DES -- Implementation

Page #4355334 of Chapter:



level indicator


First thing to note for implementation purposes: the original key size of 56 bits is way to small for today's fast cryptanalyzing computers. If DES is to be used (as opposed to its heir, AES), then Triple-DES should be your choice. It's double size key of 128 bits is considered secure as of the closing of 2013.

DES is a fully committed cipher, namely he who captures the ciphertext, also holds the plaintext -- eventually. The question is whether when it happens it is still harmful.

And because of this commitment property, it is not wise to choose the comfort of a 'forever' DES key. One should conduct a thorough threat analysis to decide on the life time and replacement procedure for DES keys.

Standard banking wires and others may include standard blocks of text, and if these blocks fit the DES block size, they appear unchanged from wire to wire, creating a serious vulnerability. Random padding, and block-chaining are some remedy tools.

The last block, padded with zeros, is the most vulnerable spot because DES relies heavily on transposition. Transposing a series of consecutive zeros has no complexity effect whatsoever.

DES users ignorant about the DES transposition content will encrypt small data fields, by padding them with zeros, and thereby considerably weaken the cipher. Apply any randomization scheme, or a specially designed protocol like FIPS81.

If you encrypt a four digit PIN with DES, and you add 0000.....00 (32 zeros) to the PIN to build the 64 bits blocks, then you are less protected than you nominally think.

During the 2013 Christmas shopping season, Target has succumbed to hackers who stole millions of PINs, all encrypted with Triple-DES. How safe are those PINs, if they were all encrypted by first padding each pin with 32 zeros, or even with 4ASCII zero bytes: 4 x 000110000 ? See Threat Analysis.

The smart way to encrypt a 32 bit PIN in a 64 bits cipher is to first device a crypto algorithm to expand the four digits to eight. See the Digital Split Method.

* Version CE-H6703 (SERVER) Crypto Academy