DES set for overhaul

The National Institute of Standards and Technology is preparing to change for the first time in almost 20 years the required federal standard for the protection of all encrypted government data characterized as sensitive but unclassified.

NIST is preparing a Federal Register request for an algorithm to succeed the Data Encryption Standard said Anne Enright Shepherd a NIST spokeswoman. DES is the national encryption standard that has been prominent in all but the most secret agencies and is offered in the products of most federal contractors.For example DES is embedded in all of the government's secure telephones the Energy Department has multiple networks that use DES it is the basis for the Treasury Department's electronic funds transfer program and the Federal Reserve uses DES to encrypt connections between the depository financial institutions and Federal Reserve banks.

The request will have to be approved by NIST officials the Commerce Department and the Office of Management and Budget. Shepherd said it is being "worked through the process." She could not provide any details before its publication.

She did say however that because of the "huge installed base of DES products being used by the government " many agencies have asked for a transition period if any changes are made.

Use of DES in both the public and private sectors is extensive said Frank Dzubeck president of Washington D.C.-based Communications Network Architects Inc.

"DES is pretty much the encryption standard being used by most of the vendors in the world for standard encryption " he said.

"The government was the instigator the last time of DES and it fed very quickly into the commercial space " he added.

As a result of the widespread use vendors and government users would be affected by any change to the standard.

"Everyone who is using DES will have to change from a federal standpoint " Dzubeck said. "Anybody that deals with the federal government will have to change. The ripple effect is significant."

DES was first published in 1977. Regardless of which algorithm is tapped to replace DES the trick to its success will be to convince the commercial sector to invest in the change in an encryption standard without widespread evidence of its need said Mike Schwartz president of Prime Factors Inc. an Oregon-based security firm.

"Even if NIST were to say `Here is a new standard ' why would anyone do anything about it because DES shows no sign of weakening " he said.

Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.