One very important feature of a good encryption scheme is the ability to specify a 'key' or 'password' of some kind, and have the encryption method alter itself such that each 'key' or 'password' produces a different encrypted output, which requires a unique 'key' or 'password' to decrypt. This can either be a 'symmetrical' key (both encrypt and decrypt use the same key) or 'asymmetrical' (encrypt and decrypt keys are different). The popular 'PGP' public key encryption, and the 'RSA' encryption that it's based on, uses an 'asymmetrical' key. The encryption key, the 'public key', is significantly different from the decryption key, the 'private key', such that attempting to derive the private key from the public key involves many many hours of computing time, making it impractical at best.

History

After World War II, the U.S. Government, and many U.S. companies began to pick up the development of encryption. For the public, there was little to cryptography outside the ciphers printed in the Sunday paper, but there was great public interest. Despite this public interest, most of the communications for civilians were written on paper, and often sealing wax was security enough for communications. The revolution in computers and electronic communication blew the doors wide open for civilian research into cryptography. As wired and wireless communication grew, so did the need for encryption that governments had long recognized.

In the late 1960’s, IBM’s chairman Tomas Watson, Jr., set up a cryptography research group at his company’s Yorktown Heights research laboratory in New York. The group, led by Horst Feistel, developed a private key encryption system called ‘Lucifer’. IBM’s first customer for Lucifer was Lloyd’s of London, which bought the code in 1971 to protect a cash-dispensing system that IBM had developed for the insurance conglomerate.

IBM then created a group to turn the cipher into a commercial product. The team was lead by Dr. Walter Tuchman, a 38-year-old engineer with a doctorate in information theory, and Dr. Carl Meyer, a 42-year-old electrical engineer. They wanted to put Lucifer on a silicon chip. In the process of development, the algorithm was tested, some flaws were discovered and the cipher was strengthened against cryptanalyic attacks. By 1974, the cipher algorithm and chip were ready for market. Lucifer was not unique, however. At that time in history, many companies sold codes and ciphers; mostly to overseas governments, each was different, there were no standards involved, no independent body to certify their security. Thanks to the US govt. things were about to change.

In 1968, the National Bureau of Standards (NBS, since renamed National Institute of Standards and Technology, or NIST) began a series of studies aimed at determining the US civilian and government needs for computer security. One of the results indicated that there was a strong need for a single, interoperable standard for data encryption that could be used for both storage and transmission of unclassified data (classified stuff was still the domain of the NSA). On May 15, 1973, the NBS published a request for proposals in the Federal Register, and had several requirements for a standard encryption algorithm, including the following:

• The algorithm had to provide a high level of security.
• The algorithm had to be public, completely specified, and easy to understand.
• The security of the algorithm had to reside completely in the key, and not in the algorithm itself.
• The algorithm had to be available to all users.
• The algorithm had to be flexible, so it could be adapted to many different kinds of applications.
• The implementation of the algorithm in electronic devices had to be cost-effective.
• The algorithm had to be efficient.
• It had to be possible to validate the algorithm.
• The algorithm and devices containing the algorithm had to be exportable.

The public response indicated that there was considerable interest in a cryptographic standard, but that there was little public expertise in the field. Some submissions were crude outlines of algorithms. None of the submissions came close to meeting the requirements. So, a second request in the August 27, 1974, Federal Register. The NSA submitted a promising version of the Lucifer algorithm that had been weakened in some ways and strengthened in other ways. This was the algorithm that became the U.S. Data Encryption Standard (DES).