DES vs AES

Author:

As someone who covers cryptography, I’ve always been annoyed by the names of these algorithms: DES, AES, RSA, and ECC. First and foremost, these cryptography acronyms are far too boring to convey the incredible encryption work that they do. The second criticism is that they tend to be too random for a layperson to comprehend.

My fingers are tied to write about the former, as much as I’d like to write about the latter. That’s why, in this post, we’ll compare and contrast DES and AES. We’ll look at what the DES encryption algorithm is, how it works, and what the gaps are between these two widely used symmetric block cyphers. Let’s get this party started!

What Is a Symmetric Block Cipher?

To fully comprehend what DES vs AES means, you must first comprehend what a symmetric block cypher is. A block cypher, also called a symmetric encryption algorithm, is a cryptographic algorithm that converts plaintext data into encrypted text (also known as ciphertext). To give you an example, a block cypher could transform the word “Apple” into “2e$5kv7fg*=v#.”

The transition from plaintext to ciphertext is accomplished using a mathematical function known as a symmetric encryption key. Essentially, as this key is applied, the plaintext is converted into blocks of a certain size, which are then encrypted. Since it’s a symmetric key, it can also decode the encrypted text, restoring it to its previous state.

Modern block cyphers:

  • Are fast and capable of processing large volumes of data. Since symmetric encryption algorithms are better at doing this than asymmetric encryption algorithms, they’re ideal for use in businesses when encrypting data at scale.
  • Substitute and transpose with a substitution and transposition feature. The end product of this complicated set of procedures, which includes switching out individual characters and blocks of ciphertext, is more stable ciphertext.

I hope you gained a better understanding of symmetric block cyphers as a result of this. Let’s get started with the first aspect of the DES vs AES comparison: the DES algorithm.

What Is the DES Symmetric Encryption Algorithm?

The Data Encryption Standard (DES) is a symmetric block cipher/encryption algorithm that uses a key length of 56 bits. DES was created by IBM in the early 1970s to safeguard confidential, unclassified electronic government records. In 1977, the final edition of DES was approved by the US government as a Federal Information Processing Standard (FIPS).

This algorithm was developed by IBM and is based on the Feistel Structure, which was created by cryptographer Horst Feistel. The plaintext data is split into two sections in this method, and the encryption process is applied to each piece separately. Since DES uses a 64-bit input, the plaintext is split into two 32-bit bits. After that, each element is expected to go through 16 “rounds” of service, with the result being 64-bit encrypted code. There are several essential phases in the encryption process:

  • Expansion refers to the lengthening of a message after it has been encrypted.
  • Permutation and substitution — Substitution replaces plaintext letters by letters or numbers or symbols. In plaintext, permutation rearranges their order.
  • XOR operation with a circular key — This is an encryption mechanism built on the XOR function of the Boolean algebra.

Why DES Isn’t Secure to Use

To better understand DES vs AES — and why one it in use when the other is not — definitely pay attention here. The acceptance of DES to secure classified information held by the US government resulted in rapid and widespread implementation across the world. However, this has raised concerns about the encryption algorithm. The shorter key length was one of the major reasons for this problem.

Many competitions were launched to verify the security of the DES algorithm, in order to see if the algorithm could be cracked, leaving any encrypted data vulnerable to exposure:

  • It took 84 days to complete the first challenge (the DES I contest in 1997).
  • It took a month to complete the second challenge (DES II, 1998).
  • The most recent one (DES III) only took 22 hours and 15 minutes to crack the DES algorithm.

As a result of all of this, DES was deemed an insecure algorithm, and the National Institute of Standards and Technology (NIST) formally deprecated it in 2005. TLS 1.2 dropped DES, which was part of the TLS 1.0 and 1.1 protocols.

The Emergence of Triple DES (3DES)

Triple DES (3DES), also known as the triple data encryption algorithm (TDEA), was implemented in 1999 after the DES algorithm was found to be unstable. As the name implies, this iteration of the DES algorithm applies the algorithm three times to each data block. As a result, 3DES became a more reliable algorithm than DES, and it was widely used in payment networks, the finance industry, and cryptographic protocols such as TLS, SSH, IPsec, and OpenVPN.

However, due to the Sweet32 flaw discovered by researchers Karthikeyan Bhargavan and Gatan Leurent, 3DES was discovered to be vulnerable over time. This sparked speculation about deprecating 3DES, and in a draught guidelines released in 2018, NIST announced its retirement. According to this recommendation, 3DES will be phased out of all new applications until 2023. The use of 3DES, which was part of the TLS 1.2 protocol, has been phased out of TLS 1.3, the most recent specification for SSL/TLS protocols.

What Is the AES Symmetric Encryption Algorithm?

