draft-kelly-saag-des-implications
The Data Encryption Standard [DES] is susceptible to brute force attacks which are well within the reach of a modestly financed adversary. As a result, DES has been deprecated, and replaced by the Advanced Encryption Standard [AES]. Nonetheless, many applications continue to rely on DES for security, and designers and implementers continue to provide support for it in new applications. While this is not always inappropriate, it frequently is. This note discusses DES security implications, so that designers and implementers can make judicious decisions regarding its use.