DES stands for Data Encryption Standard, while AES stands
for Advanced Encryption Standard. These two standards are all developed after
the internet came to the world. After the internet was introduced to the world,
computer security was more and more important because people can connect to the
internet at any point of the world. Without standard to protect these
information, anybody can access to the information in plain text.
So in 1972, NBS (National Bureau of Standards) started a
study about computer security, but there was no satisfied response afterward.
Then in 1974, IBM submitted a candidate answer. However, in a declassified NSA
book named American Cryptology during the Cold War, 1945-1989 by Thomas R. Johnson,
Johnson said that NBS solicited private industry for a data encryption standard
(DES). The first offerings were disappointing, so NSA began working on its own
algorithm. Then a deputy director for research and engineering, Howard
Rosenblum discovered that Walter Tuchman of IBM was working on a modification
to Lucifer for general use. NSA gave Tuchman a clearance and brought him in to
work jointly with the Agency on his Lucifer modification. Also, the book
indicated that NSA worked closely with IBM to strengthen the algorithm.
For DES, it is archetypal block cipher, an algorithm that
takes a fixed-length string of plaintext bits and transfer the text into
another cipher text bit string of the same length. The length used by DES is 64
bits. To make 64 bits text be encrypted, people need a key to start the process.
Only the people who have the key to a specific text, they can read the text.
The length of DES key is 64 bits. However, 8 bits of them are used to
correction. So only 56 bits are actually used.
Since key of DES is 56 bits long, it is not too hard for the
computer today to brute force attack the key. So we have the advanced version
of DES, AES. AES was developed based on the Rijndael cipher by two Belgian
cryptographers, Joan Daemen and Vincent Rijmen. The standard length for AES is
128 bits. However, people can use 256 bits version for security reason. However,
computer professionals found some indirect ways to break AES. For example,
there was a method to break AES by getting the cache of using the specific key
for the AES. But the method need administrator authority to run. The AES is
security for usage right now. However, there will be always a day that we have to
abandon AES due to the development of technology.
没有评论:
发表评论