en>Rjwilmsi: /* References */Added 2 dois to journal cites using AWB (10104)

2014-05-10T07:17:38Z

References: Added 2 dois to journal cites using AWB (10104)

en>Headbomb: Various citation cleanup., added orphan tag using AWB

2011-09-06T18:09:31Z

Various citation cleanup., added orphan tag using AWB

New page

In computing, '''56-bit encryption''' refers to a [[key size]] of fifty-six [[bit]]s, or seven [[byte]]s, for [[symmetric encryption]]. While stronger than [[40-bit encryption]], this still represents a relatively low level of security in the context of a [[brute force attack]].

==Description==
The US government traditionally regulated encryption for reasons of national security, law enforcement and foreign policy. Encryption was regulated from 1976 by the [[Arms Export Control Act]] until control was transferred to the [[Department of Commerce]] in 1996.

56-bit refers to the size of a symmetric key used to encrypt data, with the number of unique possible permutations being <math>2^{56}</math> (72,057,594,037,927,936). 56-bit encryption has its roots in [[Data Encryption Standard|DES]], which was the official standard of the US [[National Bureau of Standards]] from 1976, and later also the [[RC5]] algorithm. US government regulations required any users of stronger 56-bit symmetric keys to submit to key recovery though algorithms like [[CDMF]],<ref>{{cite journal|url=http://books.google.com/books?id=yjsEAAAAMBAJ&pg=PA77|page=77|title=Hackers Prove 56-bit DES is not Enough|journal=InfoWorld|date=30 June 1997}}</ref> effectively reducing the key strength to 40-bit, and thereby allowing organisations such as the [[NSA]] to brute-force this encryption. Furthermore, from 1996 software products [[export of cryptography|exported]] from the United States were not permitted to use stronger than 56-bit encryption, requiring different software editions for the US and export markets.<ref>{{cite web|url=http://technet.microsoft.com/en-us/library/cc722908.aspx|title=Microsoft Strong Encryption Downloads|publisher=Microsoft|year=2011|accessdate=8 September 2011}}</ref>

The advent of [[electronic commerce|commerce on the Internet]] and faster computers raised concerns about the security of [[Electronic commerce|electronic transactions]] initially with 40-bit, and subsequently also with 56-bit encryption. In February 1997, [[RSA Data Security]] ran a brute force competition with a $10,000 prize to demonstrate the weakness of 56-bit encryption; the contest was won four months later.<ref>{{cite news|url=http://news.cnet.com/Group-cracks-56-bit-encryption/2100-1023_3-200705.html|title=Group Cracks 56-bit Encryption|publisher=[[CNET]]|date=18 June 1997|accessdate=19 January 2012}}</ref> In July 1998, a successful brute-force attack was demonstrated against 56-bit encryption with a single desktop computer in just 56 hours.<ref>{{cite book|url=http://books.google.com/books?id=m5wLgC546hMC&pg=PA25124|page=25124|title=Congressional Record|volume=144|series=17|publisher=United States Senate|date=October 7, 1998 to October 9, 1998}}</ref>

In 1999, all restrictions on key length were lifted, except for exports to embargoed countries.<ref>{{cite paper|url=http://www.au.af.mil/au/awc/awcgate/crs/rl30273.pdf|title=CRS Report for Congress|date=11 january 2001|author=Jeanne J. Grimmett|publisher=Legislative Attorney,
American Law Division}}</ref>

56-bit DES encryption is now obsolete, having been replaced as a standard in 2002 by the 128-bit (and stronger) [[Advanced Encryption Standard]].

==See also==
*[[40-bit encryption]]
*[[Pretty Good Privacy]]

==References==
{{reflist}}

[[Category:Symmetric-key cryptography]]
[[Category:History of cryptography]]

Pidduck polynomials - Revision history

en>Rjwilmsi: /* References */Added 2 dois to journal cites using AWB (10104)

en>Headbomb: Various citation cleanup., added orphan tag using AWB