What are the factors which affects the security of DES?

Information SecuritySafe & SecurityData Structure

DES is a strong encryption standard that works on a 64-bits plaintext block and restore a 64-bits ciphertext. Therefore, DES results in a permutation between the 264 possible arrangements of 64 bits, each of which can be either 0 or 1.

DES has 16 rounds and it can use the same set of techniques on the plaintext block 16 times. Any round less can create DES vulnerable to differential cryptanalysis.

In Data Encryption Standard, the 64 bit plaintext block is subjected to an initial permutation which does not based on the key, whereas the inverse of this permutation completed off the algorithm and produce the ciphertext.

The key length is 56 bits. The key is generally written as a 64-bit number, but each 8th bit is used for parity checking and is rejected when the key is loaded into the DES algorithm.

The building block of DES is a single set of these techniques on the plaintext and based on the key. This is called a round. There are some factors which affects the security of DES is as follows −

Weak Keys − Because of the method the initial key is changed to receive a subkey for each round of the algorithm, specific initial keys are weak keys. The initial keys value is divided into two halves and each half is changed independently.

If all the bits in each half are either 0 or 1, thus the key can be used for some cycle of the algorithm is the same for all the cycles of the algorithm. This can appear if the key is completely 1s, completely 0s, or if one half of the key is completely 1s and the other half is completely 0s. So that creates DES less secure.

Algebraic Structure − The DES encryption operation can form a group, and encrypting a group of plaintext blocks with k1 followed by k2 can be equal to encrypting the blocks with k3.

Even worse, DES can be vulnerable to a meet-in-the-middle known-plaintext attack that runs in only 228 steps. If DES were closed then for any k1 and k2 there would be a k3 such that

$$\mathrm{E_{k2}\left ( E_{k1}\left ( P \right ) \right )\, =\, E_{k3}\left ( P \right )}$$

Key Length − If there is a possibility to speed up the searching procedure by timespace tradeoff. The possibility of calculating and saving 256 possible results of encrypting an individual plaintext block under each possible key and then to break an unknown key, and it is required to add data blocks into the encryption stream, recover the resulting cipher text and view the key up.

No. of Rounds − No of rounds kept 16 because reduced number of rounds has been strongly attacked. DES with three or four rounds was simply broken .DES with any number of rounds fewer than 16 can be broken with a known plaintext attack more effectively than by a brute-force attack.

Updated on 14-Mar-2022 09:50:12