Study About Breaking Data Encryption Algorithm Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The Data Encryption Standard DES is developed by IBM in 1970's and after seven year in 1977, National Bureau of Standard presently known as National Institute of Standard and Technology NIST was adopted DES as a symmetric cryptography algorithm for protecting the secret information/data in the United State [1]. It is commonly used as a safest algorithm for sensitive information as well as for the authentication of the banking transactions. As the passage of time, Data Encryption Algorithm DES becomes unsecure. As the time goes on different attacked were made on DES and from those attacks most are successful. By one recent attempt the DES has been broken in few hours which make the NIST to take it as a serious issue. Recently, a German court described DES as "out-of-date and not safe enough" so it should not be used and if someone used, he is responsible for that act. In this easy, I will try to describe the different ways through which the DES was cracked and what is the alternate for it.

Security Level of DES:

There are three main area of concern fall as the key length, the criteria of design, and the block length by Marie A. Wright in 1999.

DES provides more than 72 quadrillion cryptographic keys as key length is 56-bits; they tested all the keys and concluded that it is computationally infeasible to break, before the introduction of multiple parallel.

Cryptanalysis is possible by exploiting the design criteria of the DES, in this criteria the main focus on the eight substitution function i.e., S-box which are used in eight iterations. The S-box is not made for the causing many to speculate that the DES may contain trap-door system which might be used to subvert / circumvent its features of security.

If the small block size is used the system is exposed the possibility of being attacked to a statistical analysis of the plaintext. On the other hand, if the large block size is used, the statistical analysis of the plaintext is hidden, made this type of cryptanalysis infeasible. Larger block of data is directly proportional to the security, and there is concern that DES has 64-bits block size inadequate.

Exhaustive key search / Brute-force Attack:

In exhaustive key technique, we used the all possible keys to break the DES which is a brute-force attack. Data Encryption Standard uses the 64 bits blocks of data and 56 bit secret key. A simple example is the following: we have an encrypted data block at disposal and have some information about the plaintext that is an ASCII text or image of any format and we would like to recover the secret key.

The simpler or basic method is to try to with brute-force attack. If we get the clear text information it will allow us to recognize the right key and to stop the search. Approximately, we will have to try 36'028'797'018'963'968 (36 millions of billions) of keys for exhaustive key search. The common modern personal computer can check about one to two millions keys per second, this represents a work time of about approximately 600 to 1200 years for a single machine which takes too much time.

In 1998, Electronic Frontier Fundation (EFF) has built a dedicated machine [2] to prove the world that it is feasible to crack the DES more quickly. They made the machine with the help of 1536 dedicated chips, which named 'Deep Crack' and its cost about 1,27,700 GBP at that time, now its cost continuously goes down . It works on brute force method but it is too fast its break the DES in 4 days in average, 92 billion of key per second. As we know the budget of electronic intelligence agencies like, the National Security Agency in the United State of America, it is so easy to be pessimistic on the security of DES against such organizations.

We don't need to spend even lot of money to break DES, volunteers are ready to donate their machine for this purpose, and internet is sufficient for it. In January 1999 Distributed.Net, an organization specialized in collecting and manage computer's idle time. They break the DES in 23 hours, more than one hundred thousand computers of different type have received and done a little part of the work by this 250'000'000'000 key per second are allowed. In short, we cannot make estimation that how quickly these organisations can able to break DES.

 In 2006, the COPACOBANA (Cost-Optimized Parallel Code Breaker) is a Field-Programmable Gate Array FPGA-based machine is only other confirmed DES cracker. COPACOBANA consist of reconfigurable integrated circuits is commercially available unlike Deep Crack. Its costs about 6330 GBP to build and will recover a DES key in approximately 6.4 days on average. It is good for parallel computation problems which required low communication. Roughly cost decrease by 25 over the EFF machine is an impressive example for the continuous improvement of digital hardware. Adjusting for inflation over eight years yields an even higher improvement of about 30x. Since 2007, SciEngines GmbH, a company of the two partners in project of COPACOBANA has enhanced and developed successors of COPACOBANA. In 2008 their COPACOBANA RIVYERA minimised the time to break DES to less than one day by using 128 Spartan-3 5000's. Currently the records hold by SciEngines' RIVYERA in brute-force breaking DES utilizing 128 Spartan-3 5000 FPGAs.[7].

In May 2008, COPACOBANA released the new version which based on Virtex-4 SX 35 FPGAs. This version provides more logical resources as well as total of 24,756 DSP block within FPGAs for accelerating the arithmetic-intensive applications.

A time-memory tradeoff Attack:

In 1980, Martin Hellman proposed in a time-memory tradeoff algorithm [3] , which needs less time as compared to an exhaustive search and less memory than the storing method. His algorithm needs in the order of 0.97 TB of storage possibilities and about 5 days of computations for a single PC.

