Cryptography

DES, 3DES and AES

Easy
15 min

Data Encryption Standard (DES)

Data Encryption Standard (DES) set the standard for symmetric encryption for decades until its security limitations led to the development of Triple DES and later the adoption of a new standard, AES.

DES: Origins and Era

DES was developed in the 1970s by IBM and was accepted as the official encryption standard of the United States government in 1977. DES is based on a symmetric encryption algorithm that uses a 56-bit key to encrypt and decrypt 64-bit data blocks. Its development was a response to the growing need for a reliable digital data encryption method, enabling both data encryption and decryption with the same algorithm.

Although DES was a significant advancement in the field of cybersecurity, its 56-bit key size began to prove vulnerable, especially with increasing computational power. By the 1990s, it was clear that stronger encryption was needed.

3DES: Response to the Limitations of DES

Triple DES was developed to overcome the limitations of DES. Its basic idea is simple: use the DES algorithm three times in a row for each data block, but with different keys (or key combinations), significantly enhancing security. 3DES uses either two (112-bit) or three (168-bit) separate keys, but in practice, using three separate keys provides the best protection.

3DES has proven to be significantly more secure than DES, and its key size is considered sufficient to resist brute-force attacks, although its performance is significantly slower than DES's, due to the triple encryption process. This lack of efficiency is one reason why it has gradually been overshadowed by newer, more efficient encryption algorithms, such as AES.

AES competition: Origin and Selection

Advanced Encryption Standard (AES) is the cornerstone of modern cybersecurity. The story of AES is as much a story of innovation and international cooperation as it is a technical achievement. By the late 1990s, it was clear that the Data Encryption Standard (DES), which had been in use since 1977, no longer provided sufficient protection against growing cybersecurity threats. Therefore, the National Institute of Standards and Technology (NIST) initiated a process to develop a new, modern encryption standard. This process led to the AES competition, which was an open invitation for cryptographers around the world to design the successor to DES.

In 1997, 15 proposals from five different countries were submitted to the competition. The requirement set by NIST was that the proposed algorithm had to be a symmetric block cipher capable of efficiently encrypting and decrypting data in 128-bit blocks, and supporting at least three key sizes: 128, 192, and 256 bits. From the proposals, Rijndael developed by Belgian cryptographers Vincent Rijmen and Joan Daemen stood out as the winner due to its efficiency, flexibility, and above all, security. Officially named AES, Rijndael was adopted as a standard in 2001.

What is AES in Practice?

AES is a symmetric encryption algorithm that converts plaintext into encrypted text using a key that can be 128, 192, or 256 bits long. AES processes data in a series of four functions: SubBytes, ShiftRows, MixColumns, and AddRoundKey. These functions are performed in multiple rounds, depending on the key size: 10 rounds with 128-bit keys, 12 rounds with 192-bit keys, and 14 rounds with 256-bit keys.

AES Impact

The implementation of AES has meant a significant improvement in the security of digital data. Its strong algorithm and key sizes provide significant protection against modern threats, making it a reliable choice for governments, businesses, and individuals around the world.

The impact of AES extends far beyond just improving cybersecurity; it has set a new standard for encryption that is difficult to beat in terms of security, efficiency, and flexibility. Its role in today's digital world is irreplaceable, protecting everything from sensitive communication to financial data and national security.

Exercise

You can find the tool for decryption here.

Decrypt DES where value is "edb329b0b7a4e15ece120b42fca1b5613e66ce73646fcfa9", key is "salasana", IV value is "ivarvoyo" and mode is CBC. What is the plain language equivalent?

hakatemia pro

Ready to become an ethical hacker?
Start today.

As a member of Hakatemia you get unlimited access to Hakatemia modules, exercises and tools, and you get access to the Hakatemia Discord channel where you can ask for help from both instructors and other Hakatemia members.