FACTOID # 22: South Dakota has the highest employment ratio in America, but the lowest median earnings of full-time male employees.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Data Encryption Standard
Data Encryption Standard
The Feistel function (F function) of DES
General
Designer(s): IBM
First published: 1975 (standardized on January 1977)
Derived from: Lucifer
Successor(s): Triple DES, G-DES, DES-X, LOKI89, ICE
Cipher detail
Key size(s): 56 bits
Block size(s): 64 bits
Structure: Feistel network
Rounds: 16
Best public cryptanalysis
DES is now considered insecure because a brute force attack is possible (see EFF DES cracker). As of 2004, the best analytical attack is linear cryptanalysis, which requires 243 known plaintexts and has a time complexity of 239–43 (Junod, 2001); under a chosen-plaintext assumption, the data complexity can be reduced by a factor of four (Knudsen and Mathiassen, 2000).

The Data Encryption Standard (DES) is a cipher (a method for encrypting information) selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally. The algorithm was initially controversial, with classified design elements, a relatively short key length, and suspicions about a National Security Agency (NSA) backdoor. DES consequently came under intense academic scrutiny, and motivated the modern understanding of block ciphers and their cryptanalysis. Download high resolution version (640x616, 40 KB)DES F-function, Original diagram for Wikipedia. ... For other uses, see IBM (disambiguation) and Big Blue. ... In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. ... In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ... In cryptography, the Generalized DES Scheme (G-DES or GDES) is a variant of the DES block cipher designed to speed-up the encryption. ... In cryptography, DES-X (or DESX) is a variant on the DES (Data Encryption Standard) block cipher intended to increase the complexity of a brute force attack using a technique called key whitening. ... In cryptography, LOKI89 and LOKI91 are block ciphers designed as possible replacements for the Data Encryption Standard (DES). ... General Designer(s) Matthew Kwan First published 1997 Derived from (DES) Cipher(s) based on this design - Algorithm detail Block size(s) 64 bits Key size(s) 64 bits for ICE, 64n for ICE-n Structure Feistel network Number of rounds 16 for ICE, 8 for Thin-ICE, 16n for... In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break... In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ... In cryptography, a Feistel cipher is a block cipher with a particular structure, named after IBM cryptographer Horst Feistel; it is also commonly known as a Feistel network. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ... The EFFs US$250,000 DES cracking machine contained over 18,000 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips In cryptography, the EFF DES cracker (nicknamed Deep... 2004 is a leap year starting on Thursday of the Gregorian calendar. ... In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ... The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ... This article is about algorithms for encryption and decryption. ... This article is about algorithms for encryption and decryption. ... Federal Information Processing Standards (FIPS) are publicly announced standards developed by the U.S. Federal government for use by all (non-military) government agencies and by government contractors. ... In mathematics, computing, linguistics, and related disciplines, an algorithm is a finite list of well-defined instructions for accomplishing some task that, given an initial state, will terminate in a defined end-state. ... It has been suggested that Information sensitivity be merged into this article or section. ... In cryptography, the key size (alternatively key length) is a measure of the number of possible keys which can be used in a cipher. ... “NSA” redirects here. ... A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication or securing remote access to a computer, while attempting to remain hidden from casual inspection. ... Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ...


DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key size being too small; DES keys have been broken in less than 24 hours. There are also some analytical results which demonstrate theoretical weaknesses in the cipher, although they are infeasible to mount in practice. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. In recent years, the cipher has been superseded by the Advanced Encryption Standard (AES). In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ...


In some documentation, a distinction is made between DES as a standard, and the algorithm, which is referred to as the DEA (the Data Encryption Algorithm). When spoken, "DES" is either spelled out (IPA: /diː iː ɛs/) or pronounced as a single syllable (IPA: /dɛs/).

Contents

History of DES

The origins of DES go back to the early 1970s. In 1972, after concluding a study on the US government's computer security needs, the US standards body NBS (National Bureau of Standards) — now named NIST (National Institute of Standards and Technology) — identified a need for a government-wide standard for encrypting unclassified, sensitive information. Accordingly, on 15 May 1973, after consulting with the NSA, NBS solicited proposals for a cipher that would meet rigorous design criteria. None of the submissions, however, turned out to be suitable. A second request was issued on 27 August 1974. This time, IBM submitted a candidate which was deemed acceptable, a cipher developed during the period 1973–1974 based on an earlier algorithm, Horst Feistel's Lucifer cipher. The team at IBM involved in cipher design and analysis included Feistel, Walter Tuchman, Don Coppersmith, Alan Konheim, Carl Meyer, Mike Matyas, Roy Adler, Edna Grossman, Bill Notz, Lynn Smith, and Bryant Tuckerman. This article describes how security can be achieved through design and engineering. ... NBS can stand for: Nash Bargaining Solution in Economics National Banking System in Economics National Bureau of Standards which is, today, called NIST (National Institute of Standards and Technology). ... As a non-regulatory agency of the United States Department of Commerce’s Technology Administration, the National Institute of Standards (NIST) develops and promotes measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life. ... is the 135th day of the year (136th in leap years) in the Gregorian calendar. ... For the song by James Blunt, see 1973 (song). ... is the 239th day of the year (240th in leap years) in the Gregorian calendar. ... Year 1974 (MCMLXXIV) was a common year starting on Tuesday (link will display full calendar) of the 1974 Gregorian calendar. ... International Business Machines Corporation (IBM, or colloquially, Big Blue) (NYSE: IBM) (incorporated June 15, 1911, in operation since 1888) is headquartered in Armonk, New York, USA. The company manufactures and sells computer hardware, software, and services. ... Horst Feistel (30 January 1915(1)–14 November 1990) was a cryptographer who worked on the design of ciphers at IBM, initiating research that would culminate in the development of the Data Encryption Standard (DES) in the 1970s. ... In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. ... Walter Tuchman led the Data Encryption Standard development team at IBM. He was also responsible for the development of Triple DES. Horst Feistel ‹The stub template below is included via a redirect that has been proposed for deletion. ... Don Coppersmith is a cryptographer and mathematician. ... Edna Grossman is an American mathematician. ... Bryant Tuckerman (November 28, 1915 - May 19, 2002) was an American mathematician, born in Lincoln, Nebraska. ...


