Data Encryption Standard (DES) is an encryption method used to scramble data, making it unreadable if intercepted. It was created in the late 1970s and was once the US National Standard for encrypting sensitive government information. Due to vulnerabilities in DES, the US made the Advanced Encryption Standard (AES) the National standard in 2001.
So, is DES encryption still strong enough to protect systems and applications? Read on to discover what DES is and if it’s still safe to use it to secure information.
Understanding DES
DES is a block cipher algorithm that uses symmetric key encryption. This means the same key encrypts the plaintext (the message you type) and decrypts the ciphertext (your message after encryption).
Unlike AES which has three options for key length 128-, 192-, and 256 bits, DES is fixed at 56 bits. While the short key length makes DES faster it’s less secure than newer encryption methods.
It was cracked in 1998 by several network-connected standard computers. In 2001, the US Government adopted the AES to secure sensitive data. DES was officially retired as a form of secure encryption in 2005, though it’s still used in several applications.
How Does DES Work?
In DES the encryption process has five stages: key generation, initial permutation, splitting, rounds, and final permutation. During key generation, the number order of the original key is scrambled to make it harder to crack. In the second and third stages, the 64-bit plaintext is subjected to the same scrambling and then split into 32-bit halves.
In the fourth stage, each half of the resulting plaintext goes through 16 rounds of substitution and scrambling. Finally, the two halves are combined and scrambled one last time to produce the ciphertext. Decrypting the ciphertext is done by performing the five stages of DES encryption in reverse.
What Is DES Used For?
Some legacy systems still use DES. A legacy system is a computer or networking system developed before encryption methods like AES. These older computers weren’t designed to support the newer encryption methods.
The algorithm, though outdated, is widely understood which means it’s a perfect tool to train future cryptographers on the vulnerabilities and strengths of encryption algorithms.
What Is Triple DES (3DES)?
3DES was created to fix the weak spots in traditional DES. The encryption method includes processing DES blocks three times with two or three unique keys depending on the encryption strength required. Using three unique keys creates 168-bit 3DES, and using two keys generates 112-bit 3DES. The added encryption means 3DES uses more system resources and is slower than traditional DES.
Like DES, it’s vulnerable to brute force attacks. In 2016, 3DES was cracked using a birthday attack – a variation of a brute force attack. 3DES is officially disallowed by NIST and has not been used for any applications created after 2023. The algorithm is still used in legacy systems and for some applications where data has already been encrypted.
What Is AES?
AES is a form of symmetric encryption where text is shuffled and replaced multiple times in linked rounds. If 128 bits of plaintext are provided, the same number of ciphertext bits are created. The amount of plaintext to ciphertext is always equal.
Data is encrypted in 128-, 192-, or 256-bit blocks, and the number of rounds of encryption needed depends on the bit size. Military-grade AES, or 256-bit, undergoes 14 linked rounds, while 128-bit only requires 10. AES encryption is more secure than DES and faster than 3DES, it is also far less vulnerable to brute-force attacks.
| Comparing DES, 3DES, & AES | |||
| Method | DES | 3DES | AES |
| Key Size | 56-bit | 112- or 168-bit | 128-,192-, or 256-bit |
| Block Size | 64-bit | 64-bit | 128-bit |
| NIST Status | Disallowed 2005 | Disallowed 2023 | Allowed |
| Stability | Cracked | Cracked | Secure |
Applications of AES
AES encryption has several applications, besides securing top-secret information for US and International government agencies. Many online apps and services use 128- or 256-bit encryption to protect your traffic as it travels from your device, to their servers, and back again. This includes security suites, e-commerce sites, cloud services, email providers, and VPNs – just to name a few.
Using AES encryption means that even if your online data is intercepted during transmission, the attacker can’t read it. All they get is a jumbled mess of unhackable ciphertext. For example, CyberGhost VPN uses this AES to secure your online traffic and increase the privacy of your network connections.
Is DES Still Safe to Use?
Newer systems and applications that use DES or 3DES can leave you vulnerable to brute-force attacks, but many older systems and applications still use them. While DES can be used, it’s no longer considered strong enough to protect sensitive files and data. If you need secure, unhackable protection AES encryption is a better choice.
FAQs
DES is still used in some US Government standards and legacy systems that don’t support newer forms of encryption, but it has been cracked successfully. Some sites even offer to crack DES for a small fee.
DES was cracked using a system of network-connected computers in the late 1990s, the method is also highly vulnerable to brute-force attacks and has been disallowed by NIST. A disallowed status means DES is no longer considered secure and isn’t recommended for use in systems and applications developed after 2005.
When a VPN like CyberGhost routes your traffic through its servers to hide your IP, it simultaneously scrambles it. VPN encryption secures your traffic by scrambling the data, that way if an attacker does intercept your information they won’t be able to use it.
Data encryption standards are procedures for effectively securing data. The current standard for data security is AES encryption. It has been approved by both the NSA and NIST to protect sensitive information and is currently unhackable.
Three types of encryption standards are DES, 3DES, and AES. DES was the standard for cryptographic protection until 2001. 3DES was one of the best file encryption methods until late 2023 when NIST determined the key length and algorithm it uses are no longer secure.
DES and 3DES are no longer recommended for new systems and applications as they are vulnerable to brute-force attacks. AES encryption is now the new standard for cryptographic protection, and 256-bit AES is considered military-grade because the US Government has adopted it for securing sensitive files.
Leave a comment