**Any private key value that you enter or we generate is not stored on this site . Also, notice that this tool is provided via an HTTPS URL to ensure that private keys cannot be stolen**

**DES – Data Encryption Standard**

- Derived in 1972 as derivation of Lucifer algorithm developed by Horst Fiestel at IBM
- Patented in 1974 - Block Cipher Cryptographic System
- Commercial and non-classified systems
- DES describes the Data Encryption Algorithm DEA
- Federal Information Processing Standard FIPS adopted DES in 1977
- Re-certified in 1993 by National Institute of Standards and Technology but will be replaced by AES Advanced Encryption Standard by Rijndael.
- DES uses 64 bit block size and 56 bit key, begins with 64 bit key and strips 8 parity bits
- DEA is 16 round cryptosystem designed for implementation in hardware
- 56 bit key = 256 or 70 quadrillion possible keys
- Distributed systems can break it. S. Government no longer uses it
- Triple DES – three encryptions using DEA are now being used until AES is adopted

DES uses **confusion** and **diffusion** as suggested by Claude Shannon

**Confusion** conceals statistical connection

Accomplished through s-boxes

**Diffusion** spread the influence of plaintext character over many ciphertext characters

Accomplished through p-boxes

**DES Operates in four modes**

- Electronic Code Book (ECB)
- Cipher Block Chaining (CBC)
- Cipher Feedback (CFB)
- Output Feedback (OFB)

**Electronic Code Book**

- Native encryption mode
- Provides the recipe of substitutions and permutations that will be performed on the block of plaintext.
- Data within a file does not have to be encrypted in a certain order.
- Used for small amounts of data, like challenge-response, key management tasks.
- Also used to encrypt PINs in ATM machines.

**Cipher Block Chaining**

- Each block of text, the key, and the value based on the previous block is processed in the algorithm and applied to the next block of text.

**Cipher Feedback **

- The previously generated ciphertext from the last encrypted block of data is inputted into the algorithm to generate random values.
- These random values are processed with the current block of plaintext to create ciphertext.
- This mode is used when encrypting individual characters is required.

**Output Feedback **

- Functioning like a stream cipher by generating a stream of random binary bits to be combined with the plaintext to create ciphertext.
- The ciphertext is fed back to the algorithm to form a portion of the next input to encrypt the next stream of bits.
**DES has been broken with Internet network of PC’s**

DES is considered vulnerable by brute force search of the key – replaced by triple DES and AES

**Triple DES**

- Double encryption is subject to meet in the middle attack
- Encrypt on one end decrypt on the other and compare the values
- So Triple DES is used
- Can be done several different ways:
- DES – EDE2 (encrypt key 1, decrypt key 2, encrypt key 1)
- DES – EE2 (encrypt key 1, encrypt key 2, encrypt key 1)
- DES –EE3 (encrypt key 1, encrypt key 2, encrypt key 3) - most secure

- Advanced Encryption Standard
- Block Cipher that will replace DES
- Anticipated that Triple DES will remain approved for Government Use
- AES announced by NIST in January 1997 to find replacement for DES

**5 Finalists**

- MARS
- RC6
- Rijndael
- Serpent
- Blowfish