RFC 4772 on Security Implications of Using the Data Encryption Standard (DES)

rfc-editor at rfc-editor.org rfc-editor at rfc-editor.org
Fri Dec 22 13:56:41 PST 2006

A new Request for Comments is now available in online RFC libraries.

        RFC 4772

        Title:      Security Implications of Using the
                    Data Encryption Standard (DES)
        Author:     S. Kelly
        Status:     Informational
        Date:       December 2006
        Mailbox:    scott at hyperthought.com
        Pages:      28
        Characters: 68524
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-kelly-saag-des-implications-06.txt

        URL:        http://www.rfc-editor.org/rfc/rfc4772.txt

The Data Encryption Standard (DES) is susceptible to brute-force
attacks, which are well within the reach of a modestly financed
adversary.  As a result, DES has been deprecated, and replaced by the
Advanced Encryption Standard (AES).  Nonetheless, many applications
continue to rely on DES for security, and designers and implementers
continue to support it in new applications.  While this is not always
inappropriate, it frequently is.  This note discusses DES security
implications in detail, so that designers and implementers have all
the information they need to make judicious decisions regarding its
use.  This memo provides information for the Internet community.

INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution
of this memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST at IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info at RFC-EDITOR.ORG with the message body

help: ways_to_get_rfcs. For example:

        To: rfc-info at RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager at RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR at RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.

The RFC Editor Team
USC/Information Sciences Institute


IETF-Announce mailing list
IETF-Announce at ietf.org

--- end forwarded text

R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

More information about the cypherpunks-legacy mailing list