You are right if you believe that AES (advanced encryption standard) is a comparable substitute for DES. AES, also known as Rijndael, was created by Vincent Rijmen and Joan Daemen, two Belgian cryptographers. This encryption algorithm is a set of cyphers of varying key lengths and block sizes. It was approved by the National Institute of Standards and Technology (NIST) almost 20 years ago, and it became an encryption standard.

In comparison to DES and 3DES, AES provides significantly improved performance, both in terms of speed and protection. It has been reported to be six times faster than DES. But what is it about AES that makes it so special? The most important feature of AES is the variety of key lengths it offers, with 128-, 192-, and 256-bit keys available. The use of AES 256-bit encryption is fairly common nowadays, and in general, the longer the key is, the more difficult it is to break (and the more secure it is).

As we’ve seen, DES uses the Feistel network, in which the data block is split into two halves before the encryption process takes place. AES, on the other hand, employs the substitution and permutation process. Plaintext data is encoded into 128-bit blocks in AES, and then a 128-bit encryption key is added.

The AES encryption method is divided into ten rounds, each with its own set of sub-processes such as sub-bytes, move rows, mix columns, and add round keys. The sub-process of mix columns is not included in the last round (10th).

The higher the number of rounds executed in AES, the higher the level of protection provided by the encryption. The number of rounds used in the encryption process is determined by the key’s duration. Consider the following scenario:

  • 10 rounds are included for a 128- bit key,
  • 12 rounds for a 192- bit key, and
  • 14 rounds for a 256- bit keys.

Is AES Strong Encryption Enough?

There is only one way to hack AES — or other encryption algorithm methods for that matter — and that is to use brute force. The term for this form is “brute forcing.” In layman’s terms, it’s a high-speed trial-and-error process carried out by computers. As a result, the longer the key, the more potential combinations an attacker would have to brute force in order to break it.

There are 2256 potential variations when it comes to the encryption of AES-256. That’s a significant amount of money. This is how it appears:

 

aes-256-possible-combinations-1024x22
Credit:Privacy Canada

So, what exactly does this imply? This sum is, in essence, infinitely greater than the number of atoms in the perceivable universe. And if a futuristic supercomputer tried several quadrillions of variations per second, cracking this figure would take longer than the age of our planet. Not only is 256 bits useless, so so is brute-forcing AES-128.

That does not say, however, that AES would remain unbeatable. Through their qubital superpowers, quantum computers are supposed to crack AES cryptography. However, there’s no reason to be concerned about it for the time being because they’re only a few years out.

Where Is AES Used?

When it comes to data encryption, AES is a very powerful and efficient tool. That’s why AES encryption is used by several governments, including the National Security Agency (NSA) and other government departments, to secure classified data. AES is also used as a standard for the following things:

  • Wireless safety is essential.
  • Encryption of files and processor confidentiality
  • TLS/SSL protocol (website security)
  • Wi-Fi safety
  • App encryption on mobile devices
  • In software creation, libraries are important.
  • Implementation of a VPN (virtual private network).

DES vs AES: A Side-By-Side Comparison of These Two Symmetric Encryption Algorithms

That was a lot of detail to take in all at once, to be sure. And, to be honest, if you’re unfamiliar with the topic, it can all be a little perplexing. That’s why we thought a side-by-side comparison table would be useful in demonstrating the variations between these two algorithms:

DES Encryption Algorithm AES Encryption Algorithm
Established as a standard in 1977. Standardized in 2001.
Has the key length of 56 bits. It offers key lengths of 128, 192, and 256 bits.
The block size is 64 bits. The block size can be of 128, 192, or 256 bits – depending upon the key length.
The encryption process is time-consuming. It offers almost six times faster performance compared to 3DES.
The encryption process involves 16 rounds. The encryption process involves 10, 12, and 14 rounds in the case of 128, 192, and 256 bits, respectively.
The original version of DES has been found to be insecure and was deprecated from use in 2005. 3DES, the upgraded version of DES, is currently in use in some applications, but it’s due to be deprecated in 2023. AES is a much secure symmetric encryption algorithm with no considerable weakness found in it. It’s used worldwide in applications such as hardware, software, SSL/TLS protocols, etc. It’s the current standard of symmetric encryption.
It is based on Feistel Cipher Structure. AES works substitution & permutation principle.
An encryption round involves Expansions permutation Xor, S-box, P-box, Xor, and Swap. Encryption round involves Subtypes, Shiftonce, Mix columns, and Addroundkeys.

Final Thoughts: Our Two Cents on DES vs AES

There is only one winner in the argument between DES and AES. That is why, instead of using the DES encryption algorithm, all modern programmes use AES for secure encryption. That doesn’t mean you’re not using DES, though. According to SSL Labs, an estimated 2.5 percent of websites already use the unstable DES algorithm in TLS 1.0 and 1.1 protocols.

Categories: Security, What is?
Tags: ,

Leave a Reply