Data Encryption Standard
Home > Security Definitions - Data Encryption Standard
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

Data Encryption Standard

Show me everything on Disk Encryption and File Encryption

DEFINITION - Data Encryption Standard (DES) is a widely-used method of data encryption using a private (secret) key that was judged so difficult to break by the U.S. government that it was restricted for exportation to other countries. There are 72,000,000,000,000,000 (72 quadrillion) or more possible encryption keys that can be used. For each given message, the key is chosen at random from among this enormous number of keys. Like other private key cryptographic methods, both the sender and the receiver must know and use the same private key.

DES applies a 56-bit key to each 64-bit block of data. The process can run in several modes and involves 16 rounds or operations. Although this is considered "strong" encryption, many companies use "triple DES", which applies three keys in succession. This is not to say that a DES-encrypted message cannot be "broken." Early in 1997, Rivest-Shamir-Adleman, owners of another encryption approach, offered a $10,000 reward for breaking a DES message. A cooperative effort on the Internet of over 14,000 computer users trying out various keys finally deciphered the message, discovering the key after running through only 18 quadrillion of the 72 quadrillion possible keys! Few messages sent today with DES encryption are likely to be subject to this kind of code-breaking effort.

DES originated at IBM in 1977 and was adopted by the U.S. Department of Defense. It is specified in the ANSI X3.92 and X3.106 standards and in the Federal FIPS 46 and 81 standards. Concerned that the encryption algorithm could be used by unfriendly governments, the U.S. government has prevented export of the encryption software. However, free versions of the software are widely available on bulletin board services and Web sites. Since there is some concern that the encryption algorithm will remain relatively unbreakable, NIST has indicated DES will not be recertified as a standard and submissions for its replacement are being accepted. The next standard will be known as the Advanced Encryption Standard (AES).

Learn more about Disk Encryption and File Encryption
Quiz: Storage security: Take our quiz to see how much you know about securing data storage.
How to choose full disk encryption for laptop security, compliance: Full disk encryption is becoming a priority for laptop security in midmarket companies because of regulatory compliance and fear of data breaches.
Workstation hard drive encryption: Overdue or overkill?: Brien Posey explains why allowing EFS encryption on the workstation may be doing more harm than good.
Windows BitLocker: Enabling disk encryption for data protection: Contributor Tony Bradley stacks BitLocker up against other encryption alternatives and reveals what Vista's data protection feature can (and can't) do.
Encryption strategies for preventing laptop data leaks: The majority of enterprise notebook computers contain sensitive data. In this tip, expert Lisa Phifer discusses the pros and cons of today's notebook data encryption methods.

CONTRIBUTORS: Laura Biasci, Lyne Granum, and Frank Rundatz
LAST UPDATED: 08 Oct 2009

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- RSA has an excellent FAQ on Cryptography that addresses DES together with other encryption methods and issues.
- SearchSecurity.com has an article that explains in detail Triple DES.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Health Net healthcare data breach affects1.5 million
A lost hard drive contained seven years of patient data including Social Security numbers and medical records of more than a million Health Net...
Heartland CIO is critical of First Data's credit card tokenization plan
First Data Corp. uses RSA software for tokenization, providing a possible threat vector for attackers, says Heartland CIO Steven Elefant.
Heartland CIO on end-to-end encryption, credit card tokenization
In this interview, Heartland CIO Steven Elefant explains Heartland's E3 end-to-end encryption plan and explains how some tokenization plans could...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Advanced Encryption Standard  (SearchSecurity.com)
data key  (SearchSecurity.com)




Get More Data Encryption Standard Answers