Data Encryption Standard (DES)

Originally designed by researchers at IBM in the early 1970s, DES was adopted by the U.S.
government as an official Federal Information Processing Standard (FIPS) in 1977 for the
encryption of commercial and sensitive yet unclassified government computer data. It was
the first encryption algorithm approved by the U.S. government for public disclosure. This
ensured that DES was quickly adopted by industries such as financial services, where the
need for strong encryption is high. The simplicity of DES also saw it used in a wide variety
of embedded systems, smart cards, SIM cards and network devices requiring encryption like
modems, set-top boxes and routers.
DES key length and brute-force attacks
The Data Encryption Standard is a block cipher, meaning a cryptographic key and algorithm
are applied to a block of data simultaneously rather than one bit at a time. To encrypt a
plaintext message, DES groups it into 64-bit blocks. Each block is enciphered using the secret
key into a 64-bit ciphertext by means of permutation and substitution. The process involves
16 rounds and can run in four different modes, encrypting blocks individually or making each
cipher block dependent on all the previous blocks. Decryption is simply the inverse of
encryption, following the same steps but reversing the order in which the keys are applied.
For any cipher, the most basic method of attack is brute force, which involves trying each
key until you find the right one. The length of the key determines the number of possible keys
-- and hence the feasibility -- of this type of attack. DES uses a 64-bit key, but eight of those
bits are used for parity checks, effectively limiting the key to 56-bits. Hence, it would take a
maximum of 2^56, or 72,057,594,037,927,936, attempts to find the correct key.
Even though few messages encrypted using DES encryption are likely to be subjected to this
kind of code-breaking effort, many security experts felt the 56-bit key length was inadequate
even before DES was adopted as a standard. (There have always been suspicions that
interference from the NSA weakened IBM's original algorithm). Even so, DES remained a
trusted and widely used encryption algorithm through the mid-1990s. However, in 1998, a
computer built by the Electronic Frontier Foundation (EFF) decrypted a DES-encoded
message in 56 hours. By harnessing the power of thousands of networked computers, the
following year EFF cut the decryption time to 22 hours.
Apart from providing backwards compatibility in some instances, reliance today upon DES
for data confidentiality is a serious security design error in any computer system and should
be avoided. There are much more secure algorithms available, such as AES. Much like a
cheap suitcase lock, DES will keep the contents safe from honest people, but it won't stop a
determined thief.
Successors to DES
Encryption strength is directly tied to key size, and 56-bit key lengths have become too small
relative to the processing power of modern computers. So in 1997, the National Institute of
Standards and Technology (NIST) announced an initiative to choose a successor to DES; in
2001, it selected the Advanced Encryption Standard as a replacement. The Data Encryption
Standard (FIPS 46-3) was officially withdrawn in May 2005, though Triple DES (3DES) is
approved through 2030 for sensitive government information. 3DES performs three iterations
of the DES algorithm; if keying option number one is chosen, a different key is used each
time to increase the key length to 168 bits. However, due to the likelihood of a meet-in-the-
middle attack, the effective security it provides is only 112 bits. 3DES encryption is
obviously slower than plain DES.
 Cryptography
Supporting the facilities of a distributed system, such as resource distribution, requires the
use of an underlying message passing system. Such systems are, in turn, reliant on the use of
a physical transmission network, upon which the messages may physically be communicated
between hosts.

Physical networks and, therefore, the basic message passing systems built over them are
vulnerable to attack. For example, hosts may easily attach to the network and listen in on the
messages (or 'conversations') being held. If the transmissions are in a readily understandable
form, the eavesdroppers may be able to pick out units of information, in effect stealing their
information content.

Aside from the theft of user data, which may be in it of great value, there may also be system
information being passed around as messages. Eavesdroppers from both inside and outside
the system may attempt to steal this system information as a means of either breaching
internal access constraints, or to aid in the attack of other parts of the system. Two possibly
worse scenarios may exist where the attacking system may modify or insert fake
transmissions on the network. Accepting faked or modified messages as valid could lead a
system into chaos.

