Data Encryption Standard (DES)

Contributor(s): Michael Cobb, Laura Biasci, Lyne Granum, and Frank Rundatz

The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.

DES works by using the same key to encrypt and decrypt a message, so both the sender and the receiver must know and use the same private key. Once the go-to, symmetric-key algorithm for the encryption of electronic data, DES has been superseded by the more secure Advanced Encryption Standard (AES) algorithm.

Originally designed by researchers at IBM in the early 1970s, DES was adopted by the U.S. government as an official Federal Information Processing Standard (FIPS) in 1977 for the encryption of commercial and sensitive yet unclassified government computer data. It was the first encryption algorithm approved by the U.S. government for public disclosure. This ensured that DES was quickly adopted by industries such as financial services, where the need for strong encryption is high. The simplicity of DES also saw it used in a wide variety of embedded systems, smart cards, SIM cards and network devices requiring encryption like modems, set-top boxes and routers.

DES key length and brute-force attacks

The Data Encryption Standard is a block cipher, meaning a cryptographic key and algorithm are applied to a block of data simultaneously rather than one bit at a time. To encrypt a plaintext message, DES groups it into 64-bit blocks. Each block is enciphered using the secret key into a 64-bit ciphertext by means of permutation and substitution. The process involves 16 rounds and can run in four different modes, encrypting blocks individually or making each cipher block dependent on all the previous blocks. Decryption is simply the inverse of encryption, following the same steps but reversing the order in which the keys are applied. For any cipher, the most basic method of attack is brute force, which involves  trying each key until you find the right one. The length of the key determines the number of possible keys -- and hence the feasibility -- of this type of attack. DES uses a 64-bit key, but eight of those bits are used for parity checks, effectively limiting the key to 56-bits. Hence, it would take a maximum of 2^56, or 72,057,594,037,927,936, attempts to find the correct key.

Even though few messages encrypted using DES encryption are likely to be subjected to this kind of code-breaking effort, many security experts felt the 56-bit key length was inadequate even before DES was adopted as a standard. (There have always been suspicions that interference from the NSA weakened IBM's original algorithm). Even so, DES remained a trusted and widely used encryption algorithm through the mid-1990s. However, in 1998, a computer built by the Electronic Frontier Foundation (EFF) decrypted a DES-encoded message in 56 hours. By harnessing the power of thousands of networked computers, the following year EFF cut the decryption time to 22 hours.

Apart from providing backwards compatibility in some instances, reliance today upon DES for data confidentiality is a serious security design error in any computer system and should be avoided. There are much more secure algorithms available, such as AES. Much like a cheap suitcase lock, DES will keep the contents safe from honest people, but it won't stop a determined thief.

Successors to DES

Encryption strength is directly tied to key size, and 56-bit key lengths have become too small relative to the processing power of modern computers. So in 1997, the National Institute of Standards and Technology (NIST) announced an initiative to choose a successor to DES; in 2001, it selected the Advanced Encryption Standard as a replacement. The Data Encryption Standard (FIPS 46-3) was officially withdrawn in May 2005, though Triple DES (3DES) is approved through 2030 for sensitive government information. 3DES performs three iterations of the DES algorithm; if keying option number one is chosen, a different key is used each time to increase the key length to 168 bits. However, due to the likelihood of a meet-in-the-middle attack, the effective security it provides is only 112 bits. 3DES encryption is obviously slower than plain DES.

Legacy of DES

Despite having reached the end of its useful life, the arrival of the Data Encryption Standard served to promote the study of cryptography and the development of new encryption algorithms. Until DES, cryptography was a dark art confined to the realms of military and government intelligence organizations. The open nature of DES meant academics, mathematicians and anyone interested in security could study how the algorithm worked and try to crack it. As with any popular and challenging puzzle, a craze -- or in this case, a whole industry -- was born.


This was last updated in November 2014

Continue Reading About Data Encryption Standard (DES)

Dig Deeper on Disk and file encryption tools