Encryption is the process of converting information from its normal, comprehensible form into an obscured guise, unreadable without special knowledge.

There are thousands of encryption techniques. It is different than compression, although both yield gibberish before they are converted to a readable form. Here we will discuss the strongest encryption techniques – approved by the US Government. We will give a brief overview of each algorithm but will not explain them in detail due to complexity.

## DES (Data Encryption Standard)

Uses a 56-bit key.64-bit blocks and 64-bit keys – but 8 bits of the key are parity, so the actual key length is 56-bits.

- The
**Data Encryption Standard**(DES) is a widely-used algorithm for encrypting data. - It was developed by IBM under the name
**Lucifer**. It was submitted to NBS in response to a 1973 solicitation for better cryptosystems. - With help from the National Security Agency, the US National Institute of Standards and Technology took IBM’s design and made some changes; DES was adopted as a standard in January of 1977.

#### Suggested Reading:

**The Algorithm**

DES is a product block encryption algorithm (a cipher) in which 16 iterations, or rounds, of the substitution and transposition (permutation) process, are cascaded.

- The block size is 64 bits so that a 64-bit block of data (plaintext) can be encrypted into a 64-bit ciphertext. The key, which controls the transformation, also consists of 64 bits. However, only 56 of these are at the user’s disposal; the remaining eight bits are employed for checking parity. The actual key length is therefore 56 bits.
- Subsets of the key bits are designated K
_{1}, K_{2}, etc., with the subscript indicating the number of the round. The cipher function (substitution and transposition) that is used with the key bits in each round is labeled f. - At each intermediate stage of the transformation process, the cipher output from the preceding stage is partitioned into the 32 leftmost bits, L
_{i}, and the 32 rightmost bits, R_{i}. R_{i}is transposed to become the left-hand part of the following higher intermediate cipher, L_{i+1}. - The right-hand half of the next cipher, R
_{i+1}, however, is a complex function of the key and of the entire preceding intermediate cipher. - The essential feature to the security of the DES is that f involves a very special nonlinear substitution– i.e., f(A) + f(B) does not equal f(A + B)–specified by the Bureau of Standards in tabulated functions known as
*S*-boxes. - This operation results in a 32-bit number, which is logically added to Ri to produce the left-hand half of the new intermediate cipher. This process is repeated 16 times in all.
- To decrypt a cipher, the process is carried out in reverse order, with the 16th round being first. The DES algorithm lends itself to integrated-chip implementation.
- By 1984 the Bureau of Standards had certified over 35 LSI- and VLSI-chip implementations of the DES, most on single 40-pin chips, some of which operate at speeds of several million bits per second.

When the cipher was first released, the design criteria for the S-boxes were not released. With the National Security Agency’s involvement in the S-boxes’ design, most security researchers were wary of DES.

- In 1990, with the independent discovery and open publication by Biham and Shamir of differential cryptanalysis, it turned out that at least some of the wariness was uncalled for.
- The S-boxes’ primary design criteria seem to have been (and has been claimed to have been by IBM personnel involved) to strengthen them against differential cryptanalysis.
- The secrecy behind the design criteria at the time appears to have been because the technique was not known to the public at the time.
- Notably, DES is theoretically vulnerable to a technique discovered later by Matsui, linear cryptanalysis. It is unknown whether the NSA was aware of linear cryptanalysis when DES was finalized, but most knowledgeable observers think not.
- Don Coppersmith, one of DES’s designers at IBM, has stated that IBM itself was not aware of linear cryptanalysis at that time.

Because the key length is 56 bits, DES can be broken by the brute force attack method of running through all possible keys.

- It is believed that one of the reasons this reduced key length was chosen was that NSA in the mid-’70s possessed enough computer power to brute force break keys of this length.
- In the years since computer hardware progress has been such that most anyone now can have sufficient computational capacity.
- The EFF, a cyberspace civil rights group (with neither much funding nor personnel), did it in a little more than 2 days’ search at about the same time at least one attorney from the US Justice Department was publicly announcing that DES was and would remain unbreakable.
- After another long-delayed competition, (NIST) has selected a new cipher, the Advanced Encryption Standard(AES), to replace DES (fall -’01). AES was submitted by its designers under the name Rijndael.

## 3DES (Triple DES)

Uses 3xDES key = 3 x 56-bit = 168 bits. But the effective key size is 112-bits. Many former DES users now use Triple DES(3DES), which was described and analyzed by one of DES’s patentees (see **FIPS** 46-3); it involves DES encryption of each data block three times with different keys.

- 3DES is widely regarded as adequately secure for now, though it is relatively slow. However, note that there are several ways to use DES three times; only one of those is Tuchman’s 3DES.
- 3DES is the EDE (Encrypt-Decrypt-Encrypt) mode of the DES cipher algorithm.

The encryption is done by

C = encrypt_{k3}(decrypt_{k2}(encrypt_{k1}(P))).

with

P = plaintext

C = ciphertext

ki = key #i

encrypt, decrypt = DES

- Because DES is not a group, using it in EDE mode will increase its key size by a factor of 3, making it 168 bits. Because of an attack, it only has an effective key size of 112 bits, though.
- A variant uses k
_{1}= k_{3}, thus reducing the key size to 112 bits. This mode is susceptible to some attacks, though, and should therefore not be used when key-storage is not a problem.

If k_{1}= k_{2} or k_{2}= k_{3}, triple DES is equal to DES.

The use of three steps is essential to prevent meet-in-the-middle attacks. The choice of decryption for the intermediate step (instead of encryption) does not affect the algorithm’s security. Instead, it lets tools that implement triple-DES interoperate with legacy single DES tools.

## AES (Advanced Encryption Standard)

AES is supposed to be the holy grail of Encryption. It is meant to improve on DES and 3DES and last as a standard for the next 20 to 30 years.

The **AES** algorithm (**FIPS 197**) is very complex, but basically, it works as follows:

- the sender has a stream of data, and the data is separated into blocks of data of n bits.
- the blocks of data are combined with a cipher key.
- arrays of data (matrices) are created using a series of functions.
- before transmitting the data, a series of iterations called “
*rounds*” are applied to the arrays. The number of rounds performed depends on the key length. For example, 128 bits use 10 rounds, 196 bits use 12 rounds, and 256 bits use 14 rounds. - The 4 functions performed on the arrays for each round are:
*SubBytes*,*ShiftRows*,*MixColumns*, and*AddRoundKey*. - When the data is received, decryption is accomplished by a reversed sequence of inverse round functions. Of course, both sender and receiver must know the cipher key.