NSA's involvement in the design

On March 17, 1975, the proposed DES was published in the Federal Register. Public comments were requested, and in the following year two open workshops were held to discuss the proposed standard. There was some criticism from various parties, including from public-key cryptography pioneers Martin Hellman and Whitfield Diffie, citing a shortened key length and the mysterious "S-boxes" as evidence of improper interference from the NSA. The suspicion was that the algorithm had been covertly weakened by the intelligence agency so that they — but no-one else — could easily read encrypted messages. Alan Konheim (one of the designers of DES) commented, "We sent the S-boxes off to Washington. They came back and were all different."[1] The United States Senate Select Committee on Intelligence reviewed the NSA's actions to determine whether there had been any improper involvement. In the unclassified summary of their findings, published in 1978, the Committee wrote: is the 76th day of the year (77th in leap years) in the Gregorian calendar. ... Year 1975 (MCMLXXV) was a common year starting on Wednesday (link will display full calendar) of the Gregorian calendar. ... The Federal Register contains most routine publications and public notices of United States government agencies. ... A big random number is used to make a public-key pair. ... Martin Hellman - Wikipedia, the free encyclopedia /**/ @import /skins-1. ... Whitfield Diffie Bailey Whitfield Whit Diffie (born June 5, 1944) is a US cryptographer and one of the pioneers of public-key cryptography. ... In cryptography, the key size (alternatively key length) is a measure of the number of possible keys which can be used in a cipher. ... In cryptography, a substitution box (or S-box) is a basic component of symmetric key algorithms. ... The United States Senate Select Committee on Intelligence is dedicated to overseeing the United States Intelligence Community—the agencies and bureaus of the U.S. federal government who provide information and analysis for leaders of the executive and legislative branches. ...

"In the development of DES, NSA convinced IBM that a reduced key size was sufficient; indirectly assisted in the development of the S-box structures; and certified that the final DES algorithm was, to the best of their knowledge, free from any statistical or mathematical weakness."[2]

However, it also found that For other uses, see IBM (disambiguation) and Big Blue. ...

"NSA did not tamper with the design of the algorithm in any way. IBM invented and designed the algorithm, made all pertinent decisions regarding it, and concurred that the agreed upon key size was more than adequate for all commercial applications for which the DES was intended."[3]

Another member of the DES team, Walter Tuchman, is quoted as saying, "We developed the DES algorithm entirely within IBM using IBMers. The NSA did not dictate a single wire!"[4]


Some of the suspicions about hidden weaknesses in the S-boxes were allayed in 1990, with the independent discovery and open publication by Eli Biham and Adi Shamir of differential cryptanalysis, a general method for breaking block ciphers. The S-boxes of DES were much more resistant to the attack than if they had been chosen at random, strongly suggesting that IBM knew about the technique back in the 1970s. This was indeed the case — in 1994, Don Coppersmith published the original design criteria for the S-boxes. According to Steven Levy, IBM Watson researchers discovered differential cryptanalytic attacks in 1974 and were asked by the NSA to keep the technique secret.[5] Coppersmith explains IBM's secrecy decision by saying, "that was because [differential cryptanalysis] can be a very powerful tool, used against many schemes, and there was concern that such information in the public domain could adversely affect national security." Levy quotes Walter Tuchman: "[t]hey asked us to stamp all our documents confidential... We actually put a number on each one and locked them up in safes, because they were considered U.S. government classified. They said do it. So I did it".[6] Shamir himself commented, "I would say that, contrary to what some people believe, there is no evidence of tampering with the DES so that the basic design was weakened."[citation needed] Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... Steven Levy Steven Levy (born 1951) is an American journalist who has written several books on computers, technology, cryptography, the Internet, cybersecurity, and privacy. ...


The other criticism — that the key length was too short — was supported by the fact that the reason given by the NSA for reducing the key length from 64 bits to 56 was that the other 8 bits could serve as parity bits, which seemed somewhat specious.[citation needed] It was widely believed that NSA's decision was motivated by the possibility that they would be able to brute force attack a 56 bit key several years before the rest of the world would.[citation needed] Look up Parity in Wiktionary, the free dictionary Parity is a concept of equality of status or functional equivalence. ... The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ...


The algorithm as a standard

Despite the criticisms, DES was approved as a federal standard in November 1976, and published on 15 January 1977 as FIPS PUB 46, authorized for use on all unclassified data. It was subsequently reaffirmed as the standard in 1983, 1988 (revised as FIPS-46-1), 1993 (FIPS-46-2), and again in 1998 (FIPS-46-3), the latter prescribing "Triple DES" (see below). On 26 May 2002, DES was finally superseded by AES, the Advanced Encryption Standard, following a public competition (see AES process). Even as of 2004, however, DES remains in widespread use. On 19 May 2005, FIPS 46-3 was officially withdrawn, but NIST has approved Triple DES through the year 2030 for sensitive government information. [1] is the 15th day of the year in the Gregorian calendar. ... Also: 1977 (album) by Ash. ... In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ... is the 146th day of the year (147th in leap years) in the Gregorian calendar. ... Also see: 2002 (number). ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ... On January 2, 1997 the National Institute of Standards and Technology, or NIST, called for cryptographers to propose a new standard block cipher for United States Government use in non_classified but sensitive applications. ... 2004 is a leap year starting on Thursday of the Gregorian calendar. ... As a non-regulatory agency of the United States Department of Commerce’s Technology Administration, the National Institute of Standards (NIST) develops and promotes measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life. ... In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ...


Another theoretical attack, linear cryptanalysis, was published in 1994, but it was a brute force attack in 1998 that demonstrated that DES could be attacked very practically, and highlighted the need for a replacement algorithm. These and other methods of cryptanalysis are discussed in more detail later in the article. In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ... The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ...


The introduction of DES is considered to have been a catalyst for the academic study of cryptography, particularly of methods to crack block ciphers. According to a NIST retrospective about DES,

The DES can be said to have "jump started" the nonmilitary study and development of encryption algorithms. In the 1970s there were very few cryptographers, except for those in military or intelligence organizations, and little academic study of cryptography. There are now many active academic cryptologists, mathematics departments with strong programs in cryptography, and commercial information security companies and consultants. A generation of cryptanalysts has cut its teeth analyzing (that is trying to "crack") the DES algorithm. In the words of cryptographer Bruce Schneier [9],[7] "DES did more to galvanize the field of cryptanalysis than anything else. Now there was an algorithm to study." An astonishing share of the open literature in cryptography in the 1970s and 1980s dealt with the DES, and the DES is the standard against which every symmetric key algorithm since has been compared.[8]

Bruce Schneier Bruce Schneier (born January 15, 1963) is an American cryptographer, computer security specialist, and writer. ...

