The desirable criteria for Encryption algorithm:

able to provide a high level of security

specified and easy to understand

publishable, so that security does not depend on the secrecy of the algorithm

available to all users

adaptable for use in diverse applications

economical to implement in electronic devices

efficient to use

able to be validated

exportable

The Data Encryption Standard (DES)-: The data encryption algorithm

developed by IBM for NBS(National Bureau of Standards) was based on Lucifer, and it
became known as the Data Encryption Standard (DES),

the algorithm accomplishes two things: ensuring that the output bits have no obvious
relationship to the input bits and spreading the effect of one plaintext bit to other bits in
the ciphertext. Substitution provides the confusion, and transposition provides the
diffusion. In general, plaintext is affected by a series of cycles of a substitution then a
permutation
Cycles of Substitution and Permutation-:
Double DES-:Take two keys, k1 and k2, and perform two encryptions, one on top of the
other: E(k2, E(k1,m)). In theory, this approach should multiply the difficulty of breaking
the encryption, just as two locks are harder to pick than one.
Unfortunately, that assumption is false. Merkle and Hellman showed that two encryptions
are no better than one. The basis of their argument is that the cryptanalyst works plaintext
and ciphertext toward each other. The analyst needs two pairs of plaintext (call them P1
and P2) and corresponding ciphertext, C1 and C2, but not the keys used to encrypt them.
The analyst computes and saves P1 encrypted under each possible key. The analyst then
tries decrypting C1 with a single key and looking for a match in the saved Ps. A match is a
possible pair of double keys, so the analyst checks the match with P2 and C2. Computing
all the Ps takes 256 steps, but working backward from C1 takes only the same amount of
time, for a total of 2 * 256 or 257, equivalent to a 57-bit key. Thus, the double encryption
only doubles the work for the attacker.

Triple DES-:However, a simple trick does indeed enhance the security of DES. Using
two keys and applying them in three operations adds apparent strength.

The so-called triple DES procedure is C = E(k1, D(k2, E(k1,m))). That is, you encrypt with
one key, decrypt with the second, and encrypt with the first again. (The second decrypt
step also makes this process work for single encryptions with one key: The decryption
cancels the first encryption, so the net result is one encryption.)
Although this process is called triple DES, because of the three applications of the DES
algorithm, it only doubles the effective key length. But a 112-bit effective key length is
quite strong, and it is effective against all feasible known attacks

Security of the DES-:In 1990, Biham and Shamir invented a technique, differential
cryptanalysis, that investigates the change in algorithmic strength when an encryption
algorithm is changed in some way. In 1991 they applied their technique to DES, showing
that almost any change to the algorithm weakens it
Their changes included cutting the number of iterations from 16 to 15, changing the
expansion or substitution rule, or altering the order of an iteration. In each case

However, Diffie and Hellman argued in 1977 that a 56-bit key is too short
they argued that over time, computers would become more powerful and the DES
algorithm would remain unchanged; eventually, the speed of computers would exceed the
strength of DES. Exactly that has happened. In 1997 researchers using over 3,500
machines in parallel were able to infer a DES key in four months' work
And in 1998 researchers built a special "DES cracker" machine for approximately
$100,000 that could find a DES key in approximately four days.
Does this mean the DES is insecure
The 1997 attack required a great deal of cooperation
1998 machine is still rather expensive.
Triple DES is still well beyond the power of these attacks

National Institute of Standards and Technology (NIST, the renamed NBS) began the
search for a new, strong encryption algorithm. The response to that search has become the
Advanced Encryption Standard, or AES.
The AES Encryption Algorithm-:
In January 1997, NIST called for cryptographers to develop a new encryption system

unclassified
publicly disclosed

available royalty-free for use worldwide

symmetric block cipher algorithms, for blocks of 128 bits

usable with key sizes of 128, 192, and 256 bits

out of five algorithm selected in 1998 Rijndael algorithm was simple ,efficient hence it is
adapted as standard for AESA . Rijndael algorithm is a fast algorithm that can be
implemented easily on simple processors. Although it has a strong mathematical
foundation, it primarily uses substitution, transposition, and the shift, exclusive OR, and
addition operations. Like DES, AES uses repeat cycles. There are 9, 11, or 13 cycles for
keys of 128, 192, and 256 bits, respectively. In Rijndael, the cycles are called "rounds
Each cycle consists of four steps.

Byte substitution: This step uses a substitution box structure similar to the DES,
substituting each byte of a 128-bit block according to a substitution table. This is a
straight confusion operation.
Shift row: A transposition step. For 128- and 192-bit block sizes, row n is shifted
left circular (n 1) bytes; for 256-bit blocks, row 2 is shifted 1 byte and rows 3
and 4 are shifted 3 and 4 bytes, respectively. This is a straight confusion
operation.

Mix column: This step involves shifting left and exclusive-ORing bits with
themselves. These operations provide both confusion and diffusion.

Add subkey: Here, a portion of the key unique to this cycle is exclusive-ORed
with the cycle result. This operation provides confusion and incorporates the key

the steps perform both diffusion and confusion on the input data. Bits from the key are
combined with intermediate result bits frequently, so key bits are also well diffused
throughout the result. Furthermore, these four steps are extremely fast. The AES
algorithm is depicted in figure.
 Table 2-4. Comparison of DES and AES.

DES AES

Date 1976 1999

Block size 64 bits 128 bits

Key length 56 bits (effective 128, 192, 256 (and possibly more) bits
length)

Encryption primitives Substitution, Substitution, shift, bit mixing

permutation

Cryptographic Confusion, diffusion Confusion, diffusion

primitives

Design Open Open

Design rationale Closed Open

Selection process Secret Secret, but accepted open public

comment

Source IBM, enhanced by Independent Dutch cryptographers

NSA

Public Key Encryption-: