Note: This short history of DES was written by Thomas Jerry Scott to help you understand how and why DES has evolved. We only cover what has happened before the infamous DES Hack of 1997. Another document covers that hack in greater detail.

Return to the Main Menu

The Pre-Hack History of DES


NBS, now NIST, initiated a program to protect computers and communications data


NBS issues a request for public proposals for a standard cryptographic algorithm.


NBS issues a second request and received a promising candidate, called Lucifer, from IBM which they had developed in the early 70's. IBM had already filed for a patent on the Lucifer algorithm but was willing to make its intellectual property available to others for manufacturing, implementation and use.


NBS requested NSA's help in evaluating the Lucifer algorithm.


NBS published both the details of the algorithm . NBS worked out terms with IBM and IBM gave a royalty free, nonexclusive grant to license the algorithm. The NBS in August of '75 requested comments from the general public on the algorithm. Many comments spoke of the NSA's invisible hand in this algorithm.


NBS held two lively workshops on the algorithm for the developers, designers and implementors. In November of 1976, despite some criticism, the NBS adopted DES as a federal standard authorized for use on all unclassified governmental communications.


ANSI adopted DES as a private sector standard, which they called the DEA.


DES accepted again by NIST, since it must be reviewed every 5 years. NSA announced that they would not recertify the standard. By Reagan decree, they had power over NBS. NSA knew that DES had never been broken, but felt that it was increasingly likely that it woujld be broken. NSA proposed a series of algorithms to replace DES, but they were not well received. After much debate, DES was reaffirmed as a federal standard.


There was still no alternative to DES, so NIST again solicited comments in the Federal Register. Even though many felt that DES would be broken before the year 2,000, it was reaffirmed in 1992.

The DES standards were unprecedented, as never before had an NSA evaluated algorithm been made public. NSA has characterized DES as one of its biggest mistakes. If they had known that the details would be released so that many could write software, etc., they probably would have not accepted the challenge to evaluate Lucifer.


DES Hacked by the DESCHALL team in response the the RSA Challenge.

Return to the Beginning of This Document