What are the strength of DES in Information Security?

The strength of DES is as follows −

• Use of 56 bit keys

  • 56 bit key can be frequently used in encryption. There are 256 possible keys. A brute force attack on such number of keys is impossible.

  • A machine implementing one DES encryption per microsecond would take more than thousands of years to divide the cipher.

  • The assumption of one encryption per microsecond is excessively moderate. Diffie and Hellman postulated that the technology existed to develop a parallel machine with one million encryption equipment, each of which can implement one encryption per microsecond.

  • It is necessary that there is more to key-search attack than easily running through all possible keys. If the message is only plaintext in English, thus the result pops out simply, although the task of identifying English would have to be automated.

  • If the text message has been compressed before encryption, then identification is more complex.

• The nature of algorithm

  • Cryptanalyst can implement cryptanalysis by exploiting the features of DES (Data Encryption Standard) algorithm.

  • It can be exploring the weakness of eight substitution tables or S-boxes that are utilized in each iteration.

  • Much of the work has been completed and the number of regularities and unexpected behaviours of the S-boxes have been found but no one has succeeded in discovering out the weaknesses in the S-box.

  • This contention is tantalizing, and over the years a multiple regularities and unexpected behaviour of the S-boxes have been found.

• Timing Attacks

  • A timing attack is a security exploit that allows an attacker to spot vulnerabilities in a local or a remote system to extract potentially responsive or secret data by acquiring the concerned system's response time to several inputs. A timing attack is a type of a broader class of attacks known as Sidechannel attacks.

  • Timing attacks allows an attacker to extract secrets maintained in a security system by acquiring the time it takes the system to respond to several queries.

  • Kocher designed a timing attack to reveal secret keys utilized for RSA decryption. These attacks were only used in the context of hardware security tokens including smartcards.

  • They are associated to the public key algorithms. In this it can maintain information about the key or the plaintext is acquired by observing how long it takes to implement decryptions on several ciphertexts.

  • A timing attack accomplish the fact that on encryption or decryption, algorithm takes different amount of time on multiple inputs.

  • Timing attacks and related attacks can be secured against to some degree by “blinding” the devices implementing encryption and decryption computations so that all computations have the same performance, regardless of the specific key and message being utilized.