DES is not sufficient

It's common knowledge among those who study cryptography (as well as among most members of the information security community) that the Data Encryption

    Requires Free Membership to View

    Login

Standard (DES) no longer provides sufficient strength to protect the confidentiality of data. Despite this knowledge, DES is still widely used to protect data. Its use is common among two groups: inexperienced users who feel that anything called the "standard" must be good enough, and in legacy systems where administrators have simply forgotten that a weak algorithm is in place.

If you're committed to using DES, you can actually strengthen it in a relatively easy fashion by using a variant known as Triple DES. This technique simply uses three iterations of the DES algorithm with different keys to achieve significantly stronger encryption. Triple DES may be implemented in the three forms listed below. For these examples, note that E(K1,m) represents encrypting the message m with key K1, and D(K1,m) represents the corresponding decryption action. K1, K2 and K3 represent three independent secret keys.

  • 3DES-EEE (for encrypt-encrypt-encrypt): E(k1,E(k2,E(k3,m)))

     

  • 3DES-EDE (for encrypt-decrypt-encrypt) with three keys: E(k1,D(k2,E(k3,m)))

     

  • 3DES-EDE with two keys: E(k1,D(k2,E(k1,m)))

At this point, you're probably asking yourself the question – "What about Double DES?" In a 1991 paper1, two prominent cryptographers proved that an attack known as the "meet-in-the-middle" attack renders 2DES just as ineffective as standard DES.

Here's the bottom line for security administrators – DES is not secure. This fact is widely known within the infosec community. Unfortunately, it's still out there. Your role as a security professional is to educate users about its weaknesses and minimize the impact it has on your organization's security posture.

 

1van Oorschot, P.C., and Weiner, M.J. "A Known-Plaintext Attack on Two-Key Triple Encryption", Advances in Cryptology -- Eurocrypt '90 Proceedings, Berlin: Springer-Verlag, 1991, pp. 318-325.

About the author
Mike Chapple, CISSP, currently serves as Chief Information Officer of the Brand Institute, a Miami-based marketing consultancy. He previously worked as an information security researcher for the U.S. National Security Agency. His publishing credits include the TICSA Training Guide from Que Publishing, the CISSP Study Guide from Sybex and the upcoming SANS GSEC Prep Guide from John Wiley. He's also the About.com Guide to Databases.

For more information on this topic, visit these resources:


This was first published in November 2003

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top