Slashdot Mirror


NIST Proposes Abandoning DES

Mr. Manometer writes "With little fan-fare, NIST proposed yesterday to withdraw the Federal Information Processing Standard (FIPS) for the Data Encryption Standard (DES) with a Federal Register notice (pdf). NIST is encouraging federal agencies to use the Advanced Encryption Standard (AES) instead since they feel that DES is 'now vulnerable to key exhaustion using massive parallel computations.' We all knew this day would come as computers got faster & cheaper... and this should put more pressure on folks to use stronger encryption techniques with is a good thing." Some would argue that DES has been insufficient for some time now.

5 of 205 comments (clear)

  1. It was bound to happen eventually. by Jim+Starx · · Score: 4, Insightful

    All realistic encryption scemes have a lifespan.

    --
    The darkness... controls the music. The music... controls the soul.
  2. Computation power?? by www.sorehands.com · · Score: 4, Insightful
    It is always expected that any encryption will be crackable given sufficient computing power, and with Moore's law, that will always eventually happen. But of course by that time, a new more secure, algorithm that requires more computing power to encrypt will be available.

    It is interesting to note that they recommend using a faster algorithm.

    Of course us, of the tin-foil-hat, brigade know that the government has a very secure algorithm (gotten from area 51), but they never tell us about, just so we use an algorithm that we think is secure, but they have their own back-door.

  3. I nominate this for understatement of the day by Marxist+Hacker+42 · · Score: 4, Insightful

    Some would argue that DES has been insufficient for some time now.

    Yeah, like since the day I first heard about it, back in 1995.

    --
    SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
  4. Isufficient for what? by m.h.2 · · Score: 4, Insightful

    "Some would argue that DES has been insufficient for some time now."

    Insufficient for what? I hate to play semantics, and I'm no cryptographer, but as I understand it, the inadequacies of an encryption algorithm are primarily defined by the implementation and the reason for it [application]. OK, it's a weak cipher, but in certain instances, it may still be useful. Right?

  5. Re:arrggghh... by ticklemeozmo · · Score: 4, Insightful

    I was going to write a long, well thought out reply to this story but the IT colour scheme is causing acid flashbacks

    I seriously thought the sarcasm about the crappy color scheme was going to get old after a while, but actually it still seems appropriate. For Vishnu's sake, change the friggen colors!

    --
    When modding "Informative", please make sure it both has a source and IS actually informative.