DES is not sufficient

How to harden DES if you are still using it.

It's common knowledge among those who study cryptography (as well as among most members of the information security community) that the Data Encryption Standard (DES) no longer provides sufficient strength to protect the confidentiality of data. Despite this knowledge, DES is still widely used to protect data. Its use is common among two groups: inexperienced users who feel that anything called the "standard" must be good enough, and...

in legacy systems where administrators have simply forgotten that a weak algorithm is in place.

If you're committed to using DES, you can actually strengthen it in a relatively easy fashion by using a variant known as Triple DES. This technique simply uses three iterations of the DES algorithm with different keys to achieve significantly stronger encryption. Triple DES may be implemented in the three forms listed below. For these examples, note that E(K1,m) represents encrypting the message m with key K1, and D(K1,m) represents the corresponding decryption action. K1, K2 and K3 represent three independent secret keys.

  • 3DES-EEE (for encrypt-encrypt-encrypt): E(k1,E(k2,E(k3,m)))

     

  • 3DES-EDE (for encrypt-decrypt-encrypt) with three keys: E(k1,D(k2,E(k3,m)))

     

  • 3DES-EDE with two keys: E(k1,D(k2,E(k1,m)))

At this point, you're probably asking yourself the question – "What about Double DES?" In a 1991 paper1, two prominent cryptographers proved that an attack known as the "meet-in-the-middle" attack renders 2DES just as ineffective as standard DES.

Here's the bottom line for security administrators – DES is not secure. This fact is widely known within the infosec community. Unfortunately, it's still out there. Your role as a security professional is to educate users about its weaknesses and minimize the impact it has on your organization's security posture.

 


1van Oorschot, P.C., and Weiner, M.J. "A Known-Plaintext Attack on Two-Key Triple Encryption", Advances in Cryptology -- Eurocrypt '90 Proceedings, Berlin: Springer-Verlag, 1991, pp. 318-325.

About the author
Mike Chapple, CISSP, currently serves as Chief Information Officer of the Brand Institute, a Miami-based marketing consultancy. He previously worked as an information security researcher for the U.S. National Security Agency. His publishing credits include the TICSA Training Guide from Que Publishing, the CISSP Study Guide from Sybex and the upcoming SANS GSEC Prep Guide from John Wiley. He's also the About.com Guide to Databases.


For more information on this topic, visit these resources:


This was first published in November 2003
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close