Problem solve Get help with specific problems with your technologies, process and projects.

Storing a DES encryption key

How should I store my DES encryption key?

DES is a fine algorithm and has had the most analysis of any of the commonly used algorithms, but it has the disadvantage of having a small key. A 56 bit key is not considered to be strong security any more, which is the whole reason why the US NIST sponsored the Advanced Encryption Standard (AES).

However, you handle *any* symmetric key the same way that would handle a DES key. So no matter what algorithm you choose, this is what you do:

It matters a great deal on what you're encrypting. If you are encrypting a communications link, for example, you are using what is called an ephemeral key. This is a key that you produce from a random number generator, use it, and throw it away. The important thing to remember is to clear any memory in your program that held the key after you're done with it.

If you are encrypting storage, or files, then you have to keep the key, because you'll need it later. There are a number of ways you can handle this problem.

One is to keep it in a safe place. Smart cards and other secure storage places provide good places to keep keys. Unfortunately, most programs don't have the luxury of secure key storage. (Also, ideally, you'd decrypt the data on your storage device, too.)

Another good way is to produce it from something like a passphrase. This way, you have your user memorize some bit of text that gets transformed into a key that you use. The question then is how to transform some text into a cryptographically strong key.

Fortunately, there's an easy answer to that. That answer is "SHA-1." SHA-1 is a secure hash algorithm. You hand it a block of data and it returns you a 20-byte (160 bit) string that is completely arbitrary and as unique as possible. You then take your key from that hash. Note, however, that when you use DES, the 56-bits are typically taken as 7 bits of each of 8-bytes, not a 7-byte string. Read your library carefully.

One problem with simply hashing a passphrase is what are called dictionary attacks. In a dictionary attack, the attacker takes a common table and tries all of those first. There are a number of ways to fight this.

One is to use something called "salt." Salt is simply some arbitrary bits of data that you hash along with the passphrase. You store the salt in the clear along with your ciphertext. Depending on what you're trying to do, this may be a useful technique for you.

Another related technique is to use an encryption mode such as Cipher Block Chaining (CBC) or Cipher Feed Back (CFB). These modes improve the over all encryption of your data. They use something called an "initialization vector," which is nothing more than arbitrary (but it still should be pretty random) data mixed in with the encryption stream.

For more information on this topic, visit these other SearchSecurity.com resources: Ask the Expert: Encryption above 3-DES
Best Web Links: Encryption


This was last published in October 2001

Dig Deeper on Disk and file encryption tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.