Data Encryption: Symmetric Cryptography and Brute Force Attack

Web Apps
Tips & Tricks
< | 3-minute read | Pavel />
Learn how to defend against brute force attacks on your websites.
In the next installment on cryptography and encryption, we will explore symmetric cryptography and its characteristics. We will also examine the risk of brute force attacks and how DES encryption works, which has encrypted the most bits over its lifetime.

Data Encryption with Symmetric Algorithms

You can think of data encryption using a symmetric algorithm as similar to the lock on your front door. Only those who possess the correct key can unlock it. Just like this lock, symmetric cryptography requires both the sender and receiver to have the same key to encrypt and decrypt a message. The encryption and decryption process is typically faster than with asymmetric cryptography, and the keys are generally shorter.

When encrypting files and data, it's important to consider several properties of the algorithm used. These properties include confidentiality, integrity, authentication, and non-repudiation.


Confidentiality ensures that only the owners of the key can access the transmitted data, message, or file. With symmetric cryptography, this property is fulfilled.


Integrity means that the encrypted data, message, or file cannot be modified or replaced without the recipient being aware of it. This can be achieved in symmetric encryption using checksums.


Authentication allows the recipient to be certain of the sender's identity. This property is met when there are exactly two parties communicating and sharing the key.


Non-repudiation ensures that the sender cannot deny having sent the message and the recipient can prove receipt. Both parties know exactly what happened with the sent message, data, or file. This cannot be achieved with symmetric encryption because both parties use the same key for encryption and decryption.

Brute Force Attack on Symmetric Encryption

A brute force attack to discover a symmetric key involves systematically trying all possible keys. Imagine a lock with a numerical code; you would try all combinations from 0-0-0-0 to 9-9-9-9 until the lock opens.

There are two types of brute force attacks: offline and online. An offline brute force attack depends solely on computational speed. An online brute force attack requires communication with a server and often has limitations on the number of unsuccessful attempts within a certain time frame.

Currently, a 256-bit key used for AES encryption is considered resistant to brute force attacks with current technology.

DES Encryption

DES (Data Encryption Standard) was adopted as a standard in 1976 and is an algorithm that has encrypted the most bits. It is a symmetric cipher with a secret key that encrypts data in 64-bit blocks using a 56-bit key. During encryption, 16 subkeys are generated from the key through shifts and permutations for each round of encryption. The encryption process involves 16 rounds, each functioning as follows:

  • The encrypted data is split into a left and a right half, each 32 bits.
  • The right half undergoes:
    • Expansion to 48 bits and permutation.
    • A logical XOR operation with a subkey was generated for that round.
    • Substitution and reduction back to 32 bits, followed by another permutation.
  • The output of this function undergoes an XOR operation with the left half and is then swapped to the right.
  • The right half is moved to the left.

The best attack on DES is a brute force attack due to its "only" 56-bit key, which is breakable with current technology. Other possible attacks include linear and differential cryptanalysis.

If you're interested in collaborating on the development of websites, web systems, or mobile applications, feel free to contact us.

Newest articles

<Technology and client stories />

Global Windows System Outage – What Happened and How to Prevent It?

How to Recognize an Outdated Website (Webosaurus) and Why You Need Modernization

Why Get a Custom Website?