Data encryption standard
DES is a symmetric block cipher that consists of 64 bit blocks, operating with an “effective” key of 56 bits in length, with 16 rounds of encryption. DES is vulnerable to brute force cryptanalysis (guessing the key by trying different combinations). 2DES, or double DES adds a second key, essentially doubling the key length to 112 bits. 2DES is susceptible to Meet in the Middle Attack, which requires some access to plaintext (known plaintext) and is typically performed in corporate espionage or large organizations where access to additional tools and storage may exist.
3DES adds a third key, or uses two keys three times. It’s represented like this:
- DES-EEE3 – three different keys
- DES-EDE3 – three different keys, encrypt, decrypt, encrypt
- DES-EEE2 and DES-EDE2 – the first and second key are different, but the third key is the same as the first, so two keys altogether
Note: even though DES and its variants use more than one key, all forms of DES are considered symmetric (because the same key is used to decrypt).
Note again: you may need to understand the difference in terminology between mode (block/stream) and algorithm (symmetric/asymmetric).
Advanced Encryption Standard (AES)
AES is a symmetric block cipher with a 128 bit block size and the same key lengths of 128, 192, and 256, with a 48 bit IV that reduces the vulnerability to replay attacks.
Other symmetric algorithms are:
- International Data Encryption Algorithm (IDEA)
- CAST
- Secure and Fast Encryption Routine (SAFER)
- Blowfish
- Twofish
- Rivest Cipher 5 (RC5)
- RC6
- RC4
Asymmetric algorithms include:
- Rivest Shamir Adleman (RSA)
- Diffie-Hellman
- ElGamal
- Elliptic Curve Cryptography (ECC)