What is DES? Understanding Data Encryption Standard

Anton P. | September 15, 2023

DES (Data Encryption Standard) is an encryption algorithm experts consider outdated. It is a symmetric key block cipher, applying the same key to encrypt and decrypt information.

The main flaw or risk of this encryption strategy is its susceptibility to brute-force attacks. Due to the shorter key length of DES, modern computers could crack it.

However, while Triple DES (3DES) offered a safer key length, its usage will also halt in December 2023.

Learn about DES algorithm and why it is no longer secure.

What Data Encryption Standard (DES) is

DES is Data Encryption Standard: an algorithm meant to encrypt information and decrypt it using the same key. Thus, it is a symmetric key algorithm introduced in the early 1970s.

During its existence, the National Institute of Standards and Technology (NIST) accepted DES as the solution for encrypting government computer data.

Thus, at the time, DES was at its peak regarding adoption and security. This type of encryption process also spread into other areas, particularly those in need of robust encryption.

How does DES work?

We want to emphasize the following components of DES encryption, reflecting how it works.

Summary: DES divides information into blocks, and every block consists of 64 bits. Every block completes the initial permutation, and its result gets split into two parts.

The LPT and RPT parts proceed with the Feistel function for 16 rounds. After all rounds, the final permutation occurs and completes the encryption process.

DES is a block cipher, meaning that it deals with data in blocks. It divides input text into 64-bit blocks.
All blocks get encrypted using the secret key to turn data into 64-bit encrypted information.
The encryption process completes 16 rounds of encryption. The decryption happens in the opposite order in which keys get applied.
DES uses a 64-bit key, but eight bits get dedicated to parity checks. Thus, the actual key length of 56 bits is more accurate.
The encryption creates different 48-bit subkeys for all 16 encryption rounds. Expansion-permutation is relevant in this process.

Upgrade to AtlasVPN Premium

What went wrong with the Data Encryption Standard?

DES officially retired in 2005, after eight years of government agencies using it to safeguard sensitive data. Security concerns over its key size were the determining factors in its final exit.

The DES algorithm uses a 64-bit key for encryption and decryption. However, the process dedicates eight bits for parity checks. Thus, the true key length turns out to be 56 bits.
The 56-bit key needs up to 2^(56) (approximately 72 quadrillion) tries to find the key. While it might seem a lot, modern computers could complete brute-force attacks.
In 1998, the Electronic Frontier Foundation (EFF) decoded DES-encrypted information in 56 hours. They would achieve the same result in 22 hours the following year.
Another suspicion arose with the US National Security Agency allegedly meddling with the DES.

With evidence of risks in the DES algorithm piling, the world began shifting to new methods and longer key sizes.

What about Triple DES (3DES)?

Triple DES (2DES) emerged as the new and improved version of the DES algorithm. Its strength is that it performs three iterations of DES.

What does it mean?

The iterations increase the effective key length. However, the algorithm can only be secure if three separate keys are generated. The strongest version of 3DES offered 168-bit keys.

The end of 3DES is near

3DES also faces deprecation: after December 31, 2023, the algorithm will be disallowed for encryption. The usage of 3DES will become strictly limited, allowed only with NIST guidance and approval.

Thus, DES and 3DES leave the encryption world, having paved the way for other robust algorithms like AES.

What encryption algorithms replaced DES?

DES is a predecessor of the Advanced Encryption Standard (AES), currently used in modern encryption. AES is also a symmetric encryption cipher, and it applies the same keys for encryption and decryption.

AES is drastically more secure than DES since it offers 128-bit, 192-bit, or 256-bit keys. AES is also better than 3DES as it offers much better performance.

Thus, while limited use cases for DES or 3DES exist, AES is a much superior algorithm in most aspects.

Picking the best encryption algorithms

Users might not know what encryption algorithms various services use to protect their data. However, such information usually is publicly available. Thus, you can always verify if your apps put their best efforts into guarding your information.

For instance, Atlas VPN uses AES-256 to offer the strong encryption our users deserve. Since we deal with your browsing activities, we constantly explore ways to overcome challenges and adapt to the ever-changing digital landscape. You are also welcome to find more information about our encryption procedures.