Without adequate protection techniques, Distributed Systems are extremely vulnerable to the
standard types of attack outlined above. The encryption techniques discussed in the remainder
of this report aim to provide the missing protection by transforming a message into a form
where if it were intercepted in transit, the contents of the original message could not be
explicitly discovered. Such encrypted messages, when they reach their intended recipients,
however, are capable of being transformed back into the original message.

There are two main frameworks in which this goal may be achieved; they are named Secret
Key Encryption Systems and Public Key Encryption Systems.

Secret Key Encryption Systems

Secret key encryption uses a single key to both encrypt and decrypt messages. As such it
must be present at both the source and destination of transmission to allow the message to be
transmitted securely and recovered upon receipt at the correct destination. The key must be
kept secret by all parties involved in the communication. If the key fell into the hands of an
attacker, they would then be able to intercept and decrypt messages, thus thwarting the
attempt to attain secure communications by this method of encryption.

Secret key algorithms like DES assert that even although it is theoretically possible to derive
the secret key from the encrypted message alone, the quantities of computation involved in
doing so make any attempts infeasible with current computing hardware. The Kerberos
architecture is a system based on the use of secret key encryption.
Public Key Encryption
Public key systems use a pair of keys, each of which can decrypt the messages encrypted by
the other. Provided one of these keys is kept secret (the private key), any communication
encrypted using the corresponding public key can be considered secure as the only person
able to decrypt it holds the corresponding private key.

The algorithmic properties of the encryption and decryption processes make it infeasible to
derive a private key from a public key, an encrypted message, or a combination of both. RSA
is an example of a public key algorithm for encryption and decryption. It can be used within a
protocol framework to ensure that communication is secure and authentic.
 Internet

The Internet, sometimes called simply "the Net," is a worldwide system of computer
networks - a network of networks in which users at any one computer can, if they have
permission, get information from any other computer (and sometimes talk directly to users at
other computers). It was conceived by the Advanced Research Projects Agency (ARPA) of
the U.S. government in 1969 and was first known as the ARPANet. The original aim was to
create a network that would allow users of a research computer at one university to "talk to"
research computers at other universities. A side benefit of ARPANet's design was that,
because messages could be routed or rerouted in more than one direction, the network could
continue to function even if parts of it were destroyed in the event of a military attack or other
disaster.

Today, the Internet is a public, cooperative and self-sustaining facility accessible to hundreds
of millions of people worldwide. Physically, the Internet uses a portion of the total resources
of the currently existing public telecommunication networks. Technically, what distinguishes
the Internet is its use of a set of protocols called TCP/IP (for Transmission Control
Protocol/Internet Protocol). Two recent adaptations of Internet technology, the intranet and
the extranet, also make use of the TCP/IP protocol.

For most Internet users, electronic mail (email) practically replaced the postal service for
short written transactions. People communicate over the Internet in a number of other ways
including Internet Relay Chat (IRC), Internet telephony, instant messaging, video chat or
social media.

The most widely used part of the Internet is the World Wide Web (often abbreviated "WWW"
or called "the Web"). Its outstanding feature is hypertext, a method of instant cross-
referencing. In most Web sites, certain words or phrases appear in text of a different color
than the rest; often this text is also underlined. When you select one of these words or
phrases, you will be transferred to the site or page that is relevant to this word or phrase.
Sometimes there are buttons, images, or portions of images that are "clickable." If you move
the pointer over a spot on a Web site and the pointer changes into a hand, this indicates that
you can click and be transferred to another site.

Using the Web, you have access to billions of pages of information. Web browsing is done
with a Web browser, the most popular of which are Chrome, Firefox and Internet Explorer.
The appearance of a particular Web site may vary slightly depending on the browser you use.
Also, later versions of a particular browser are able to render more "bells and whistles" such
as animation, virtual reality, sound, and music files, than earlier versions.

The Internet has continued to grow and evolve over the years of its existence. IPv6, for
example, was designed to anticipate enormous future expansion in the number of available IP
addresses. In a related development, the Internet of Things (IoT) is the burgeoning
environment in which almost any entity or object can be provided with a unique
identifier and the ability to transfer data automatically over the Internet.