Data Encryption Standard

In 1972, the NBS Institute for Computer Sciences and Technology (ICST) initiated a project in computer security, a subject then in its infancy. One of the first goals of the project was to develop a cryptographic algorithm standard that could be used to protect sensitive and valuable data during transmission and in storage. Prior to this NBS initiative, encryption had been largely the concern of military and intelligence organizations. The encryption algorithms, i.e., the formulas or rules used to encipher information, that were being used by national military organizations were closely held secrets. There was little commercial or academic expertise in encryption. One of the criteria for an acceptable encryption algorithm standard was that the security provided by the algorithm must depend only on the secrecy of the key, since all the technical specifications of the algorithm itself would be made public. NBS was the first to embark on developing a standard encryption algorithm that could satisfy a broad range of commercial and unclassified government requirements in information security. Ruth M. Davis, then Director of ICST, asked the National Security Agency (NSA) to help evaluate the security of any cryptographic algorithm that would be proposed as a Federal standard. She then initiated the standard’s development project by publishing an invitation in the Federal Register (May 15, 1973) to submit candidate encryption algorithms to protect sensitive, unclassified data. NBS received many responses demonstrating interest in the project, but did not receive any algorithms that met the established criteria. NBS issued a second solicitation in the Federal Register (August 17, 1974) and received an algorithm from the IBM Corp., which had developed a family of cryptographic algorithms, primarily for financial applications. After significant review within the government, NBS published the technical specifications of the proposed algorithm in the Federal Register (March 17, 1975), requesting comments on the technical aspects of the proposed standard. NBS received many comments on the security and utility of the proposed standard and held two public workshops during 1976 on its mathematical foundation and its utility in various computer and network architectures. After intense analysis of the recommendations resulting from the workshops, NBS issued the Data Encryption Standard (DES) as Federal Information Processing Standard (FIPS) 46 on November 23, 1977 [1]. Many NBS, NSA, and IBM technical staff members participated in this initiative, which combined expertise from government and industry. In 1973 the Bureau hired Dennis Branstad to lead the new computer security project and to coordinate the DES development process. Miles Smid joined NBS in 1977 to aid in the adoption of the DES in numerous American National Standards. Both worked with their former NSA colleagues to ensure that the standard met its technical criteria and was useful in many commercial and government applications. The major IBM contributors to the design of the DES algorithm and its subsequent adoption as a Federal standard included: Horst Feistel, inventor of a family of encryption algorithms of which DES is a member; Alan Konheim and Don Coppersmith, mathematicians in the IBM research organization; Walter Tuchman, director of the IBM cryptographic competency center and the primary designer of the final DES algorithm; and Carl Meyer and Mike Matyas, who worked with Tuchman in specifying the DES and analyzing its security.