ToolActToolAct

DES Encryption & Decryption Tool

Supports DES and Triple DES (3DES) with five encryption modes

Encryption Settings

Input
Characters: 0
Bytes: 0
Output
Characters: 0
Bytes: 0

What is DES?

DES (Data Encryption Standard) was created in 1977 by IBM and modified by the NSA before becoming a US federal standard. It uses a Feistel network that splits 64-bit plaintext into two halves and runs them through 16 rounds of transformation. The key is nominally 64 bits, but 8 bits are reserved for parity checks, leaving 56 bits of actual key material. That 56-bit key was considered secure at the time, but by 1999 a custom-built machine could brute-force it in 22 hours. Triple DES (3DES) was developed to extend DES's lifespan - it applies DES encryption three times with three different keys, giving an effective key length of 168 bits. 3DES is still widely used in financial systems, including EMV chip cards and many banking protocols. While AES has officially replaced DES as the encryption standard, DES and 3DES remain in use across legacy systems, financial protocols, and embedded devices. This tool supports both DES and 3DES with CBC, ECB, CFB, OFB, and CTR modes for compatibility testing and cryptography learning.

How to Use

How to use

  1. Choose the algorithm: DES (56-bit key) or 3DES (168-bit key)
  2. Select an encryption mode - CBC is recommended
  3. Pick a padding scheme - PKCS#7 works for most cases
  4. Enter a key or click "Generate Random Key"
  5. For modes that require an IV, enter or generate one
  6. Type your plaintext (to encrypt) or ciphertext (to decrypt) on the left
  7. Results appear on the right automatically

Encryption Modes

  • CBCCipher Block Chaining. XORs each plaintext block with the previous ciphertext block before encrypting. Requires an IV. Good security, most commonly used mode.
  • ECBElectronic Codebook. Each block is encrypted independently - identical plaintext blocks produce identical ciphertext. Fine for single 8-byte blocks, not recommended for longer data.
  • CFBCipher Feedback. Turns the block cipher into a stream cipher. Good for processing data byte-by-byte or in small chunks.
  • OFBOutput Feedback. Similar to CFB but errors don't propagate. Useful when the communication channel is noisy.
  • CTRCounter mode. Uses an incrementing counter to generate a keystream. Supports parallel encryption and decryption with good performance.

Tips

  • Use AES if you can - DES exists mainly for legacy compatibility
  • 3DES is much more secure than DES, but roughly three times slower
  • Always use a different random IV for each encryption
  • Avoid ECB for encrypting data longer than 8 bytes
  • Generate random keys instead of typing memorable strings

Use Cases

Reproduce legacy DES or TripleDES integrationsChoose DES with an 8-byte key or TripleDES with a 24-byte key, then match ECB, CBC, CFB, OFB, or CTR mode when maintaining older payment, telecom, device, or enterprise protocols. The Feistel-network implementation runs entirely through crypto-js in the browser, so the 56-bit (DES) or 168-bit (3DES) key and the plaintext never leave the local tab - useful when reproducing a vendor sample without sending live card data through a remote tool.
Align key, IV, and ciphertext formats exactlyEnter keys and IVs as hex, Base64, or text, generate random material when needed, and validate the required 8-byte IV for non-ECB modes before comparing output with another system. The page makes it easy to confirm whether the mismatch is a wrong key length (DES wants 8 bytes, 3DES wants 24), a missing or stale IV, or a PKCS#7 padding edge case on the last block.
Document why a legacy cipher should stay isolatedUse the tool for compatibility tests and migration notes, not new security design. DES is obsolete (a custom machine cracked it in 22 hours in 1999, and today's GPU clusters finish it much faster) and TripleDES is legacy. Modern systems should prefer authenticated encryption such as AES-GCM, and DES examples should be kept clearly labeled so they are not copied into new security work.
Round-trip ciphertext to verify parity with a vendor sampleEncrypt a known plaintext with the partner's published key and IV, then decrypt and compare the output byte-for-byte when integrating with payment terminals, SIM tools, or legacy APIs. Use the byte-length counter to confirm that the output matches the vendor's expected 8-byte block boundary, since truncated padding or extra spaces around the Base64 field is a common silent-failure cause.
Switch between hex, Base64, and text to match transport formatsMatch the encoding option to the field that receives the ciphertext, since a Base64-only downstream service will reject raw hex even when the underlying DES output is identical. The same key in hex ('0123456789abcdef') and Base64 ('ASNFZ4mrze8=') decrypts to the same plaintext - useful for diagnosing 'wrong format' reports from a partner system.

