Many of you know i am now currently working on implementing a 3DES core in HDL. i have studied the algorithm quite deeply at this point (still have a few things to cover) and have noticed several major differences between the DES and AES algorithms.
First, AES has several operations that involve matrix-mathematical operations modulo to a set field size. This drastically adds to the complexity of the algorithm. From what i have read so far, DES does not have these kind of advanced mathematical operations to add to the complexity of the algorithm. This is not, however, surprising as the DES algorithm was created in 1976. Whereas the AES algorithm was developed in 2001. Does newer technology mean better? No, however in 1976 the capability of computing power was (possibly) misunderstood as to how fast it would advance in the following years.
Another major difference between the DES/3DES and the AES algorithms is the key size. Does a larger key make a stronger algorithm? Well, yes if the algorithm itself doesn't have any mathematical weaknesses. Cryptanalysts do not attempt to brute force an algorithm (try every possible combination of key) but rather look for "structural" problems with the mathematics of the algorithm that makes brute force much shorter and faster.
Right now, any attempt to brute force an AES128 FIPS140-2 algorithm implementation, would take 149,745,258,842,898 years based on 256 permutations (key-tests) per second.
However, brute forcing DES (56-bit key size) with 256 permutations per second, would only take one second. This is extremely possible with today's computing power. Hence the need for AES.
However, with all of these deductions about DES/3DES and how it has already been cracked, doesn't deter me from developing the algorithm. Because i can, that is my reasoning. :)
0 comments:
Post a Comment