DES's ''d-AES'' Are Numbered |
Article is yet to be rated |
|
| Author:
| Goliath
|
|
| Submitted: |
26-Dec-2001 15:47:51 |
| Imported From: |
zZine (original author: clickman)
|
| With the advent of AES, how soon can DES be expected to live on? The war over encryption may yet take another turn, and it might actually be for the better. Or is it?
|
|
The backbone of security for years has relied on a simply little algorithm called DES (Data Encryption Standard). But with it's small keys (56-bit), and ease of cracking, DES has gone through updates to improve its security. The advent of Triple DES greatly increased the level of security. Those truly wary of their security have already gone to other methods, though, as the aging DES has come under the heaviest fire of cracking attempts, as it's the most widely used encryption standard.
Now, there's a new player on the field, and it's name is AES (Advanced Encryption Standard). AES was created on a mathematical formula developed by Joan Daemon of Proton World International and Vincent Rijmen of Katholieke Universiteit Leuven. These Belgians created the formula known as Rijndael (a combination of their last names, it seems, and pronounced "Ra-EE-N-Doll"). AES is a 128-bit encryption that according to ComputerWorld is smaller (less CPU intensive than Triple DES), faster (six times faster than Triple DES), and harder to crack (taking 149 trillion years to crack a single 128-bit AES key using today's computers, Triple DES uses a 112-bit key) than Triple DES.
This new standard has been mandated by Don Evans, Secretary of Commerce in the US, for use in all government agencies by May 26, 2002. (It should be funny if he actually has the power to force agencies like the FBI, NSA, and the CIA to use a standard which they themselves could probably crack.)
The question remains whether or not this algorithm is truely secure. Many doubt that AES will replace Triple DES any time within the next ten years. Does AES contain any backdoors that could allow advanced cryptographers access to the data? The technology is much too young to know for sure. But it's clear that it's not just the privacy "nuts" who are uneasy. Banks and other financial institutions are not easily swayed to new security techniques without proven track records, and it may only be after years of scrutiny that they adopt the standard.
- Goliath
|
|
You must be logged in to vote on an article
|
About Us | Privacy Policy | Mission Statement | Help
|