|
|
|
|
Data Encryption Standard
- this page is a stub
The Data Encryption Standard, commonly abbreviated to DES,
is a symmetric-key block cipher for the encryption of electronic data.
Although the algorithm is no longer considered secure, it was widely
used during the 1970s, 80s and 90s, for example for the protection
of bank cards.
At the time it was known as FIPS 46.
In the form of Triple-DES, 1 the algorithm was thought
to be secure (2017), although there were theoretical attacks. 2
Following the introduction of the
Advanced Encryption Standard (AES) in 2001,
DES was officially withdrawn as a FIPS 3 in 2004.
|
-
Also known as TDES, 3DES, TDEA and Triple DEA,
-
Not practically feasible at the time. 3DES was withdrawn in 2017.
-
FIPS = Federal Information Processing Standard.
➤ Wikipedia
|
|
DES devices on this website
|
|
|
DES was developed in the early 1970s at IBM, and was based on an earlier
design of a block cipher by Horst Feistel. Following the invitation of the
US National Bureau of Standards (NBS, now: NIST) to propose a candidate
for the protection of sensitive unclassified government data, IBM submitted
the DES algorithm. In 1976, after consultation with the US
National Security Agency (NSA),
the NBS eventually selected a slightly modified version of it,
which was strengthened against differential cryptanalysis,
but weakened against brute force attacks [1].
It was published as an official Federal Information Processing Standard
(FIPS 46.3) for the United States in 1977.
For many years, DES was the defacto standard for the protection of bank cards
— commonly protected by a PIN code — and financial transactions via
ATM machines, point of sale cash registers and the secure/trusted
worldwide interbank communication system SWIFT.
For many years, the NSA has tried to prevent DES from being used in
consumer communication devices.
Today, DES is no longer considered secure. It was officially withdrawn
as a FIPS on 19 May 2005. The 3DES variant however, remains to be
approved by NIST until 2030 for sensitive government information.
Systems used for secure financial transactions (e.g. SWIFT), have
meanwhile been replaced by more secure alternatives.
|
|
DES in a consumer product
|
|
|
Intervention by the NSA
In 1979, the Dutch company Text Lite
was developing a hand-held text terminal — a so-called pocket telex — and wanted to use DES for the encryption of
text-based messages. Text Lite
requested the DES specification from the
NBS, and got it for as little as US$ 8.
The device was released the next year
as the PX-1000,
and was also marketed by Philips
and other companies.
|
The PX-1000 was an instant hit and was soon adopted by journalists,
business men and anyone else who had a need for confidential correspondence,
including criminals. Apart from Philips,
it was soon picked up by other leading names, such as
Siemens,
Ericsson and Alcatel.
In late 1983, the NSA began noticing the device, and expressed its concern
about the availability of DES to the general public, in an affordable
device. They subsequently persuaded Philips to buy
the entire PX-1000 stock and
replace DES by an alternative algorithm, supplied by the NSA.
|
|
|
In the following months the existing stock of 12,000 PX-1000 units was sold
to the NSA, 1 along with 20,000 firmware PROMs that had already been
manufactured, for a total of NLG 16.6 million (~ EUR 7.5 million).
A year later, the PX-1000 was re-released, but this time with the alternative
NSA-algorithm. It is one of the first examples of
NSA intervention in the Netherlands.
➤ More about the PX-1000
|
-
Not directly, but via a cover company by the name of Reynolds Associates.
|
|
|
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Monday 03 July 2017. Last changed: Monday, 15 January 2024 - 17:18 CET.
|
|
|
|
|