Chronology

Date Year Event
15 May 1973 NBS publishes a first request for a standard encryption algorithm
27 August 1974 NBS publishes a second request for encryption algorithms
17 March 1975 DES is published in the Federal Register for comment
August 1976 First workshop on DES
September 1976 Second workshop, discussing mathematical foundation of DES
November 1976 DES is approved as a standard
15 January 1977 DES is published as a FIPS standard FIPS PUB 46
1983 DES is reaffirmed for the first time
1986 Videocipher II, a TV satellite scrambling system based upon DES begins use by HBO
22 January 1988 DES is reaffirmed for the second time as FIPS 46-1, superseding FIPS PUB 46
July 1990 Biham and Shamir rediscover differential cryptanalysis, and apply it to a 15-round DES-like cryptosystem.
1992 Biham and Shamir report the first theoretical attack with less complexity than brute force: differential cryptanalysis. However, it requires an unrealistic 247 chosen plaintexts.
30 December 1993 DES is reaffirmed for the third time as FIPS 46-2
1994 The first experimental cryptanalysis of DES is performed using linear cryptanalysis (Matsui, 1994).
June 1997 The DESCHALL Project breaks a message encrypted with DES for the first time in public.
July 1998 The EFF's DES cracker (Deep Crack) breaks a DES key in 56 hours.
January 1999 Together, Deep Crack and distributed.net break a DES key in 22 hours and 15 minutes.
25 October 1999 DES is reaffirmed for the fourth time as FIPS 46-3, which specifies the preferred use of Triple DES, with single DES permitted only in legacy systems.
26 November 2001 The Advanced Encryption Standard is published in FIPS 197
26 May 2002 The AES standard becomes effective
26 July 2004 The withdrawal of FIPS 46-3 (and a couple of related standards) is proposed in the Federal Register [2]
19 May 2005 NIST withdraws FIPS 46-3
15 March 2007 The FPGA based parallel machine COPACOBANA of the University of Bochum and Kiel, Germany, breaks DES in 6.4 days at $10,000 hardware cost

is the 135th day of the year (136th in leap years) in the Gregorian calendar. ... is the 239th day of the year (240th in leap years) in the Gregorian calendar. ... is the 76th day of the year (77th in leap years) in the Gregorian calendar. ... is the 15th day of the year in the Gregorian calendar. ... VideoCipher is a brand name of analog scrambling equipment for satellite television invented in 1983 by Linkabit systems, which was bought out by MA/COM in 1985. ... is the 22nd day of the year in the Gregorian calendar. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ... December 30 is the 364th day of the year (365th in leap years) in the Gregorian Calendar, with 1 day remaining. ... In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ... EFF Logo The Electronic Frontier Foundation (EFF) is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving free speech rights such as those protected by the First Amendment to the United States Constitution in the context of... The EFFs US$250,000 DES cracking machine contained over 18,000 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips In cryptography, the EFF DES cracker (nicknamed Deep... The EFFs US$250,000 DES cracking machine contained over 18,000 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips In cryptography, the EFF DES cracker (nicknamed Deep... The distributed. ... is the 298th day of the year (299th in leap years) in the Gregorian calendar. ... In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ... (Redirected from 26 November) November 26 is the 330th day (331st on leap years) of the year in the Gregorian calendar. ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ... is the 146th day of the year (147th in leap years) in the Gregorian calendar. ... is the 207th day of the year (208th in leap years) in the Gregorian calendar. ... is the 139th day of the year (140th in leap years) in the Gregorian calendar. ... is the 74th day of the year (75th in leap years) in the Gregorian calendar. ... The EFFs Deep Crack machine contained over 18,000 custom chips and could brute force a DES key in a matter of days — the photo shows a circuit board fitted with 32 custom attack chips In cryptography, a custom hardware attack uses specially designed electronic circuits to decipher encrypted...

Replacement algorithms

Concerns about security and the relatively slow operation of DES in software motivated researchers to propose a variety of alternative block cipher designs, which started to appear in the late 1980s and early 1990s: for example RC5, Blowfish, IDEA, NewDES, SAFER, CAST5 and FEAL. Most of these designs kept the 64-bit block size of DES, and could act as a "drop-in" replacement, although they typically used a 64-bit or 128-bit key. In the USSR the GOST 28147-89 algorithm was introduced, with a 64-bit block size and a 256-bit key, which was also used in Russia later. Computer software (or simply software) refers to one or more computer programs and data held in the storage of a computer for some purpose. ... Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... RC5 is a block cipher notable for its simplicity. ... In cryptography, Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. ... In cryptography, the International Data Encryption Algorithm (IDEA) is a block cipher designed by Xuejia Lai (來學嘉) and James L. Massey of ETH Zurich and was first described in 1991. ... In cryptography, NewDES is a symmetric key block cipher. ... This article is about the encryption algorithm. ... The following article is about the block cipher. ... General Designer(s) Akihiro Shimizu and Shoji Miyaguchi (NTT) First published FEAL-4 in 1987; FEAL-N/NX in 1990 Derived from - Cipher(s) based on this design - Algorithm detail Block size(s) 64 bits Key size(s) 64 bits (128 bits for FEAL-NX) Structure Feistel network Number of... Diagram of GOST In cryptography, GOST (Russian ГОСТ) (GOsudarstvennyi STandard, Russian for Government Standard) is a symmetric key block cipher published in 1990 as the Soviet standard (GOST 28147-89). ...


DES itself can be adapted and reused in a more secure scheme. Many former DES users now use Triple DES (TDES) which was described and analysed by one of DES's patentees (see FIPS Pub 46-3); it involves applying DES three times with two (2TDES) or three (3TDES) different keys. TDES is regarded as adequately secure, although it is quite slow. A less computationally expensive alternative is DES-X, which increases the key size by XORing extra key material before and after DES. GDES was a DES variant proposed as a way to speed up encryption, but it was shown to be susceptible to differential cryptanalysis. In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ... Federal Information Processing Standards (FIPS) are publicly announced standards developed by the U.S. Federal government for use by all (non-military) government agencies and by government contractors. ... In cryptography, DES-X (or DESX) is a variant on the DES (Data Encryption Standard) block cipher intended to increase the complexity of a brute force attack using a technique called key whitening. ... In cryptography, the Generalized DES Scheme (G-DES or GDES) is a variant of the DES block cipher designed to speed-up the encryption. ...


In 2001, after an international competition, NIST selected a new cipher, the Advanced Encryption Standard (AES), as a replacement. The algorithm which was selected as the AES was submitted by its designers under the name Rijndael. Other finalists in the NIST AES competition included RC6, Serpent, MARS, and Twofish. In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ... This article is about the block cipher. ... On January 2, 1997 the National Institute of Standards and Technology, or NIST, called for cryptographers to propose a new standard block cipher for United States Government use in non_classified but sensitive applications. ... In cryptography, RC6 is a symmetric key block cipher derived from RC5. ... Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard contest, where it came second to Rijndael. ... Adjectives: Martian Atmosphere Surface pressure: 0. ... In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. ...


Description

Figure 1 — The overall Feistel structure of DES
For brevity, the following description omits the exact transformations and permutations which specify the algorithm; for reference, the details can be found in DES supplementary material.

DES is the archetypal block cipher — an algorithm that takes a fixed-length string of plaintext bits and transforms it through a series of complicated operations into another ciphertext bitstring of the same length. In the case of DES, the block size is 64 bits. DES also uses a key to customize the transformation, so that decryption can only be performed by those who know the particular key used to encrypt. The key ostensibly consists of 64 bits; however, only 56 of these are actually used by the algorithm. Eight bits are used solely for checking parity, and are thereafter discarded. Hence the effective key length is 56 bits, and it is usually quoted as such. Download high resolution version (640x1725, 87 KB)DES main network This image has been released into the public domain by the copyright holder, its copyright has expired, or it is ineligible for copyright. ... Download high resolution version (640x1725, 87 KB)DES main network This image has been released into the public domain by the copyright holder, its copyright has expired, or it is ineligible for copyright. ... For reference, this article details the various tables used in the Data Encryption Standard (DES) block cipher. ... Archetype is defined as the first original model of which all other similar persons, objects, or concepts are merely derivative, copied, patterned, or emulated. ... Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... In cryptography, plaintext is information used as input to an encryption algorithm; the output is termed ciphertext. ... This article is about algorithms for encryption and decryption. ... In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ... A key is a piece of information that controls the operation of a cryptography algorithm. ... Look up Parity in Wiktionary, the free dictionary Parity is a concept of equality of status or functional equivalence. ... In cryptography, the key size (alternatively key length) is a measure of the number of possible keys which can be used in a cipher. ...