An exhausted search required lot of time and almost negligible memory. It is now possible to take the benefit from the memory in this regard. Let's suppose that we are ready to pre-compute for all the possible keys K and the encrypted data block E corresponding to a given block D of data and storing in the pairs encrypted and Key (E,K). By this way, we find the key more quickly if we have at disposal an encrypted version E' of our known block with an unknown key K' by searching in this way. This method becomes more interesting where we have more than one key to find and we have enough memory at disposal.

Differential Cryptanalysis Attack:

In 1990, Biham and Shamir, two Israeli cryptographers working at the Weitzmann Institute, was invented [4] a new generic technique to break symmetric algorithms called the differential cryptanalysis. Differential Cryptanalysis gives maximum output when the cryptanalysis can select plaintext and obtain chipper text. Due to this technique, first time able to break DES more quickly than an exhausted search.

Suppose, we have a device which encrypts data with a hard-wired secret key, and also suppose that we don't have the tools needed to read the key in the chip. Now select some data blocks and to encrypt them with the device.

The data analysis phase computes the key by analyzing about 247 chosen plaintexts. A main benefit of this attack is that its probability of success increases linearly (as time increase the success also increase means success is directly proportional to the success) with the number of available chosen plaintexts and can thus be conducted even with fewer chosen plaintexts. Practically, the attack analyses about 214 chosen plaintexts and it succeeds with a probability of 2-33.

Linear cryptanalysis Attack:

Mitsuru Matsui, a Japanese researcher was invented Linear Cryptanalysis in 1994, by working at Mitsubishi Electronics [4]. There are two types of linear cryptanalysis one is to make a linear equation relating plain-text, cipher-text, and key bits that have high bias which are closed to 0 and 1. Second is to use these linear equations with known pairs of plaintext-ciphertext to get key bits. According to Matsui, if we have 243 = 8'796'093'022'208 known pairs of plaintext-ciphertext at disposal, which represents the large data of 62.5 TB, it is possible to recover the wanted key in a few days using linear cryptanalysis. This attack is most powerful attack on DES known at this time period.

A current research project at the Security and Cryptography Laboratory (LASEC) was created at "Ecole Polytechique Federale De Lausanne" EPFL in 2000, is the cost analysis of this attack. They have first implemented a very fast DES encryption routine by using the advanced techniques on a basic computer i.e., Intel Pentium III machine; this is able to encrypt at a rate of 192 Mbps on a Pentium III 666 MHz processor which is quite old system in this era. We have then implemented the attack; it is currently running on eighteen CPU's and it breaking a DES key in four days. So, if someone used the higher computers like Pentium Due Core, Quad, Core I3, Core I5 and Core I7 then you estimate that how quickly DES will break.

The main goal of this project is to do a statistical analysis on its complexity as well as on its success probability. First experimental and theatrical results have shown that a linear cryptanalysis needs less time in reality as calculated by Matsui in 1994.

Problems in DES:

As DES takes the 64 bit block of plaintext and converts into 64 bits of cipher text. There are no major flaws / back draw in DES algorithm. Basically, its foundation is ineffectual due to the small length of key i.e., 56-bits. Since Data Encryption Algorithm no longer provides enough security. So it needs to replace by some secure algorithm.

A group of well-known cryptographers looked at key lengths in a 1996 paper [6]. They suggested a minimum of 75 bits to consider an existing cipher secure and a minimum of 90 bits for new ciphers. All the algorithms, the minimum key lengths recommended on those papers are significantly longer than the maximums allowed by various laws.


From the above discussion, I come to the conclusion that DES is not secure algorithm and nor suitable for the secret information neither for bank purposes. By knowing the fact that it can be crack in few hours so, non-published information can be hacked easily which shows sign of old age as well as unsecure. In this scenario, to make the data secure different scientists working on the flaws of the DES and try to make the algorithm which is secure and become reliable for the organisations. They make the algorithm which is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt the data of 128 bits which is known as Advance Encryption Standard AES. AES cipher takes the number of transformation rounds repetitiously, which change the plain-text into cipher-text. There are many steps for each round with one round that relies exclusively on the encryption key and vice versa. The AES encryption use minimum 128-bit key to encrypt and decrypt data which 72-bit more than DES.

On Nov 26, 2001 National Institute of Standards and Technology [8] announced as U.S Federal Information Processing Standard Publication 197 announced AES as a standard and in May 26, 2002 approving authority, Secretary of Commerce approved it, then first time it is publically accessible and in July 2003, the National Security Agency (NSA) stated that Advanced Encryption Standard AES was secure enough to protect secret information. Now AES encryption is used as a secure algorithm throughout the world for government as well as business groups. The other big benefit of this algorithm is that it works on multiple layers at the same time. They predict that it replace the DES for next 10 years. AES is still reliable for Security algorithm and still unbreakable however the works going on to break it.

Word Count = 2000