Difference Between DES (Data Encryption Standard) and AES (Advanced Encryption Standard)

DES (Data Encryption Standard) and AES (Advanced Encryption Standard) both are classified as symmetric block ciphers. In order to alleviate the disadvantages of DES, AES was introduced. Because DES has a smaller key size, it is less secure; hence triple DES was introduced, although it is slower. As a result, the National Institute of Standards and Technology later introduced AES.

The primary distinction between DES and AES is that in DES, the plaintext block is split into two halves before the main algorithm begins, but in AES, the full block is processed to obtain the ciphertext. In this article, we will discuss the difference between DES (Data Encryption Standard) and AES (Advanced Encryption Standard).

What is DES?

The Data Encryption Standard (DES) is a symmetric-key block cipher. In the year 1977, DES is published by the National Institute of Standards and Technology (NIST). It is based on the Feistel structure in which the plaintext is separated into two halves. It takes input as 64-bit plaintext and a 56-bit key to produce 64-bit ciphertext. Before processing, the entire plain text is separated into two pieces of 32 bits each, and the same operations are done on each portion. Each piece goes through 16 rounds of operations before the final permutation is used to obtain the 64-bit ciphertext.

Expansions, permutations, and substitutions are some of the functions used in the rounds, as well as an XOR operation with a round key. Decryption is done in the same way as encryption but in the opposite sequence. Although DES was regarded to be less safe for encrypting highly confidential data of government because it uses a smaller shared key, triples-DES was invented to counter this. Still, it was also not considered a good algorithm because it encrypts data very slowly. In DES, even a minor change in the input text results in a completely new ciphertext.

Why DES is no Longer Effective

In order to demonstrate that the DES was insufficient and should no longer be utilised in important systems, a series of challenges were sponsored to test how long it would take to decrypt a message. The Electronic Frontier Foundation (EFF) and distributed.net both played major contributions in breaking DES.

• The DES I contest (1997) took 84 days to break the encrypted message using a brute force attack.
• In 1998, two DES II challenges were issued. The encrypted text for the first challenge took slightly over a month, and it read: "The mysterious message is: Many hands make light work". The second challenge took less than three days, with the plain text message "it's time for those 128-, 192- and 256-bit keys".
• The last DES III challenge in early 1999 took only 22 hours and 15 minutes. Electronic Frontier Foundation's Deep Crack computer (built for less than $250,000) and distributed.net's computing network found the 56-bit DES key, deciphered the message, and they (EFF & distributed.net) won the contest. The decrypted message stated, "See you in Rome (Second AES Candidate Conference, March 22-23, 1999)," and was discovered after searching around 30% of the key space, indicating that DES was obsolete.

What is AES?

Advanced Encryption Standard (AES) is also a symmetric key block cipher. The National Institute of Standard and Technology published AES in 2001. Because DES utilises a relatively short cipher key and the algorithm was quite slower, AES was introduced to replace it.

It is currently one of the most popular symmetric block cipher algorithms. It is at least six times faster than triple-DES encryption. Unlike DES, it is based on the "Substitution and Permutation'. It takes a step-by-step method. In AES, bytes are used instead of bits.

In AES, plain text is considered 126 bits equivalent to 16 bytes with a 128-bit secret key to generate a 44-bit matrix (having 4 rows and 4 columns). It then does 10 rounds after this step. Each round has its own subprocesses, with 9 rounds including Sub bytes, Shift Rows, Mix Columns and Add Round Keys. The 10^th round includes all the above operations excluding 'Mix columns' in order to produce the 126-bit ciphertext.

The number of rounds in AES is determined by the key size, which is 10 for 128-bit keys, 12 for 192-bit keys, and 14 for 256-bit keys. We can use it in several protocols such as TLS, SSL and numerous modern application which need high encryption security. We can also use AES for hardware which needs high throughput.

Why AES Replaced DES Encryption?

One of the primary objectives for the DES replacement algorithm from the National Institute of Standards and Technology (NIST) was that it had to be proficient in both software as well as hardware implementation. (DES was originally only practical in hardware implementations). C and Java reference implementation were used for performance analysis of all the algorithms.

AES was chosen in an open competition that included 15 candidates from as many research teams as possible from around the world, and the overall number of resources allocated to that process was enormous.

Finally, in October 2000, the National Institute of Standards and Technology (NIST) announced Rijndael as the proposed Advanced Encryption Standard (AES).

Comparison Chart

Key Differences Between DES and AES

• The main difference between DES and AES is that in DES, the block is split into two halves before being processed further, but in AES, the entire block is processed to get ciphertext.
• DES has a key size of 56 bits, which is less than AES, which has a secret key size of 128, 192, or 256
• AES is comparatively faster than DES.
• The smaller key size of DES makes it less secure than AES.
• The Feistel Cipher principle is used in the DES algorithm, while the substitution and permutation principle are used in the AES
• Expansion Permutation, Xor, S-box, P-box, Xor, and Swap. On the other hands, rounds in AES include Subbytes, Shiftrows, Mix columns, and Addroundkeys.