Questions tagged [des]

(or Data Encryption Standard), a (symmetric) block cipher using a 64 bit block size, with keys of size 56 bit, the standard US block cipher from 1976 to 2001.

DES is based on a Feistel network, with a Feistel function composed on expansion (from 32 bit to 48), key-mixing (with a 48 bit subkey), S-boxes and finally a permutation of the 32 bit output.

DES is now considered insecure due to its small key size which allows brute-force attacks.

DES, the Data Encryption Standard, was the standard US block cypher from 1976 until AES came out in 2001. It was delisted in 2004 and withdrawn as a national standard in 2005.

426 questions

votes

3 answers

What are the benefits of the two permutation tables in DES?

Why do we use a permutation table in the first step of DES algorithm and one at the end of the algorithm?

block-cipher des permutation

asked Jul 12 '11 at 18:44

Am1rr3zA

votes

3 answers

Is Triple DES still considered safe to use?

What it says on the tin. Is it still used in things like TLS?

tls des 3des

asked Sep 19 '17 at 13:36

Melab

4,178
4
24
49

votes

2 answers

Why do we use encrypt-decrypt-encrypt (EDE) in 3DES, rather than encrypting three times?

I'm wondering why we use encrypt-decrypt-encrypt (EDE) sequence in 3DES (also known as DES-EDE, TDES or TDEA) with three keys instead of three times encryption (EEE) with three different keys?

encryption symmetric des 3des

asked Mar 09 '12 at 13:45

alaamub

votes

2 answers

Why is MixColumns omitted from the last round of AES?

All rounds of AES (and Rijndael) have a MixColumns step, save the last round which omits it. DES has a similar feature where the last round differs slightly. The rationale, if I recall correctly, was to "make the cipher appear similar in reverse…

aes block-cipher des

asked Nov 28 '11 at 23:10

Fixee

4,258
3
26
39

votes

1 answer

How was the special DES key 0E329232EA6D0D73 found?

The DES key 0E329232EA6D0D73 has the unusual property that decrypting a ciphertext block consisting entirely of zeros gives a plaintext block consisting of eight repetitions of the same byte (0x87). How was this key originally found?

des

asked Jul 07 '16 at 10:12

prim

votes

2 answers

How were the DES S-box values determined?

It seems like the S-boxes in DES have essentially random values. How were these chosen?

des encryption s-boxes

asked Jul 12 '11 at 19:34

foobarfuzzbizz

3,256
3
24
25

votes

2 answers

Purpose of DES parity bits

DES has a 64-bit key size, but only 56 of those are used during encryption. The other 8 are "parity bits". What was the intended purpose of the party bits, and why are they no longer used in modern ciphers?

des history

asked Apr 03 '16 at 00:30

user9070

votes

3 answers

How long does it take to crack DES and AES?

Suppose that a single evaluation of a block-cipher (DES or AES) takes 10 operations, and the computer can do $10^{15}$ such operations per second. How long would it take for to recover a DES key, using a brute-force search? How about a 128-bit AES…

aes block-cipher brute-force-attack des

asked Sep 23 '11 at 05:29

huyichen

votes

1 answer

Why is triple-DES using three different keys vulnerable to a meet-in-the-middle-attack?

Among other sources, this Wikipedia entry states that triple-DES using three separate keys $(k_1, k_2, k_3)$ is vulnerable to meet-in-the-middle-attacks, while triple-DES using only two keys $(k_1, k_2, k_1)$ is not. Why is this attack possible if…

des 3des meet-in-the-middle-attack

asked Feb 14 '13 at 13:43

malexmave

1,461
2
14
26

votes

2 answers

S-box basic question

I'm trying to understand DES and a bunch of other cryptographic systems using S-Boxes. I have now a quite basic question about how Sboxes work in general. For DES, Sboxes are substituting a 6-bits input for 4-bits output. It is clear for me how…

des s-boxes

asked Jul 03 '17 at 18:06

Serge Waechter

votes

2 answers

Can neural cryptanalysis be applied to AES?

In this Wikipedia article about Neural cryptography (section applications) it states: In 1995, Sebastien Dourlens applied neural networks to cryptanalyze DES by allowing the networks to learn how to invert the S-tables of the DES. The bias in DES…

aes cryptanalysis des rijndael

asked Feb 18 '19 at 12:34

AleksanderCH

6,511
10
31
64

votes

2 answers

Can you explain “weak keys” for DES?

A weak key for DES is a key $K$ such that $DES_{k_1}(DES_{k_2}(x))=x$ for all $x$. I don't get why are the 4 keys $k_1||k_2$: $1^{112}$, $0^{112}$, $0^{56}||1^{56}$, $1^{56}||0^{56}$ considered as weak. (Also didn't find some detailed explanation in…

encryption cryptanalysis block-cipher des

asked Dec 08 '13 at 21:30

Bush

2,160
3
18
27

votes

1 answer

Why is double encryption that's equivalent to single encryption no better than single encryption?

In the "Introduction to Cryptography: With Coding Theory" by Trappe and Washington, in the chapter about DES algorithm the authors say that: "if a cryptosystem is such that double encryption is equivalent to a single encryption, then there is no…

cryptanalysis des multiple-encryption

asked Oct 16 '19 at 15:02

AleWolf

votes

1 answer

Duration for attacking Two-Key Triple-DES Encryption using all RAM ever built?

I am considering attacks on Two-Key Triple-DES Encryption assuming $2^{32}$ known plaintext/ciphertext pairs (that's a mere 32GiB of ciphertext) by the method devised by Paul C. van Oorschot and Michael J. Wiener: A Known-Plaintext Attack on Two-Key…

cryptanalysis des meet-in-the-middle-attack

asked Apr 26 '12 at 11:49

fgrieu

149,326
13
324
622

votes

2 answers

Why is DES not an ideal cipher?

From Cryptography I on Coursera, Week 2, "Exhaustive Key Search Attacks": Now let's assume that DES is what's called an ideal cipher [...] Of course, DES is not a collection of 2^56 random functions Prof. Boneh doesn't offer any explanation of…

des

asked May 30 '18 at 16:00

0x00

2 3

…

28 29 Next