## Data Encryption Standard DES and Triple Data Encryption Standard 3DES

DES is one of the most widely used encryption methods. DES turns clear text data into cipher text with an encryption algorithm. The receiving station will decrypt the data from cipher text into clear text. The encryption key is a shared secret key used to encrypt and decrypt messages.

Figure 5-8 demonstrates DES encryption.

Figure 5-8 DES Encryption Methodologies

Data is encrypted using mathematical formulae to scramble data with the shared private key.

Encrypted Data

Data is encrypted using mathematical formulae to scramble data with the shared private key.

■ Clear Text data is received.

■ Clear Text data is received.

Figure 5-8 demonstrates the PC's clear text generation. The data is sent to the Cisco IOS router where it is encrypted with a shared key, sent over the IP network in unreadable format until the receiving router decrypts the message and forwards in clear text form.

DES is a block cipher algorithm, which means that DES performs operations on fixed-length data streams. DES uses a 56-bit key to encrypt 64-bit datagrams.

DES is a published, U.S. Government-approved encryption algorithm.

3DES is the DES algorithm that performs three times sequentially. Three keys are used to encrypted data, resulting in a 168-bit encryption key.

3DES is an improved encryption algorithm standard and is summarized as follows:

• The sending device encrypts the data with the first 56-bit key.

• The sending device decrypts the data with the second key, also 56 bits in length.

• The sending device encrypts for a final time with another 56-bit key.

• The receiving device decrypts the data with the first key.

• The receiving device then encrypts the data with the second key.

• Finally, the receiving devices decrypt the data with the third key.

A typical hacker uses a Pentium III computer workstation and takes approximately 22 hours to break a DES key. In 3DES's case, the documented key-breaking times are approximately 10 billion years when one million PC III computers are used. Encryption ensures that information theft is difficult.

Encryption can be used to enable secure connections over the LAN, WAN, and World Wide Web.

The end goal of DES/3DES is to ensure that data is confidential by keeping data secure and hidden. The data must have integrity to ensure that it has not been modified in any form, and be authenticated by ensuring that the source or destination is indeed the proper host device. The following section describes one method of making sure that data has not been tampered with— Digital Signature Standard (DSS).

0 0