Scribd
Upload
187 views12 pages

DES Encryption Vulnerabilities

The document discusses the strength of the Data Encryption Standard (DES) encryption algorithm. It summarizes that while DES' 56-bit key was once thought to provide adequate security, advances in computing power have shown it can be cracked in just a few days using specialized hardware. It notes that alternatives to DES like AES and triple DES should now be considered due to demonstrated attacks on DES that have recovered plaintext using both large computer networks and dedicated cracking hardware.

Uploaded by

Jay Tanwani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
187 views12 pages

DES Encryption Vulnerabilities

The document discusses the strength of the Data Encryption Standard (DES) encryption algorithm. It summarizes that while DES' 56-bit key was once thought to provide adequate security, advances in computing power have shown it can be cracked in just a few days using specialized hardware. It notes that alternatives to DES like AES and triple DES should now be considered due to demonstrated attacks on DES that have recovered plaintext using both large computer networks and dedicated cracking hardware.

Uploaded by

Jay Tanwani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 12

Strength of Data Encryption

Standard (DES)

PRESENTED BY:- JAY TANWANI (IU1941090010)


SUBJECT:- CCS FACULTY:- MINESH SIR BRANCH:- EC
Strength of DES – Key Size

 56-bit keys have 256 = 7.2 x 1016 values


 Brute force search looks hard
 Recent advances have shown is possible
 In 1997 on Internet in a few months
 In 1998 on dedicated h/w (EFF) in a few days
 In 1999 above combined in 22hrs!
 Still must be able to recognize plaintext
 Must now consider alternatives to DES
 There have been other demonstrated breaks of the DES using both large networks of computers & dedicated h/w,
including:

 1997 on a large network of computers in a few months

 1998 on dedicated h/w (EFF) in a few days

 1999 above combined in 22hrs!

 It is important to note that there is more to a key-search attack than simply running through all possible keys. Unless
known plaintext is provided, the analyst must be able to recognize plaintext as plaintext.

 Clearly must now consider alternatives to DES, the most important of which are AES and triple DES.
DES Example
Avalanche in DES
Avalanche Effect

 A desirable property of any encryption algorithm is that a small change in either the
plaintext or the key should produce a significant change in the ciphertext . In particular, a
change in one bit of the plaintext or one bit of the key should produce a change in many
bits of the ciphertext.
 This is referred to as the avalanche effect.
Avalanche Effect

 Key desirable property of encryption algorithm

 Where a change of one input or key bit results in changing approx half output bits.

 Making attempts to “home-in” by guessing keys impossible

 DES exhibits strong avalanche


• A desirable property of any encryption algorithm is that a small change in either the
plaintext or the key should produce a significant change in the ciphertext.

• In particular, a change in one bit of the plaintext or one bit of the key should produce a
change in many bits of the ciphertext. If the change were small, this might provide a
way to reduce the size of the plaintext or key space to be searched. DES exhibits a
strong avalanche effect
 Since its adoption as a federal standard, there have been lingering concerns about the level of security
provided by DES in two areas: key size and the nature of the algorithm.

 With a key length of 56 bits, there are 256 possible keys, which is approximately 7.2*1016 keys. Thus a
brute-force attack appeared impractical.

 However DES was finally and definitively proved insecure in July 1998, when the Electronic Frontier
Foundation (EFF) announced that it had broken a DES encryption using a special-purpose "DES cracker"
machine that was built for less than $250,000.

 The attack took less than three days. The EFF has published a detailed description of the machine,
enabling others to build their own cracker [EFF98].
Strength of DES – Analytic Attacks

 Now have several analytic attacks on DES


 These utilise some deep structure of the cipher
 By gathering information about encryptions
 Can eventually recover some/all of the sub-key bits
 If necessary then exhaustively search for the rest
 Generally these are statistical attacks
• Differential cryptanalysis
• Linear cryptanalysis
• Related key attacks
Strength of DES – Timing Attacks

 Attacks actual implementation of cipher

 Use knowledge of consequences of implementation to derive information about some/all subkey


bits

 Specifically use fact that calculations can take varying times depending on the value of the inputs
to it

 Particularly problematic on smartcards


THANKYOU

You might also like