RFC 4772

Security Implications of Using the Data Encryption Standard (DES), December 2006

Canonical URL:
https://www.rfc-editor.org/rfc/rfc4772.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Author:
S. Kelly
Stream:
IETF
Source:
NON WORKING GROUP

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC4772

Discuss this RFC: Send questions or comments to iesg@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

The Data Encryption Standard (DES) is susceptible to brute-force attacks, which are well within the reach of a modestly financed adversary. As a result, DES has been deprecated, and replaced by the Advanced Encryption Standard (AES). Nonetheless, many applications continue to rely on DES for security, and designers and implementers continue to support it in new applications. While this is not always inappropriate, it frequently is. This note discusses DES security implications in detail, so that designers and implementers have all the information they need to make judicious decisions regarding its use. This memo provides information for the Internet community.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×