|
|
|
|
|
|
by tialaramex
1845 days ago
|
|
|
The reassuring thing about DES is that DES is actually broken only for the reasons people knew about when DES was standardised in the 1970s. The DES key size is too small (56 bits) and the DES block size is too small (64 bits). Practical attacks on DES (as opposed to stuff like oracles that isn't a block cipher problem per se) all attack these known weaknesses of DES, theoretically it's still fine, within the bounds of those two fatal limitations. That's reassuring because it means we're probably done. AES is faster, and it fixes the two things that are wrong with DES by having the longer keys (128-bit or 256-bit) and the larger blocks (128-bit) and so if DES is any indication there won't be a need to replace AES in the foreseeable future. But I'm pretty sure it makes this hypothetical Cryptopals set silly. On specialist hardware DES cracking via these two obvious flaws is practical, though not exactly cheap, but "Pay somebody some Buttcoins to crack the key" isn't much of a Cryptopals exercise, and "Build your own DES cracker" is more hardcore electronics project than crypto introduction. |
|
|