Like other block ciphers, DES by itself is not a secure means of encryption but must instead be used in a mode of operation. FIPS-81 specifies several modes for use with DES [3]. Further comments on the usage of DES are contained in FIPS-74 [4]. In cryptography, a block cipher operates on blocks of fixed length, often 64 or 128 bits. ...


Overall structure

The algorithm's overall structure is shown in Figure 1: there are 16 identical stages of processing, termed rounds. There is also an initial and final permutation, termed IP and FP, which are inverses (IP "undoes" the action of FP, and vice versa). IP and FP have almost no cryptographic significance, but were apparently included in order to facilitate loading blocks in and out of mid-1970s hardware, as well as to make DES run slower in software. Permutation is the rearrangement of objects or symbols into distinguishable sequences. ... In mathematics, an inverse function is in simple terms a function which does the reverse of a given function. ...


Before the main rounds, the block is divided into two 32-bit halves and processed alternately; this criss-crossing is known as the Feistel scheme. The Feistel structure ensures that decryption and encryption are very similar processes — the only difference is that the subkeys are applied in the reverse order when decrypting. The rest of the algorithm is identical. This greatly simplifies implementation, particularly in hardware, as there is no need for separate encryption and decryption algorithms. In cryptography, a Feistel cipher is a block cipher with a particular structure, named after IBM cryptographer Horst Feistel; it is also commonly known as a Feistel network. ...


The red ⊕ symbol denotes the exclusive-OR (XOR) operation. The F-function scrambles half a block together with some of the key. The output from the F-function is then combined with the other half of the block, and the halves are swapped before the next round. After the final round, the halves are not swapped; this is a feature of the Feistel structure which makes encryption and decryption similar processes. Exclusive disjunction (usual symbol xor) is a logical operator that results in true if one of the operands (not both) is true. ...


The Feistel (F) function

The F-function, depicted in Figure 2, operates on half a block (32 bits) at a time and consists of four stages:

Figure 2 —The Feistel function (F-function) of DES
  1. Expansion — the 32-bit half-block is expanded to 48 bits using the expansion permutation, denoted E in the diagram, by duplicating some of the bits.
  2. Key mixing — the result is combined with a subkey using an XOR operation. Sixteen 48-bit subkeys — one for each round — are derived from the main key using the key schedule (described below).
  3. Substitution — after mixing in the subkey, the block is divided into eight 6-bit pieces before processing by the S-boxes, or substitution boxes. Each of the eight S-boxes replaces its six input bits with four output bits according to a non-linear transformation, provided in the form of a lookup table. The S-boxes provide the core of the security of DES — without them, the cipher would be linear, and trivially breakable.
  4. Permutation — finally, the 32 outputs from the S-boxes are rearranged according to a fixed permutation, the P-box.

The alternation of substitution from the S-boxes, and permutation of bits from the P-box and E-expansion provides so-called "confusion and diffusion" respectively, a concept identified by Claude Shannon in the 1940s as a necessary condition for a secure yet practical cipher. Download high resolution version (640x616, 43 KB)DES Feistel function This image has been released into the public domain by the copyright holder, its copyright has expired, or it is ineligible for copyright. ... Download high resolution version (640x616, 43 KB)DES Feistel function This image has been released into the public domain by the copyright holder, its copyright has expired, or it is ineligible for copyright. ... The key-schedule of DES (<<< denotes a left rotation) In cryptography, the so-called product ciphers are a certain kind of ciphers, where the (de-)ciphering of data is done in rounds. The general setup of each round is the same, except for some hard-coded parameters and a part... In cryptography, a substitution box (or S-box) is a basic component of symmetric key algorithms. ... In computer science, a lookup table is a data structure, usually an array or associative array, used to replace a runtime computation with a simpler lookup operation. ... Permutation is the rearrangement of objects or symbols into distinguishable sequences. ... In cryptography, confusion and diffusion are two properties of the operation of a secure cipher which were identified by Shannon in his paper, Communication Theory of Secrecy Systems published in 1949. ... Claude Shannon Claude Elwood Shannon (April 30, 1916 – February 24, 2001), an American electrical engineer and mathematician, has been called the father of information theory,[1] and was the founder of practical digital circuit design theory. ...


Key schedule

Figure 3 — The key-schedule of DES

Figure 3 illustrates the key schedule for encryption — the algorithm which generates the subkeys. Initially, 56 bits of the key are selected from the initial 64 by Permuted Choice 1 (PC-1) — the remaining eight bits are either discarded or used as parity check bits. The 56 bits are then divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, both halves are rotated left by one or two bits (specified for each round), and then 48 subkey bits are selected by Permuted Choice 2 (PC-2) — 24 bits from the left half, and 24 from the right. The rotations (denoted by "<<<" in the diagram) mean that a different set of bits is used in each subkey; each bit is used in approximately 14 out of the 16 subkeys. Key schedule of DES This image has been released into the public domain by the copyright holder, its copyright has expired, or it is ineligible for copyright. ... Key schedule of DES This image has been released into the public domain by the copyright holder, its copyright has expired, or it is ineligible for copyright. ... Look up Parity in Wiktionary, the free dictionary Parity is a concept of equality of status or functional equivalence. ...


The key schedule for decryption is similar — it must generate the keys in the reverse order. Hence the rotations are to the right, rather than the left.


Security and cryptanalysis

Although more information has been published on the cryptanalysis of DES than any other block cipher, the most practical attack to date is still a brute force approach. Various minor cryptanalytic properties are known, and three theoretical attacks are possible which, while having a theoretical complexity less than a brute force attack, require an unrealistic amount of known or chosen plaintext to carry out, and are not a concern in practice. The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ...


In spite of all the criticism and weaknesses of DES, there is no known example of anyone actually suffering monetary losses because of DES security limitations.[citation needed]


Brute force attack

For any cipher, the most basic method of attack is brute force — trying every possible key in turn. The length of the key determines the number of possible keys, and hence the feasibility of this approach. For DES, questions were raised about the adequacy of its key size early on, even before it was adopted as a standard, and it was the small key size, rather than theoretical cryptanalysis, which dictated a need for a replacement algorithm. It is known that the NSA encouraged, if not persuaded, IBM to reduce the key size from 128 to 64 bits, and from there to 56 bits; this is often taken as an indication that the NSA possessed enough computer power to break keys of this length even in the mid-1970s. The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ... In cryptography, the key size (alternatively key length) is a measure of the number of possible keys which can be used in a cipher. ...

