Data Encryption Standard: What Is DES and How Does It Work?

Before we had secure messaging apps and encrypted online banking, the Data Encryption Standard (DES) was one of the earliest and most influential cryptographic algorithms to protect digital data.

DES was initially designed for the U.S. federal government. And it was so easy to use those businesses across multiple industries also adopted it. A major example of this is the company Atalla Box, which changed the way banks keep our money safe. It was one of the first machines to encrypt PINs and protect ATM transactions, so people could enjoy secure banking.

What is data encryption standard (DES)?

The data encryption standard (DES) is a symmetric key block cipher introduced to secure sensitive information. It encrypts data in 64-bit blocks using a 56-bit key, applying the same key for both encryption and decryption.

DES became widely adopted for its simplicity and efficiency, serving as a standard for protecting everything from government communications to financial transactions. Its design relies on a Feistel network, which uses multiple rounds of substitution, permutation, and key mixing to transform plaintext into ciphertext securely.

While DES was groundbreaking at its inception, its 56-bit key length eventually became a weakness. Advances in computing made it vulnerable to brute-force attacks, where all possible keys could be tested. Despite this limitation, DES laid the foundation for modern cryptography and inspired stronger algorithms like Triple Data Encryption Standard (3DES) and the Advanced Encryption Standard (AES), ensuring its place in the history of data security.

Historical background of DES

In the early 1970s, IBM researchers developed a cipher known as Lucifer, which became the foundation for what we now know as the Data Encryption Standard.

As data privacy concerns grew alongside advances in computing, the U.S. government sought a reliable encryption method for non-classified information. The National Institute of Standards and Technology (NIST), then known as the National Bureau of Standards, adopted IBM’s modified algorithm in 1977 and officially designated it as the federal standard for data encryption.

But cryptographers Whitfield Diffie and Martin Hellman raised concerns about the algorithm’s relatively short 56-bit key length. They said it may be too weak to withstand brute-force attacks by intelligence organizations. 

Technical structure of DES

DES encrypts data in 64-bit blocks. This means it processes information in chunks of 64 binary digits at a time. Each block goes through a complex series of steps that convert the plaintext into ciphertext. Out of 64 bits, only 56 bits are used for encryption. The remaining 8 bits serve as parity checks that detect potential errors in the key.

DES begins with an Initial Permutation (IP), which rearranges the bits in the block according to a fixed pattern. Although it doesn’t add cryptographic strength, it prepares the data for the next stages. After the basic encryption process, a Final Permutation (FP) reverses the initial bit shuffle.

Data encryption and decryption using the Feistel network

DES uses a 16-round Feistel network to encrypt and decrypt data. Each 64-bit data block is split into two halves: a left half (L) and a right half (R). Rather than encrypting the whole block at once, it applies transformations round by round.

In each round, the right half from the previous step goes through a function that includes expansion, key mixing, substitution, and permutation:  

1. Expansion permutation: The 32-bit right half is expanded to 48 bits using a fixed expansion table. This step duplicates some bits to prepare the data for mixing with the 48-bit subkey.
2. XOR with subkey: The expanded right half is then XORed with the round-specific subkey. This introduces key-dependent changes to make sure each round produces a unique transformation of the data.
3. Substitution using S-boxes: The 48-bit result is split into eight 6-bit chunks. Each chunk passes through a different Substitution box (S-box), which maps it to a 4-bit output based on a predefined lookup table. These S-boxes introduce non-linearity to make it difficult to trace output back to input, which is important for resisting cryptanalysis.
4. Permutation using P-box: The 32-bit output from the S-boxes is scrambled using a Permutation box (P-box). This rearranges the bits to further spread out the influence of each input bit across the output.

(Image source)

Together, these four steps form the round function, which is repeated across all 16 rounds, with a different 48-bit subkey used in each round. These subkeys are generated from the original 56-bit key through a separate key schedule process.

At the end of the final round, the left and right halves are combined (without swapping) and passed through the Final Permutation to produce the encrypted output.

The decryption process mirrors encryption using the same rounds in reverse order, with subkeys applied in the opposite sequence. Thanks to the Feistel structure, this symmetry allows DES to use the same logic for both encryption and decryption.

(Related reading: key management.)

Modes of operation in DES

Encrypting a single 64-bit block is helpful in theory, but not enough in practice. Most real-world data is much larger, which means we need a way to handle multiple blocks securely. That’s where we prefer block cipher modes of operation. These modes define how DES processes sequences of data blocks.

Here are four of the most used modes with DES:

• Electronic codebook (ECB) encrypts each block of plaintext separately using the same key. While this makes it fast and easy to implement, it comes with a major downside: identical input blocks produce identical output blocks. This predictability can expose patterns and make ECB unsuitable for encrypting large or repetitive data.
• Cipher block chaining (CBC) addresses that weakness. Each plaintext block is first XORed with the previous ciphertext block before encryption. The first block uses an Initialization Vector (IV) to get started. CBC hides patterns, but it requires sequential processing so it’s slower and more sensitive to errors during decryption.
• Cipher feedback (CFB) turns DES into a stream cipher. It encrypts the previous ciphertext block and then XORs the result with the current plaintext. 
• Output feedback (OFB) takes a slightly different route. It creates a stream of key-dependent bits, but this stream is generated from the encryption function’s output, not the ciphertext. This means errors don’t carry over from block to block, which makes OFB ideal for noisy or unreliable channels. 

From DES to 3DES and AES

Back in the late 1990s, a group called the Electronic Frontier Foundation (EFF) built a machine called Deep Crack. It cracked a DES-encrypted message in just 56 hours, which was shocking at the time. This made it clear that DES was no longer strong enough to protect substantial or long-term information.

To keep DES going a bit longer without starting from scratch, Triple DES (or 3DES) was introduced. It basically runs DES three times, using either two or three different keys to strengthen security.

3DES made things a lot safer, but it also made everything slower. That's why we now use Advanced Encryption Standard (AES). It is stronger, quicker, and more flexible, with different key sizes (128, 192, or 256 bits) depending on what we need.

AES is now the gold standard for symmetric encryption. DES, meanwhile, is mostly something we find in old legacy systems.

Beyond DES: How encryption kept getting better

DES played a massive role at a really important time in history, but encryption is continuously changing. Algorithms like AES, ChaCha20, and RSA are now doing the heavy lifting to keep everything safe, including our cloud files and even private messages. They’re stronger and faster, built for the way we use technology.

Even though DES is an old concept now, it taught us a lot. Ideas such as letting the public review your work and being prepared to adapt are still at the core of how new encryption tools are developed.

Simply put, as cyberthreats become more sophisticated, so do the tools we use to stay one step ahead. That’s why moving beyond DES is part of a bigger story to make encryption stronger for everyone.