Skip to content

Data Encryption Standard (DES) Published

15 January 1977.Cybersecurity.Standard published.Date precision, exact.Evidence grade, primary.2 primary sources

Drivers:

StandardisationRegulatory requirementSecurity incident

Growing use of computers for sensitive data required standardised protection. Government agencies needed approved algorithms. Banks and businesses needed interoperable encryption for electronic transactions.

DES was the first encryption standard approved by the US government. It worked like a very complex scrambling machine that used a secret key to turn readable data into gibberish, and the same key to unscramble it. For 20 years, it protected bank transactions and government secrets, until computers became fast enough to crack it.

Data Encryption Standard (DES) Published event plate

Structured atlas record showing date, domain, evidence grade, source count, and predecessor and successor links.

Event plate: Data Encryption Standard (DES) Published Convergence-divergence layout. The central hero card carries the event year, type, title, evidence grade, domain and era band. 0 predecessor cards on the left feed in with red arrows labelled "absorbs". 0 successor cards on the right derive with red arrows labelled "spawns". Key terms below the hero pin the vocabulary the event introduced. EVENT PLATE Source: https://csrc.nist.gov/publications/detail/fips/46/archive/1977-01-15 1977 - STANDARD PUBLISHED Data Encryption Standard(DES) Published primary evidence Domain: AI and machine learning Era band: E6 AI-scale systems KEY TERMS - VOCABULARY THE EVENT INTRODUCED DES symmetric encryption block cipher FIPS Convergence-divergence: predecessors absorbed, successors spawned Hero card carries year, evidence and domain. 0 predecessors flow in from the left; 0 successors flow out to the right. Key termsbelow pin the vocabulary the event introduced.

Forecasts and counterfactuals stay labelled as opinion in the event data. Source: Computer History Museum.

Before

There was no standardised encryption algorithm for protecting sensitive government and commercial data. Different organisations used different proprietary methods, hindering interoperability. The lack of a vetted standard meant uncertain security guarantees.

What changed

The National Bureau of Standards (now NIST) published DES as FIPS 46, the first publicly available, government-endorsed encryption standard. DES became the de facto standard for commercial encryption for over two decades, establishing the model for government cryptographic standardisation.

How it happened

IBM developed the Lucifer cipher in the early 1970s. NBS sought a standard encryption algorithm in 1973. IBM submitted a modified Lucifer, which NSA helped refine (reducing key size from 128 to 56 bits, modifying S-boxes). After public review, DES was adopted in January 1977. Despite controversy over NSA involvement and key length, DES became ubiquitous.

Outcomes

  • Established first widely-adopted encryption standard
  • Created model for public cryptographic standardisation
  • Enabled secure commercial data processing
  • Sparked academic cryptanalysis research

Limitations

  • 56-bit key proved too short (broken by brute force in 1998)
  • NSA involvement raised concerns about backdoors
  • Single-key design limited applications
  • Required replacement by AES in 2001

Lessons learnt

  • Key length must anticipate computing advances
  • Public scrutiny improves cryptographic confidence
  • Standards require periodic review and replacement
  • Government involvement creates trust challenges

Stakeholders and artefacts

Organisations

  • National Bureau of StandardsgovernmentPublished standard
  • IBMvendorDeveloped algorithm (Lucifer)
  • NSAgovernmentReviewed and modified algorithm

Individuals

  • Horst FeistelDesigner, IBMDesigned Lucifer cipher, basis for DES

Artefacts

  • DESprotocol56-bit symmetric block cipher
  • Feistel NetworkmethodologyCipher structure using rounds of substitution and permutation

Key terms

DESsymmetric encryptionblock cipherFIPSFeistel network

Causality

Preceded by: Public Key Cryptography Invented.

Made possible: Advanced Encryption Standard (AES) Published.

On this course

Read in the path Cybersecurity: Threats and Defences.

Sources

1"FIPS PUB 46: Data Encryption Standard". National Bureau of Standards, 1977-01-15.authoritativecsrc.nist.gov/publications/detail/fips/46/archive/1977-01-15
2"NIST Withdraws Outdated Data Encryption Standard". NIST, 2005-06-02.authoritativewww.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard