Standard process|a public competition]]. On 19 May 2005, FIPS 46-3 was officially withdrawn, but [[NIST]] has approved [[Triple DES]] through the year 2030 for sensitive government information.<ref name=SP800-67>[[National Institute of Standards and Technology]], [http://csrc.nist.gov/publications/nistpubs/800-67-Rev1/SP-800-67-Rev1.pdf NIST Special Publication 800-67 ''Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher'', Version 1.1]</ref>

The algorithm is also specified in [[ANSI]] X3.92 (Today X3 is known as [[INCITS]] and ANSI X3.92 as ANSI [[INCITS]] 92),<ref>[[American National Standards Institute]], ANSI X3.92-1981 (now known as ANSI [[INCITS]] 92-1981)''American National Standard, Data Encryption Algorithm''</ref> NIST SP 800-67<ref name=SP800-67/> and ISO/IEC 18033-3<ref>{{cite web|url=http://www.iso.org/iso/iso_catalogue/catalogue_ics/catalogue_detail_ics.htm?csnumber=54531 |title=ISO/IEC 18033-3:2010 Information technology—Security techniques—Encryption algorithms—Part 3: Block ciphers |publisher=Iso.org |date=2010-12-14 |access-date=2011-10-21}}</ref> (as a component of [[TDEA]]).

Another theoretical attack, linear cryptanalysis, was published in 1994, but it was the [[Electronic Frontier Foundation]]'s [[EFF DES cracker|DES cracker]] in 1998 that demonstrated that DES could be attacked very practically, and highlighted the need for a replacement algorithm. These and other methods of [[cryptanalysis]] are discussed in more detail later in this article.

The introduction of DES is considered to have been a catalyst for the academic study of cryptography, particularly of methods to crack block ciphers. According to a NIST retrospective about DES,
:The DES can be said to have "jump-started" the nonmilitary study and development of encryption algorithms. In the 1970s there were very few cryptographers, except for those in military or intelligence organizations, and little academic study of cryptography. There are now many active academic cryptologists, mathematics departments with strong programs in cryptography, and commercial [[information security]] companies and consultants. A generation of cryptanalysts has cut its teeth analyzing (that is, trying to "crack") the DES algorithm. In the words of cryptographer [[Bruce Schneier]],<ref>Bruce Schneier, Applied Cryptography, Protocols, Algorithms, and Source Code in C, Second edition, John Wiley and Sons, New York (1996) p. 267</ref> "DES did more to galvanize the field of cryptanalysis than anything else. Now there was an algorithm to study." An astonishing share of the open literature in cryptography in the 1970s and 1980s dealt with the DES, and the DES is the standard against which every [[symmetric key algorithm]] since has been compared.<ref>William E. Burr, "Data Encryption Standard", in NIST's anthology "A Century of Excellence in Measurements, Standards, and Technology: A Chronicle of Selected NBS/NIST Publications, 1901–2000.  [http://nvl.nist.gov/pub/nistpubs/sp958-lide/html/250-253.html HTML] {{Webarchive|url=https://web.archive.org/web/20090619181704/http://nvl.nist.gov/pub/nistpubs/sp958-lide/html/250-253.html |date=2009-06-19 }} [http://nvl.nist.gov/pub/nistpubs/sp958-lide/250-253.pdf PDF] {{Webarchive|url=https://web.archive.org/web/20060823131553/http://nvl.nist.gov/pub/nistpubs/sp958-lide/250-253.pdf |date=2006-08-23 }}</ref>