Security Implications of Using the Data Encryption Standard (DES), December 2006
- Canonical URL:
- File formats:
- S. Kelly
- NON WORKING GROUP
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
The Data Encryption Standard (DES) is susceptible to brute-force attacks, which are well within the reach of a modestly financed adversary. As a result, DES has been deprecated, and replaced by the Advanced Encryption Standard (AES). Nonetheless, many applications continue to rely on DES for security, and designers and implementers continue to support it in new applications. While this is not always inappropriate, it frequently is. This note discusses DES security implications in detail, so that designers and implementers have all the information they need to make judicious decisions regarding its use. This memo provides information for the Internet community.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.