The EFF's US$250,000 DES cracking machine contained 1,536 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips.
The EFF's US$250,000 DES cracking machine contained 1,536 custom chips and could brute force a DES key in a matter of days — the photo shows a DES Cracker circuit board fitted with several Deep Crack chips.

In academia, various proposals for a DES-cracking machine were advanced. In 1977, Diffie and Hellman proposed a machine costing an estimated US$20 million which could find a DES key in a single day. By 1993, Wiener had proposed a key-search machine costing US$1 million which would find a key within 7 hours. However, none of these early proposals were ever implemented, at least no implementations were publicly acknowledged. The vulnerability of DES was practically demonstrated in the late 1990s. In 1997, RSA Security sponsored a series of contests, offering a $10,000 prize to the first team that broke a message encrypted with DES for the contest. That contest was won by the DESCHALL Project, led by Rocke Verser, Matt Curtin, and Justin Dolske, using idle cycles of thousands of computers across the Internet. The feasibility of cracking DES quickly was demonstrated in 1998 when a custom DES-cracker was built by the Electronic Frontier Foundation (EFF), a cyberspace civil rights group, at the cost of approximately US$250,000 (see EFF DES cracker). Their motivation was to show that DES was breakable in practice as well as in theory: "There are many people who will not believe a truth until they can see it with their own eyes. Showing them a physical machine that can crack DES in a few days is the only way to convince some people that they really cannot trust their security to DES." The machine brute-forced a key in a little more than 2 days' search; at about the same time at least one attorney from the US Justice Department was announcing that DES was unbreakable.[citation needed] Download high resolution version (1412x1479, 336 KB)DES Cracker circuit board fitted with Deep Crack chips Source: http://www. ... Download high resolution version (1412x1479, 336 KB)DES Cracker circuit board fitted with Deep Crack chips Source: http://www. ... EFF Logo The Electronic Frontier Foundation (EFF) is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving free speech rights such as those protected by the First Amendment to the United States Constitution in the context of... The EFFs US$250,000 DES cracking machine contained over 18,000 custom chips and could brute force a DES key in a matter of days &#8212; the photo shows a DES Cracker circuit board fitted with several Deep Crack chips In cryptography, the EFF DES cracker (nicknamed Deep... RSA, The Security Division of EMC Corporation (NYSE: EMC), is headquartered in Bedford, Massachusetts, and maintains offices in Ireland, the United Kingdom, Singapore, and Japan. ... Matt Curtin (b. ... EFF Logo The Electronic Frontier Foundation (EFF) is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving free speech rights such as those protected by the First Amendment to the United States Constitution in the context of... The EFFs US$250,000 DES cracking machine contained over 18,000 custom chips and could brute force a DES key in a matter of days &#8212; the photo shows a DES Cracker circuit board fitted with several Deep Crack chips In cryptography, the EFF DES cracker (nicknamed Deep...

The COPACOBANA machine, built for US$10,000 by the Universities of Bochum and Kiel, contains 120 low-cost FPGAs and can perform an exhaustive key search on DES in 6.4 days on average. The photo shows the backplane of the machine with the FPGAs.
The COPACOBANA machine, built for US$10,000 by the Universities of Bochum and Kiel, contains 120 low-cost FPGAs and can perform an exhaustive key search on DES in 6.4 days on average. The photo shows the backplane of the machine with the FPGAs.

The only other confirmed DES cracker was the COPACOBANA machine (abbreviation of cost-optimized parallel code breaker) built more recently by teams of the Universities of Bochum and Kiel, both in Germany. Unlike the EFF machine, COPACOBANA consist of commercially available, reconfigurable integrated circuits. 120 of these FPGAs of type XILINX Spartan3-1000 run in parallel. They are grouped in 20 DIMM modules, each containing 6 FPGAs. The use of reconfigurable hardware makes the machine applicable to other code breaking tasks as well. The figure shows a full-sized COPACOBANA. One of the more interesting aspects of COPACOBANA is its cost factor. One machine can be built for approximately $10,000. The cost decrease by roughly a factor of 25 over the EFF machine is an impressive example for the continuous improvement of digital hardware. Interestingly Moore’s law predicts an improvement of about 32, since about 8 years have passed between the design of the two machines, which allows for about five doublings of computer power (or 5 reductions by 50% of the cost for doing the same computation). Image File history File linksMetadata Copacobana. ... Image File history File linksMetadata Copacobana. ... Growth of transistor counts for Intel processors (dots) and Moores Law (upper line=18 months; lower line=24 months) Moores Law is the empirical observation that the transistor density of integrated circuits, with respect to minimum component cost, doubles every 24 months[1]. It is attributed to Gordon...


Attacks faster than brute-force

There are three attacks known that can break the full sixteen rounds of DES with less complexity than a brute-force search: differential cryptanalysis (DC), linear cryptanalysis (LC), and Davies' attack. However, the attacks are theoretical and are infeasible to mount in practice; these types of attack are sometimes termed certificational weaknesses. Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ... In cryptography, Davies attack [sic] is a dedicated statistical cryptanalysis method for attacking the Data Encryption Standard (DES). ...

  • Differential cryptanalysis was discovered in the late 1980s by Eli Biham and Adi Shamir, although it was known earlier to both IBM and the NSA and kept secret. To break the full 16 rounds, differential cryptanalysis requires 247 chosen plaintexts. DES was designed to be resistant to DC.
  • Linear cryptanalysis was discovered by Mitsuru Matsui, and needs 243 known plaintexts (Matsui, 1993); the method was implemented (Matsui, 1994), and was the first experimental cryptanalysis of DES to be reported. There is no evidence that DES was tailored to be resistant to this type of attack. A generalisation of LC — multiple linear cryptanalysis — was suggested in 1994 (Kaliski and Robshaw), and was further refined by Biryukov et al (2004); their analysis suggests that multiple linear approximations could be used to reduce the data requirements of the attack by at least a factor of 4 (i.e. 241 instead of 243). A similar reduction in data complexity can be obtained in a chosen-plaintext variant of linear cryptanalysis (Knudsen and Mathiassen, 2000). Junod (2001) performed several experiments to determine the actual time complexity of linear cryptanalysis, and reported that it was somewhat faster than predicted, requiring time equivalent to 239–241 DES evaluations.
  • Improved Davies' attack: while linear and differential cryptanalysis are general techniques and can be applied to a number of schemes, Davies' attack is a specialised technique for DES, first suggested by Donald Davies in the eighties, and improved by Biham and Biryukov (1997). The most powerful form of the attack requires 250 known plaintexts, has a computational complexity of 250, and has a 51% success rate.

