We live so much of our lives today on the internet. Whether it’s for storing our personal information, finding entertainment, making purchases, or doing our jobs, our society relies increasingly on an online presence.
This increased dependence on the internet means that information security is more important than ever. The stakes are too high now. Users need to know that their sensitive data is kept confidential, unmodified, and readily available to authorized readers.
Data encryption is just one weapon in the cybersecurity arsenal, but it’s one of the oldest and most used. And since no discussion about data encryption is complete without talking about DES, here we are!
Gain expertise in IT Security including security and risk management, and more with CISSP Certification Training Course. Check out course curriculum.
What is the DES Algorithm in Cyber Security?
The DES (Data Encryption Standard) algorithm is a symmetric-key block cipher created in the early 1970s by an IBM team and adopted by the National Institute of Standards and Technology (NIST). The algorithm takes the plain text in 64-bit blocks and converts them into ciphertext using 48-bit keys.
Since it’s a symmetric-key algorithm, it employs the same key in both encrypting and decrypting the data. If it were an asymmetrical algorithm, it would use different keys for encryption and decryption.
History of DES Algorithm
DES is based on the Feistel block cipher, called LUCIFER, developed in 1971 by IBM cryptography researcher Horst Feistel. DES uses 16 rounds of the Feistel structure, using a different key for each round.
DES became the approved federal encryption standard in November 1976 and was subsequently reaffirmed as the standard in 1983, 1988, and 1999.
DES’s dominance came to an end in 2002, when the Advanced Encryption Standard (AES) replaced the DES encryption algorithm as the accepted standard, following a public competition to find a replacement. The NIST officially withdrew FIPS 46-3 (the 1999 reaffirmation) in May 2005, although Triple DES (3DES), remains approved for sensitive government information through 2030.
Triple DES Algorithm
Triple DES is a symmetric key-block cipher which applies the DES cipher in triplicate. It encrypts with the first key (k1), decrypts using the second key (k2), then encrypts with the third key (k3). There is also a two-key variant, where k1 and k3 are the same keys.
- The NIST had to replace the DES algorithm because its 56-bit key lengths were too small, considering the increased processing power of newer computers. Encryption strength is related to the key size, and DES found itself a victim of the ongoing technological advances in computing. It reached a point where 56-bit was no longer good enough to handle the new challenges to encryption.
- Note that just because DES is no longer the NIST federal standard, it doesn’t mean that it’s no longer in use. Triple DES is still used today, but it’s considered a legacy encryption algorithm. Note that NIST plans to disallow all forms of Triple-DES from 2024 onward.
Now in our understanding of what is DES, let us next look into the DES algorithm steps.
DES Algorithm Steps
To put it in simple terms, DES takes 64-bit plain text and turns it into a 64-bit ciphertext. And since we’re talking about asymmetric algorithms, the same key is used when it’s time to decrypt the text.
The algorithm process breaks down into the following steps:
- The process begins with the 64-bit plain text block getting handed over to an initial permutation (IP) function.
- The initial permutation (IP) is then performed on the plain text.
- Next, the initial permutation (IP) creates two halves of the permuted block, referred to as Left Plain Text (LPT) and Right Plain Text (RPT).
- Each LPT and RPT goes through 16 rounds of the encryption process.
- Finally, the LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the newly combined block.
- The result of this process produces the desired 64-bit ciphertext.
The encryption process step (step 4, above) is further broken down into five stages:
- Key transformation
- Expansion permutation
- S-Box permutation
- P-Box permutation
- XOR and swap
For decryption, we use the same algorithm, and we reverse the order of the 16 round keys.
Next, to better understand what is DES, let us learn the various modes of operation for DES.
DES Modes of Operation
Experts using DES have five different modes of operation to choose from.
- Electronic Codebook (ECB). Each 64-bit block is encrypted and decrypted independently
- Cipher Block Chaining (CBC). Each 64-bit block depends on the previous one and uses an Initialization Vector (IV)
- Cipher Feedback (CFB). The preceding ciphertext becomes the input for the encryption algorithm, producing pseudorandom output, which in turn is XORed with plaintext, building the next ciphertext unit
- Output Feedback (OFB). Much like CFB, except that the encryption algorithm input is the output from the preceding DES
- Counter (CTR). Each plaintext block is XORed with an encrypted counter. The counter is then incremented for each subsequent block
We will next improve our understanding of what DES is, let us look into the DES implementation and testing.
DES Implementation and Testing
DES implementation requires a security provider. However, there are many available providers to choose from, but selecting one is the essential initial step in implementation. Your selection may depend on the language you are using, such as Java, Python, C, or MATLAB.
Once you decide on a provider, you must choose whether to have a random secret key generated by the KeyGenerator or create a key yourself, using a plaintext or byte array.
It’s also essential to test the encryption to make sure it is properly implemented. You can find a testing procedure that will do the trick using the recurrence relation found on GitHub.
Now that we have come so far in our understanding of what is DES, let us next look into the reasons to learn DES.
If DES is Becoming Irrelevant, Why Learn It?
Despite DES losing the lofty position of being the go-to data encryption standard algorithm, it’s still worth learning. There will always be room for the DES algorithm in cryptography because it was the foundation for subsequent encryption algorithms. If you understand the origins of data encryption, you will consequently have an easier time grasping the basics of current encryption methods.
After having gone through and understanding what is DES, let us look into ways to improve our cybersecurity skills.
Do You Want to Improve Your Cybersecurity Skills?
Encryption is just one aspect of cybersecurity. There is so much to learn in this vast field beginning, and the more you know, the more marketable a candidate you become when looking for a career in the field. One can never possess too much knowledge!
To that end, Simplilearn offers an impressive variety of cybersecurity-related courses for your benefit. You can learn to become a “white hat hacker” through the CEH (v10) Certified Ethical Hacking course, or become a security systems auditor with CISA certification. You can gain a deeper understanding of managing and governing enterprise IT environments with the COBIT Certification Training course or learn the principles of network security and risk management through the CompTIA Security+ Certification - SY0-501 Exam Training course.
If, on the other hand, you won’t settle for anything less than becoming a full-fledged cybersecurity professional, go for the Cybersecurity Expert Master’s program. The program features a half-dozen courses that will impart the necessary foundational, intermediate and advanced security skills for you to become a cybersecurity expert.
Test yourself in information security concepts and other aspects of IT security with these CISSP Exam Prep Questions. Try answering now!
How Would You Like a Career in Cybersecurity?
After having learned all about what is DES, if you need a good launching point for a cybersecurity career, then you should check out Simplilearn’s CISSP Certification course. This outstanding Certified Information Systems Security Professional (CISSP) course teaches you how to define a secure IT architecture, and subsequently, design, build and maintain a secure business environment using globally approved information security standards. The course explores the industry best practices for IT and prepares you for the CISSP certification exam administered by (ISC)².
You receive more than 60 hours of in-depth learning, five simulation test papers for CISSP certification exam preparation, the requisite 30 CPEs needed for taking the exam, and a CISSP exam voucher. According to Payscale, a Security Operations Specialist earns an annual average of USD 80,000. Today, there is a growing shortage of cybersecurity professionals, so if you want a career that offers security and excellent compensation, visit Simplilearn and get started!