The Data Encryption Standard (DES) is a touchstone symmetric block cipher which has been used worldwide since it was published in 1975 in the U.S. Federal Register. It has remained unchanged since it’s formal standardization in January 1977, with a key size of 56 bits, 8+ parity bits, and a block size of 64 bits. This setup has not aged well, and the cipher has been superseded by the Advanced Encryption Standard (AES).
While in a partnership with Lloyds Bank in the United Kingdom, IBM’s cryptographer Horst Feistel headed a development team called project ‘Lucifer’ in the 1960s. The goal of the endeavor was to create a secure transaction method for its cash-dispensing system for civilians, and in1971, Lloyds accepted the published cipher. During May of 1973 and August 1974, the US National Bureau of Standards (NBS) put out a formal request for algorithms which could function in both civilian and government environments, and one of the submitted candidates was the Lucifer algorithm. It would be accepted by the agency and renamed ‘DES’—with some modifications. These were the infamous shortening of key size to 56 bits, and the modification of a component called S-Boxes. When it first debuted, two of the major critics were the famous cryptographic experts Whitfield Diffie and Martin Hellman. They continued to argue that key size is a major factor in cipher strength, declaring that the modifications had fundamentally impaired the cipher. The S-boxes would later prove to be an update against a particular form of mathematical attack called Linear Cryptanalysis, however the shortened key size would be a major detriment, eventually leading to the request from NIST in 1997 for a new algorithm to formally replace DES.
Like all bock ciphers, DES is created in such a way that a block of plain text will be employed to create a cipher text block of the same size. The two parties employing the cipher will share the encryption key. For decryption, the same key is used, but the process is reversed. All of the algorithms that follow this format are called Feistal Ciphers, including DES. This family of algorithms revolves around a specific function which can be either highly complex or simplistic, and is generally known by the shorthand ‘F’.
In January of 1999, the worries of Whitfield Diffie and Martin Hellman were officially proven to be true. DES was broken by the Electronic Frontier Foundation’s DES cracker (nicknamed “Deep Crack”) in 22 hours and 15 minutes. A version of this cracker has been constructed in python, crated by the ToorCon Information Security Conference for the cryptanalysis research community and called crack.sh. However, while the long and simple attack has been proven to have real-world applications, the four shortest methods of DES cipher cracking are heavily mathematical, and considered to be theoretical only. DES was specifically modified by the NSA to be resistant to differential cryptanalysis, however it has not been strengthened against Linear cryptanalysis, an Improved Davies' Attack or Differential-Linear cryptanalysis.
Most single incarnations of DES were replaced with the more robust Triple DES, a derivation of the original form. Triple DES is far more secure than the original DES, however, it too suffered from a short block size (64 bits). The Sweet32 attack leverages this in order to create block collisions, which occur when ample quantities of data are encrypted with the same key. Other alterations of DES have been postulated, but not accepted. A variant called GDES was created by
Ingrid Schaumuller-Bichl in 1981. This cipher contained larger block sizes, however without the inclusion of modified S-Boxes like the original, it was found to be weak to differential cryptanalysis by Eli Biham and Adi Shamir in 1990. DES-X was created to be strong against differential cryptanalysis and
linear cryptanalysis, however, brute force attacks were still an issue, and the additional weakness of plain- text side attacks was introduced.