This report will select one of the obsolete cryptographic algorithms, analyse it, discuss one of its vulnerabilities, and suggest a modern algorithm to address this weakness.
The business Management system (BMS) is a powerful management tool that helps an organisation’s management build, create, control, and monitor business activities. Currently, it evolved and has become the backbone of strategic planning and everyday business operations. BMS has the technical infrastructure, such as access control, to protect information from unauthorised access. Still, it can not be used alone to preserve the confidentiality and integrity of information handled against different challenges such as secure system development and maintenance, operation and physical security and compliance with regulations. Cryptography plays an essential role in protecting data’s confidentiality and integrity, which might be hosted within the companies’ premises or outsourced to a cloud service. Furthermore, cryptography protect information processed and transmitted within a communication medium. BMS incorporates many algorithms that serve this purpose; however, some of them are legacy or obsolete, such as RC2, RC4, DES, 3DES, MD2, MD4, MD5, SHA-1, and no longer recommended to be used because they are proved to be vulnerable.
Table of Contents
1. Introduction
2. Cryptographic algorithm selection
3. Data Encryption Standard
3.1 Symmetric encryption Algorithm
3.2 DES Encryption Key
3.3 DES Encryption Subkeys
3.4 How does DES Work?
4. DES Vulnerabilities
4.1 Brute-force
4.2 Parallel Processing.
5. Advanced Encryption Algorithm
6. Conclusion and Comparison Summary.
Subject Objectives and Topics
This report aims to analyze the Data Encryption Standard (DES), examine its historical and technical vulnerabilities as an obsolete cryptographic algorithm, and propose the Advanced Encryption Standard (AES) as a modern and secure replacement for contemporary business management systems.
- Technical mechanics of the DES symmetric key algorithm
- Analysis of DES key space and structural limitations
- Evaluation of brute-force attack vectors and computational feasibility
- Comparative performance between DES and modern AES standards
Excerpt from the Book
DES Vulnerabilities
In general, cryptanalysis studies cracking ciphers to get plaintext or key from the ciphertext. A case in point, DES depends on a 56-bit key of possible 72 million billion possible keys, which is considered limited, especially with advancements in the computing field. Thus, relatively limited key space made the algorithm vulnerable to a brute-force attack (See Figure 5). Likewise, a cipher can also be breakable if we get the encryption key from the plaintext – ciphertext pairs (Denning, 1982). We need to try all possible keys to encrypt a known text encrypted before with DES and then compare ciphertexts. If it matches, we succeed in cracking the key. This process is called an exhaustive search for a key.
Summary of Chapters
Introduction: Outlines the necessity of information security in business management systems and identifies legacy algorithms like DES as vulnerable components.
Cryptographic algorithm selection: Provides a historical overview of DES development by IBM and NBS and explains why its study remains relevant despite its outdated status.
Data Encryption Standard: Details the algorithmic structure, including symmetric key usage, 64-bit block division, subkey generation, and the overall encryption process.
DES Vulnerabilities: Discusses the security limitations of the 56-bit key space and the historical significance of brute-force attacks against the standard.
Advanced Encryption Algorithm: Introduces AES as the modern successor, highlighting its superior key length and security resilience versus the performance trade-offs compared to DES.
Conclusion and Comparison Summary.: Summarizes the key technical differences and reaffirms the transition from DES to AES due to modern computational capabilities.
Keywords
Data Encryption Standard, DES, AES, Cryptography, Symmetric Encryption, Brute-force, Key Space, Information Security, Ciphertext, Plaintext, Feistel Network, Parallel Processing, Cryptanalysis, Block Cipher
Frequently Asked Questions
What is the primary focus of this document?
The document focuses on the technical operation and security status of the Data Encryption Standard (DES), explaining why it has become obsolete and providing a comparison with more secure alternatives.
Which central topics are covered in the work?
The work covers symmetric key infrastructure, block cipher mechanics, the vulnerability of limited key spaces to brute-force attacks, and the technical requirements of modern encryption standards.
What is the primary research goal?
The primary goal is to analyze the weaknesses of DES—specifically its vulnerability to brute-force—and to justify the adoption of the Advanced Encryption Standard (AES) for modern security needs.
What scientific methodology is utilized?
The author uses a comparative and analytical methodology, reviewing historical cryptanalysis data, technical specifications of block ciphers, and performance analysis metrics.
What is treated in the main body?
The main body treats the internal workings of DES (keys, subkeys, and rounds), the mechanics of brute-force attacks, and a performance evaluation of AES against DES.
Which keywords best characterize the work?
Key terms include Cryptography, DES, AES, Brute-force, Symmetric Encryption, and Information Security.
How is the "Deep Crack" machine relevant to this study?
The "Deep Crack" serves as the primary historical case study for proving that even specialized hardware could successfully crack the DES 56-bit key in a matter of hours.
Why is AES considered more secure than DES?
AES is considered more secure due to its significantly larger key space (128-bit, 192-bit, or 256-bit), which makes it exponentially harder to brute-force compared to the 56-bit limit of DES.
- Citar trabajo
- Haitham Ismail (Autor), 2022, Data Encryption Standard (DES) and Issues of DES and its Replacement, Múnich, GRIN Verlag, https://www.grin.com/document/1264836
