Scribd
Upload
30 views

More Than Ten Years Ago

DES is an outdated cipher with too short of a key size (56 bits) that can be brute forced. 3DES is slower than AES but more secure by using three DES ciphers. Blowfish uses large keys and a 64-bit block size like DES and 3DES. AES was selected as the new standard after an open competition and accepts 128, 192, or 256 bit keys with 128-bit blocks, making it the most secure and efficient choice. When encrypting messages longer than the block size, the mode of operation used to split the data into blocks is important for security.

Uploaded by

Jay Shrotriya
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
30 views

More Than Ten Years Ago

DES is an outdated cipher with too short of a key size (56 bits) that can be brute forced. 3DES is slower than AES but more secure by using three DES ciphers. Blowfish uses large keys and a 64-bit block size like DES and 3DES. AES was selected as the new standard after an open competition and accepts 128, 192, or 256 bit keys with 128-bit blocks, making it the most secure and efficient choice. When encrypting messages longer than the block size, the mode of operation used to split the data into blocks is important for security.

Uploaded by

Jay Shrotriya
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

In more details:

DES is the old "data encryption standard" from the seventies. Its key size is too short
for proper security (56 effective bits; this can be brute-forced, as has been
demonstrated more than ten years ago). Also, DES uses 64-bit blocks, which raises
some potential issues when encrypting several gigabytes of data with the same key (a
gigabyte is not that big nowadays).
3DES is a trick to reuse DES implementations, by cascading three instances of DES
(with distinct keys). 3DES is believed to be secure up to at least "2112" security (which is
quite a lot, and quite far in the realm of "not breakable with today's technology"). But it is
slow, especially in software (DES was designed for efficient hardware implementation,
but it sucks in software; and 3DES sucks three times as much).
Blowfish is a block cipher proposed by Bruce Schneier, and deployed in some
softwares. Blowfish can use huge keys and is believed secure, except with regards to
its block size, which is 64 bits, just like DES and 3DES. Blowfish is efficient in software,
at least on some software platforms (it uses key-dependent lookup tables, hence
performance depends on how the platform handles memory and caches).
AES is the successor of DES as standard symmetric encryption algorithm for US
federal organizations (and as standard for pretty much everybody else, too). AES
accepts keys of 128, 192 or 256 bits (128 bits is already very unbreakable), uses 128bit blocks (so no issue there), and is efficient in both software and hardware. It was
selected through an open competition involving hundreds of cryptographers during
several years. Basically, you cannot have better than that.

So, when in doubt, use AES.


Note that a block cipher is a box which encrypts "blocks" (128-bit chunks of data with AES).
When encrypting a "message" which may be longer than 128 bits, the message must be
split into blocks, and the actual way you do the split is called the mode of operation or
"chaining". The naive mode (simple split) is called ECB and has issues. Using a block
cipher properly is not easy, and it is more important than selecting between, e.g., AES or
3DES.

You might also like