Technical Principle

DES is a Feistel block cipher published as FIPS 46 in 1977. It operates on 64-bit blocks with a 64-bit key, of which 8 bits are parity, leaving 56 bits of effective key material. Encryption starts with the Initial Permutation (IP), splits the 64-bit state into two 32-bit halves L0 and R0, and runs 16 Feistel rounds of the form (L_{i+1}, R_{i+1}) = (R_i, L_i XOR F(R_i, K_i)). The round function F expands 32 bits to 48 bits via the E-box, XORs the 48-bit round key K_i derived by the PC-1 / PC-2 key schedule, applies eight 6-to-4-bit S-boxes (S1..S8), and runs the P-box permutation. The Final Permutation (FP = IP^-1) produces the ciphertext. Triple DES, defined in NIST SP 800-67, applies DES three times in an Encrypt-Decrypt-Encrypt (EDE) construction: C = E_{K3}(D_{K2}(E_{K1}(P))). Keying option 1 uses three independent 56-bit keys (168 raw bits, ~112 bits of effective security against meet-in-the-middle attack); keying option 2 sets K1 = K3 (~80 bits effective). Block-cipher modes wrap DES/3DES to handle messages longer than 64 bits: ECB encrypts each block independently and leaks plaintext patterns; CBC chains via C_i = E_K(P_i XOR C_{i-1}) with a random 8-byte IV; CFB and OFB turn the block cipher into a self-synchronising or synchronous stream cipher; CTR XORs the plaintext with E_K(nonce || counter). DES's 56-bit key space (2^56 ≈ 7.2 × 10^16) is exhaustible: the EFF DES Cracker broke a DES challenge in 22 hours in 1998 with custom ASICs, and modern GPU/FPGA clusters finish in hours. NIST SP 800-131A retired single DES in 2005 and disallowed Triple DES for encryption after 2023; the Sweet32 birthday attack (CVE-2016-2183) further weakens 3DES in TLS because its 64-bit block size allows collisions after ~2^32 blocks (~32 GB) under a single key. Modern systems should use AES-128 or AES-256 in an authenticated mode such as GCM or ChaCha20-Poly1305 instead.

  • DES key is 8 bytes including parity (56 effective bits); 3DES keys are 16 bytes (2-key, ~80-bit security) or 24 bytes (3-key, ~112-bit security against meet-in-the-middle).
  • Block size is 64 bits / 8 bytes; CBC, CFB, OFB, and CTR all require an 8-byte IV/nonce, ECB does not use an IV (and leaks patterns at the block level).
  • PKCS#7 padding appends N bytes of value N (1 ≤ N ≤ 8); a full 8-byte block of 0x08 is added when the plaintext length is already a multiple of 8.
  • Weak keys 0x0101010101010101, 0xFEFEFEFEFEFEFEFE, and the four semi-weak key pairs make K1 = K2 in the key schedule, so E_K = D_K — avoid them when generating random keys.
  • Sweet32 (CVE-2016-2183) exploits 3DES's 64-bit block: a single key collides after ~2^32 blocks (~32 GB of plaintext under a single key in CBC mode).
  • NIST SP 800-67 Rev. 2 disallowed Triple DES for encryption after December 31 2023; new designs should use AES-GCM or ChaCha20-Poly1305, not DES or 3DES.
  • The EFF DES Cracker (Deep Crack) broke DES in 22 hours in July 1998 for under $250,000 in 1998 dollars; modern GPU clusters do it in hours, so single DES is not a confidentiality control.

Examples

DES-CBC Encryption

Plaintext: Hello World
Key (hex): 0123456789abcdef
IV (hex): fedcba9876543210
Mode: CBC / PKCS#7
Output: Base64-encoded ciphertext

3DES Encryption

Algorithm: Triple DES
Key (hex): 24 bytes (48 hex chars)
Mode: CBC / PKCS#7
Note: The 168-bit key length is still considered secure today, but prefer AES for new projects

ECB Single Block

Plaintext: 8 bytes (exactly one DES block)
Key:    0123456789abcdef
Mode:   ECB / PKCS#7
Note:   ECB is only safe for a single 8-byte block; never use it for longer data

FAQ

Is DES still safe to use?

No. Plain DES has a 56-bit effective key and was broken publicly in 1998 - dedicated hardware can brute-force it in under a day, and modern cloud GPUs do it in minutes. NIST formally withdrew DES in 2005. Use AES instead for any new system.

What about Triple DES (3DES)?

3DES applies DES three times with two or three keys, giving roughly 112 bits of effective security. NIST deprecated 3DES in 2017 and disallowed it for new applications after 2023 because of birthday-bound attacks (Sweet32) on its 64-bit block size. It survives only in legacy systems (older banking and POS networks) - migrate when you can.

Why is the page still showing DES?

Because real-world legacy systems still use it. The tool is useful when you must interoperate with an older banking format, a piece of embedded firmware, or an exam exercise. It is not a recommendation - new code should use AES.

What are the DES modes and what do they mean?

ECB encrypts each block independently and leaks patterns. CBC chains blocks and needs an IV. CFB and OFB turn DES into a stream cipher. CTR uses a counter as a nonce. For DES, prefer CBC with PKCS#7 padding when interoperability is the goal; never use ECB on real data.

What block size and key size does DES use?

DES has a 64-bit block size and a 64-bit key, of which only 56 bits are key material (8 bits are parity). 3DES with three keys still has the 64-bit block - which is why Sweet32 became a problem at high data volumes.

Is the calculation done in my browser?

Yes. DES is computed locally via JavaScript. Keys and plaintext do not leave the device. You can verify in the Network tab while encrypting/decrypting.

Why does my 3DES output not match a partner system?

Common causes: wrong key parity bits, key bytes ordered differently, wrong mode (ECB vs CBC), missing or extra IV, wrong padding (PKCS#7 vs ZeroPadding), or input encoded as UTF-8 by one side and UTF-16 by the other. Confirm a known test vector with the partner before debugging real data.