There have also been attacks proposed against reduced-round versions of the cipher, i.e. versions of DES with fewer than sixteen rounds. Such analysis gives an insight into how many rounds are needed for safety, and how much of a "security margin" the full version retains. Differential-linear cryptanalysis was proposed by Langford and Hellman in 1994, and combines differential and linear cryptanalysis into a single attack. An enhanced version of the attack can break 9-round DES with 215.8 known plaintexts and has a 229.2 time complexity (Biham et al, 2002). Eli Biham is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion Israeli Institute of Technology Computer Science department. ... This article does not cite any references or sources. ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ... Mitsuru Matsui is a Japanese cryptographer and senior researcher for Mitsubishi Electric Company. ... The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... Donald Davies Donald Watts Davies CBE FRS (June 7, 1924 – May 28, 2000) was a British computer scientist who was a co-inventor of packet switching (and originator of the term), along with Paul Baran and Leonard Kleinrock in the US. Just prior to Davies death, he contested Kleinrocks... Alex Biryukov is a cryptographer, currently an assistant professor at the University of Luxembourg. ... The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... Introduced by Martin Hellman and Susan K. Langford in 1994, the differential-linear attack is a mix of both linear cryptanalysis and differential cryptanalysis. ...


Minor cryptanalytic properties

DES exhibits the complementation property, namely that

E_K(P)=C Leftrightarrow E_overline{K}(overline{P})=overline{C}

where overline{x} is the bitwise complement of x. EK denotes encryption with key K. P and C denote plaintext and ciphertext blocks respectively. The complementation property means that the work for a brute force attack could be reduced by a factor of 2 (or a single bit) under a chosen-plaintext assumption. The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ...


DES also has four so-called weak keys. Encryption (E) and decryption (D) under a weak key have the same effect (see involution): In cryptography, a weak key is a key which when used with a specific cipher, makes the cipher behave in some undesirable way. ... In mathematics, an involution is a function that is its own inverse, so that f(f(x)) = x for all x in the domain of f. ...

EK(EK(P)) = P or equivalently, EK = DK

There are also six pairs of semi-weak keys. Encryption with one of the pair of semiweak keys, K1, operates identically to decryption with the other, K2:

E_{K_1}(E_{K_2}(P)) = P or equivalently, E_{K_2} = D_{K_1}

It is easy enough to avoid the weak and semiweak keys in an implementation, either by testing for them explicitly, or simply by choosing keys randomly; the odds of picking a weak or semiweak key by chance are negligible. The keys are not really any weaker than any other keys anyway, as they do not give an attack any advantage.


DES has also been proved not to be a group, or more precisely, the set {EK} (for all possible keys K) under functional composition is not a group, nor "close" to being a group (Campbell and Wiener, 1992). This was an open question for some time, and if it had been the case, it would have been possible to break DES, and multiple encryption modes such as Triple DES would not increase the security. This picture illustrates how the hours on a clock form a group under modular addition. ... In mathematics, a composite function, formed by the composition of one function on another, represents the application of the former to the result of the application of the latter to the argument of the composite. ...


It is known that the maximum cryptographic security of DES is limited to about 64 bits, even when independently choosing all round subkeys instead of deriving them from a key, which would otherwise permit a security of 768 bits.


See also

Cryptography Portal

Image File history File links Crypto_key. ... For reference, this article details the various tables used in the Data Encryption Standard (DES) block cipher. ... Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related cryptographic keys for both decryption and encryption. ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ... In cryptography, Skipjack is a block cipher — an algorithm for encryption — developed by the U.S. National Security Agency (NSA). ...

References

Eli Biham is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion Israeli Institute of Technology Computer Science department. ... This article does not cite any references or sources. ... Eli Biham is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion Israeli Institute of Technology Computer Science department. ... This article does not cite any references or sources. ... Alex Biryukov is a cryptographer, currently an assistant professor at the University of Luxembourg. ... Dr. Orr Dunkelman (December 1980-) (Ph. ... Asiacrypt (also ASIACRYPT) is an important international conference for cryptography research. ... EFF Logo The Electronic Frontier Foundation (EFF) is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving free speech rights such as those protected by the First Amendment to the United States Constitution in the context of... Crypto is an English prefix that means hidden or secret. The term crypto is also employed as shorthand for the following: Cryptography, the practice of the use of encryption. ... Don Coppersmith is a cryptographer and mathematician. ... Whitfield Diffie Bailey Whitfield Whit Diffie (born June 5, 1944) is a US cryptographer and one of the pioneers of public-key cryptography. ... Martin Hellman - Wikipedia, the free encyclopedia /**/ @import /skins-1. ... John Gilmore John Gilmore is one of the founders of the Electronic Frontier Foundation, the Cypherpunks mailing list, and Cygnus Solutions. ... Selected Areas in Cryptography (SAC) is a series of international cryptography workshops held annually in Canada, every August since 1994. ... Burton S. Burt Kaliski, Jr. ... Matthew J.B. Matt Robshaw is a cryptographer, currently a lecturer at Royal Holloway, University of London. ... Lars R. Knudsen Lars Ramkilde Knudsen (born February 21, 1962) is a Danish researcher in cryptography, particularly the design and analysis of block ciphers, hash functions and message authentication codes (MACs). ... Fast Software Encryption, often abbreviated FSE, is a workshop for cryptography research, focussed on symmetric-key cryptography with an emphasis on fast, practical techniques, as opposed to theory. ... Steven Levy Steven Levy (born 1951) is an American journalist who has written several books on computers, technology, cryptography, the Internet, cybersecurity, and privacy. ... Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age (ISBN 0140244328) is a book written by Steven Levy about cryptography, and was published in 2001. ... Mitsuru Matsui is a Japanese cryptographer and senior researcher for Mitsubishi Electric Company. ... EuroCrypt is a conditional access system for Multiplexed Analogue Components-encoded analogue satellite television. ...

Notes

  1. ^ Schneier. Applied Cryptography, 2nd ed., 280. 
  2. ^ Davies, D.W.; W.L. Price (1989). Security for computer networks, 2nd ed.. John Wiley & Sons. 
  3. ^ Robert Sugarman (editor) (July 1979). "On foiling computer crime". IEEE Spectrum. IEEE. 
  4. ^ P. Kinnucan (Oct 1978). "Data Encryption Gurus: Tuchman and Meyer". Cryptologia 2 (4). 
  5. ^ Levy, Crypto, p. 55
  6. ^ Levy, p. 55
  7. ^ Bruce Schneier, Applied Cryptography, Protocols, Algorithms, and Source Code in C, Second edition, John Wiley and Sons, New York (1996) p. 267
  8. ^ William E. Burr, "Data Encryption Standard", in NIST's anthology "A Century of Excellence in Measurements, Standards, and Technology: A Chronicle of Selected NBS/NIST Publications, 1901–2000. HTML PDF

The Institute of Electrical and Electronics Engineers or IEEE (pronounced as eye-triple-ee) is an international non-profit, professional organization incorporated in the State of New York, United States. ...

External links

Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ... In cryptography, Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. ... In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ... Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard contest, where it came second to Rijndael. ... In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. ... In cryptography, 3-Way is a block cipher designed in 1994 by Joan Daemen, who also (with Vincent Rijmen) designed Rijndael, the winner of NISTs Advanced Encryption Standard (AES) contest. ... Akelarre is a block cipher proposed in 1996, and combined features from IDEA and RC5. ... Anubis is a block cipher designed by Vincent Rijmen and Paulo S. L. M. Barreto as an entrant in the NESSIE project. ... In cryptography, ARIA is a block cipher designed in 2003 by a large group of Korean researchers. ... In cryptography, BaseKing is a block cipher designed in 1994 by Joan Daemen. ... The Cryptomeria cipher, commonly refered to as C2 is a proprietary block cipher defined and licensed by the 4C Entity. ... In cryptography, Camellia is a block cipher that has been evaluated favorably by several organisations, including the European Unions NESSIE project (a selected algorithm), and the Japanese CRYPTREC project (a recommended algorithm). ... Three rounds of the CAST-128 block cipher In cryptography, CAST-128 (alternatively CAST5) is a block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has also been approved for Canadian government use by the Communications Security Establishment. ... In cryptography, CAST-256 (or CAST6) is a block cipher published in June 1998 and submitted as a candidate for the Advanced Encryption Standard (AES). ... In cryptography, CIKS-1 is a block cipher designed in 2002 by A.A. Moldovyan and N.A. Moldovyan. ... In cryptography, CIPHERUNICORN-A is a block cipher created by NEC in 2000. ... In cryptography, CIPHERUNICORN-E is a block cipher created by NEC in 1998. ... In cryptography, the Cellular Message Encryption Algorithm (CMEA) is a block cipher which was used for securing mobile phones in the United States. ... In cryptography, Cobra is the general name of a family of data-dependent permutation based block ciphers: Cobra-128, Cobra-F64a, Cobra-F64b, Cobra-H64 and Cobra-H128. ... In cryptography, COCONUT98 (Cipher Organized with Cute Operations and N-Universal Transformation) is a block cipher designed by Serge Vaudenay in 1998. ... In cryptography, Crab is a block cipher created by Burt Kaliski and Matt Robshaw in 1993. ... In particle physics, the crypton is a hypothetical superheavy particle, thought to exist in a hidden sector of string theory. ... In cryptography, the CS-Cipher is a block cipher invented by Jacques Stern and Serge Vaudenay in 1998. ... Deal can refer to: an agreement reached after negotiation, for example a contract to sell as a dealer or dealership a bargain a situation, as in whats the deal with the Johnson account ?. a problem, as in whats your deal ?. Deal$, a U.S. dollar store a Deal... In cryptography, DES-X (or DESX) is a variant on the DES (Data Encryption Standard) block cipher intended to increase the complexity of a brute force attack using a technique called key whitening. ... In cryptography, DFC (Decorrelated Fast Cipher) is a block cipher which was created in 1998 by a group of researchers at École Normale Supérieure and submitted to the AES competition. ... In cryptography, E2 is a block cipher which was created in 1998 by NTT and submitted to the AES competition. ... General Designer(s) Akihiro Shimizu and Shoji Miyaguchi (NTT) First published FEAL-4 in 1987; FEAL-N/NX in 1990 Derived from - Cipher(s) based on this design - Algorithm detail Block size(s) 64 bits Key size(s) 64 bits (128 bits for FEAL-NX) Structure Feistel network Number of... Distribution of frogs (in black) Suborders Archaeobatrachia Mesobatrachia Neobatrachia - List of Anuran families The frogness babe is an amphibian in the order Anura (meaning tail-less from Greek an-, without + oura, tail), formerly referred to as Salientia (Latin saltare, to jump). ... In cryptography, the Generalized DES Scheme (G-DES or GDES) is a variant of the DES block cipher designed to speed-up the encryption. ... Diagram of GOST In cryptography, GOST (Russian ГОСТ) (GOsudarstvennyi STandard, Russian for Government Standard) is a symmetric key block cipher published in 1990 as the Soviet standard (GOST 28147-89). ... In cryptography, Grand Cru is a block cipher invented in 2000 by Johan Borst. ... The Hasty Pudding Cipher (abbreviated HPC) is a variable-block-size block cipher which was an unsuccessful candidate in the competition for selecting the U.S. Advanced Encryption Standard. ... In cryptography, Hierocrypt-L1 and Hierocrypt-3 are block ciphers created by Toshiba in 2000. ... General Designer(s) Matthew Kwan First published 1997 Derived from (DES) Cipher(s) based on this design - Algorithm detail Block size(s) 64 bits Key size(s) 64 bits for ICE, 64n for ICE-n Structure Feistel network Number of rounds 16 for ICE, 8 for Thin-ICE, 16n for... In cryptography, the International Data Encryption Algorithm (IDEA) is a block cipher designed by Xuejia Lai (來學嘉) and James L. Massey of ETH Zurich and was first described in 1991. ... In cryptography, the IDEA NXT algorithm (previously known as FOX) is a block cipher designed by Pascal Junod and Serge Vaudenay of EPFL (Lausanne, Switzerland). ... In cryptography, the Intel Cascaded Cipher, is a relatively new, high bandwidth block cipher, used as an optional component of the Output Content Protection DRM scheme of the Microsoft Windows Vista operating system. ... In cryptography, KASUMI, also termed A5/3, is a block cipher used in the confidentiality (f8) and integrity algorithms (f9) for 3GPP mobile communications. ... In cryptography, KHAZAD is a block cipher designed by Paulo S. L. M. Barreto together with Vincent Rijmen, one of the designers of the Advanced Encryption Standard (Rijndael). ... In cryptography, Khufu and Khafre are two block ciphers designed by Ralph Merkle in 1989 while working at Xeroxs Palo Alto Research Center. ... In cryptography, KN-Cipher is a block cipher created by Kaisa Nyberg and Lars Knudsen in 1995. ... Libelle is a German cipher system, developed by the Federal Office for Information Security. ... For other uses, see Loki (disambiguation). ... In cryptography, LOKI97 is a block cipher which was a candidate in the Advanced Encryption Standard competition. ... In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. ... In cryptography, M6 is a block cipher proposed by Hitachi in 1997 for use in the IEEE 1394 FireWire standard. ... In cryptography, MacGuffin is a block cipher created in 1994 by Bruce Schneier and Matt Blaze at a Fast Software Encryption workshop. ... In cryptography, Madryga is a block cipher created in 1984 by W. E. Madryga. ... Magenta is a color made up of equal parts of red and blue light. ... For other uses, see Mars (disambiguation). ... In cryptography, Mercy is a block cipher designed by Paul Crowley for disk encryption. ... In cryptography, MESH is a block cipher designed in 2002 by Jorge Nakahara, Jr. ... In cryptography, MISTY1 (or MISTY-1) is a block cipher designed in 1995 by Mitsuru Matsui and others for Mitsubishi Electric. ... In cryptography, MMB (Modular Multiplication-based Block cipher) is a block cipher designed by Joan Daemen as an improved replacement for the IDEA cipher. ... MULTI2 is a block cipher, developed by Hitachi in 1988. ... In cryptography, NewDES is a symmetric key block cipher. ... Noekeon is a block cipher with a block and key length of 128 bits. ... In cryptography, NUSH is a block cipher invented by Anatoly Lebedev and Alexey Volchkov for LAN Crypto, a Russian company. ... In cryptography, Q is a block cipher invented by Leslie McBride. ... In cryptography, RC2 is a block cipher designed by Ron Rivest in 1987. ... RC5 is a block cipher notable for its simplicity. ... In