Des/3des
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Des/3des

  1. #1
    Member
    Join Date
    Apr 2002
    Posts
    88

    Des/3des

    DES and 3DES

    In a nutshell, DES (Data Encryption Standard) is an algorithm published by the National
    Institute of Standards for data encryption. 3DES (triple DES) is the DES algorithm applied
    three times to a data stream. The longer explanation of the standard is a bit more
    complicated.

    DES was developed by IBM in 1977 and was adopted by the U.S. Department of Defense. It
    includes the algorithm in the FIPS (Federal Information Processing Standard) 46 publication.

    DES uses a key system for encryption, and both the sender and receiver of a message
    encrypted with DES must have the same private key - data in transit cannot be deciphered
    without the appropriate key. Keys are chosen at random, and there are
    72,000,000,000,000,000 (that's 72 quadrillion) possible keys. The algorithm involves 16
    operations in which the 56-bit key is assigned to a 64-bit block of data.

    DES is a symmetric block cipher encryption method. It is considered symmetric because the
    same private key is used for encryption and decryption. (This is in contrast to asymmetric
    encryption, which uses a private key and a readily available public key) A "cipher" is simply a
    method of encryption and decryption, and the "block" refers to the fact that blocks of data
    (64-bits) are encrypted at the same time, i.e., DES does not encrypt each individual bit of
    data.

    DES encryption is strong enough to keep most hackers at bay, but its code is breakable.
    Many have begun using 3DES as a stronger alternative. 3DES performs the DES encryption
    process three times using three different keys. The security provided by 3DES is very
    strong, but the technology is slower than some of the encryption standards that have
    recently emerged.

    In case you were wondering.
    America - Land of the free, home of the brave.

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Location
    Ireland
    Posts
    735
    Thanks. More greenies.

  3. #3
    Senior Member
    Join Date
    Aug 2001
    Posts
    485
    You might be interested in this link, which has some relevant info on 3DES.
    It's 3DES from Cambridge university.
    Perhaps 3DES is not as secure as it might seem ....

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    187
    nice job.

    des is breakable though:
    jan '97: data security inc. held the first "des challange," first price winner recovered the password in 96 days
    jan '99: distributed.net recovered a password in less then 24

    the new gov standard is called aes (advanced encryption standard), the name of the algorithm rijndael and was developed by a group in europe. you can read all about it at www.nist.gov/aes.
    U suk at teh intuhnet1!!1!1one

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    Thanks for mentioning AES Jabberwocky.

    Have a look at the AES fact sheet at:

    http://csrc.nist.gov/encryption/aes/aesfact.html

    From that page, something that I found interesting.
    __________________________________________________________

    The AES specifies three key sizes: 128, 192 and 256 bits. In decimal terms, this means that there are approximately:

    3.4 x 1038 possible 128-bit keys;
    6.2 x 1057 possible 192-bit keys; and
    1.1 x 1077 possible 256-bit keys.

    In comparison, DES keys are 56 bits long, which means there are approximately 7.2 x 1016 possible DES keys. Thus, there are on the order of 1021 times more AES 128-bit keys than DES 56-bit keys.

    Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.
    __________________________________________________________

    Some pretty interesting stuff.....
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    187
    each time you add a single digit to the key you double the ranger a cracker has to search. keys are usually made out of prime numbers, or combinations of numbers that are prime to each other. not too recently someone the largest known prime number, 213466917-1.

    check out this very interesting site on prime numbers
    http://www.utm.edu/research/primes/largest.html
    U suk at teh intuhnet1!!1!1one

  7. #7
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    Interesting... Does anyone have any information on the encryption that distributed.net (http://www.distributed.net) is trying to crack.... The keys are as follows....
    • RC5
    • OGR
    • CSC
    • DES

  8. #8
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    DES encryption is strong enough to keep most hackers at bay, but its code is breakable.
    Many have begun using 3DES as a stronger alternative. 3DES performs the DES encryption
    process three times using three different keys.
    Technically this isn't accurate, at least for the C library implementation. The 3DES algorithm actually uses two keys. The data is encrypted with the first key, decrypted with the second key and encrypted with the first key again. You could quite easily tweak the code to use three separate keys though .
    OpenBSD - The proactively secure operating system.

  9. #9
    Senior Member
    Join Date
    Aug 2001
    Posts
    485
    One other thing to note is that using the same encryption algorithm multiple times does not make the message much harder to decrypt - which is why I think 3DES is a bit suspect.
    To actually break it you would need some inside help, which is what my original link indicated.
    However, IBM thinks these sort of things are important, which is why it has been working with the guys who pointed out the weaknesses to try and fix the obvious loopholes.

  10. #10
    Senior Member
    Join Date
    Nov 2001
    Posts
    119
    does anybody knows the different usage from stream cipher and block cipher in applications?
    the main point is confidentiality and when why ??


    cheers,
    the only thing that doesn\'t change is everything will always change.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •