Slashdot Mirror

← Back to Stories (view on slashdot.org)

NIST Proposes Abandoning DES

Posted by ryuzaki0 on from the thanks-for-all-your-hard-work dept.

Mr. Manometer writes "With little fan-fare, NIST proposed yesterday to withdraw the Federal Information Processing Standard (FIPS) for the Data Encryption Standard (DES) with a Federal Register notice (pdf). NIST is encouraging federal agencies to use the Advanced Encryption Standard (AES) instead since they feel that DES is 'now vulnerable to key exhaustion using massive parallel computations.' We all knew this day would come as computers got faster & cheaper... and this should put more pressure on folks to use stronger encryption techniques with is a good thing." Some would argue that DES has been insufficient for some time now.

4 of 205 comments (clear)

  1. NIST endorsement of DES by SIGALRM · · Score: 5, Informative
    NIST proposed yesterday to withdraw the Federal Information Processing Standard (FIPS) for the Data Encryption Standard (DES)
    Actually, NIST withdrew their endorsement of DES in 1997. DES as a standard was adopted in 1972. Back in '74 when the NSA was looking at Lucifer for NIST, they actually approved it despite a reduction in its original key length of 128 bits to 56 bits, weakening it significantly. The NSA was accused of planting a "back-door" in Lucifer that would allow agents to decrypt without the key, but of course such a thing was never found.

    In '76 Lucifer was adopted and renamed "DES". Of course as computers became faster and more powerful, it was recognized that a 56-bit key was simply not large enough for high security applications. As a result of these and other serious flaws, NIST abandoned their official endorsement of DES in 1997 and began work on a replacement, to be called the Advanced Encryption Standard (AES). And so the story continues...
    --
    Sigs cause cancer.
  2. arrggghh... by Anonymous Coward · · Score: 5, Funny


    .... I was going to write a long, well thought out reply to this story but the IT colour scheme is causing acid flashbacks.

    The horror... the horror...

  3. Man, they are cruel by Anonymous Coward · · Score: 5, Funny

    They want me to abandon DES and Internet Explorer? Please, NIST, why do you keep recommending against my favorite applications.

    Let's hope we'll never see ICQ and Windows ME on that list.

  4. Which is why... by baudilus · · Score: 5, Funny

    Which is why we have to invent an unrealistic encryption scheme. Then we can use it forever.