cryptography, RC6 is a symmetric key block cipher derived from RC5. ... In cryptography, REDOC II and REDOC III are block ciphers designed by Michael Wood for Cryptech Inc and are optimised for use in software. ... Red Pike is a classified United Kingdom government cipher, proposed for use by the National Health Service by GCHQ, but designed for a broad range of applications in the British government [1]. Little is publicly known about Red Pike, except that it is a block cipher with a 64-bit... Uplandia Regiment, or Upplands regemente, also S 1, is a Swedish Army signaling regiment that traces its origins back to the 19th Century. ... This article is about the encryption algorithm. ... In cryptography, SC2000 is a block cipher invented by a research group at Fujitsu Labs. ... A ripe red jalapeño cut open to show the seeds For other uses, see Seed (disambiguation). ... SHACAL-1 and SHACAL-2 are block ciphers based on cryptographic hash function from the SHA family. ... For other uses, see Shark (disambiguation). ... In cryptography, Skipjack is a block cipher — an algorithm for encryption — developed by the U.S. National Security Agency (NSA). ... SMS4 is a block cipher used in Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure). ... In cryptography, Square (sometimes written SQUARE) is a block cipher invented by Joan Daemen and Vincent Rijmen. ... General Designer(s) Roger Needham and David Wheeler First published 1994 Derived from - Cipher(s) based on this design XTEA Algorithm detail Block size(s) 64 bits Key size(s) 128 bits Structure Feistel network Number of rounds variable; recommended 64 Feistel rounds; 32 cycles Best cryptanalysis TEA suffers from... In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ... This article is about the block cipher. ... In cryptography, Xenon is a block cipher designed in 2000 by Chang-Hyi Lee for the Korean firm SoftForum. ... In cryptography, xmx is a block cipher designed in 1997 by David MRaïhi, David Naccache, Jacques Stern, and Serge Vaudenay. ... General Designer(s) Roger Needham and David Wheeler First published 1997 Derived from Tiny Encryption Algorithm (TEA) Cipher(s) based on this design - Algorithm detail Block size(s) 64 bits Key size(s) 128 bits Structure Feistel network Number of rounds variable; recommended 64 Feistel rounds; 32 cycles Best cryptanalysis... In cryptography, Corrected Block TEA (often referred to as XXTEA) is a block cipher designed to correct weaknesses in the original Block TEA (Tiny Encryption Algorithm), which was first published together with a paper on ‘Tea extensions’. The cipher’s designers were Roger Needham and David Wheeler of the Cambridge... In cryptography, Zodiac is a block cipher designed in 2000 by Chang-Hyi Lee for the Korean firm SoftForum. ... In cryptography, a Feistel cipher is a block cipher with a symmetric structure, named after IBM cryptographer Horst Feistel; it is also commonly known as a Feistel network. ... The key-schedule of DES (<<< denotes a left rotation) In cryptography, the so-called product ciphers are a certain kind of ciphers, where the (de-)ciphering of data is done in rounds. The general setup of each round is the same, except for some hard-coded parameters and a part... In cryptography, a product cipher is a popular type of block cipher that works by executing in sequence a number of simple transformations such as substitution, permutation, and modular arithmetic. ... In cryptography, a substitution box (or S-box) is a basic component of symmetric key algorithms. ... In cryptography, an SP-network, or substitution-permutation network (SPN), is a series of linked mathematical operations used in block cipher algorithms such as AES. These networks consist of S-boxes and P-boxes that transform blocks of input bits into output bits. ... The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ... In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... In cryptography, integral cryptanalysis is a cryptanalytic attack that is particularly applicable to block ciphers based around Substitution-permutation networks. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... In cryptography, mod n cryptanalysis is an attack applicable to block and stream ciphers. ... In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker. ... The idea of the slide attack was originally published by Edna Grossman and Bryant Tuckerman in an IBM Technical Report in 1977. ... New Scientist magazine featured the XSL attack in June 2003 with an article billed as Cipher crisis: the end of internet privacy. In cryptography, the XSL attack is a method of cryptanalysis for block ciphers. ... The Advanced Encryption Standard (AES), the block cipher ratified as a standard by National Institute of Standards and Technology (NIST), was chosen using a process markedly more open and transparent than its predecessor, the ageing Data Encryption Standard (DES). ... CRYPTREC is the Cryptography Research and Evaluation Committee set up by the Japanese Government to evaluate and recommend cryptographic techniques for government and industrial use. ... NESSIE (New European Schemes for Signatures, Integrity and Encryption) was a European research project funded from 2000&#8211;2003 to identify secure cryptographic primitives. ... This article is about cryptography; for other meanings, see snowball effect. ... In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ... In cryptography, an initialization vector (IV) is a block of bits that is required to allow a stream cipher or a block cipher executed in any of several streaming modes of operation to produce a unique stream independent from other streams produced by the same encryption key, without having to... In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break... OFB redirects here. ... In cryptanalysis, the piling-up lemma is a principle used in linear cryptanalysis to construct linear approximations to the action of block ciphers. ... In cryptography, a weak key is a key which when used with a specific cipher, makes the cipher behave in some undesirable way. ... The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek κρυπτός kryptós hidden, and the verb γράφω gráfo write or λεγειν legein to speak) is the study of message secrecy. ... The history of cryptography begins thousands of years ago. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... This article is intended to be an analytic glossary, or alternatively, an organized collection of annotated pointers. ... This article does not cite any references or sources. ... Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... The operation of the keystream generator in A5/1, a LFSR-based stream cipher used to encrypt mobile phone conversations. ... A big random number is used to make a public-key pair. ... In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. ... A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. ... A cryptographically secure pseudo-random number generator (CSPRNG) is a pseudo-random number generator (PRNG) with properties that make it suitable for use in cryptography. ...


  Results from FactBites:
 
FIPS 46-2 - (DES), Data Encryption Standard (0 words)
Data that is considered sensitive by the responsible authority, data that has a high value, or data that represents a high value should be cryptographically protected if it is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage.
The algorithm is designed to encipher and decipher blocks of data consisting of 64 bits under control of a 64-bit key.** Deciphering must be accomplished by using the same key as for enciphering, but with the schedule of addressing the key bits altered so that the deciphering process is the reverse of the enciphering process.
Protection of data during transmission or while in storage may be necessary to maintain the confidentiality and integrity of the information represented by the data.
  More results at FactBites »

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m