Skip to main content
Utilavo

DES Encrypt / Decrypt

Encrypt and decrypt data with the DES algorithm in CBC, CFB, CTR, OFB, and ECB modes

How to use DES Encrypt / Decrypt

  1. Enter your data and key

    Type or paste the text to encrypt or decrypt and enter your 8-character (56-bit effective) DES key.

  2. Configure mode

    Select a mode of operation (CBC is most common for legacy systems) and provide an IV if required.

  3. Click Encrypt or Decrypt

    The output appears instantly in your browser.

  4. Copy the result

    Click Copy to use the output in your application.

Operation

DES uses a 56-bit effective key and was broken in 1998. Use AES for real security.
Cipher Settings
Key Configuration

Key Type

What is DES encryption?

DES (Data Encryption Standard) is a historic symmetric block cipher that was the U.S. federal encryption standard from 1977 to 2001. It encrypts data in 64-bit blocks using a 56-bit key, but its small key size makes it vulnerable to brute-force attacks — a DES key can be cracked in hours with modern hardware.

DES is provided here for legacy system compatibility and educational purposes only. For any new application, use AES-256 instead. This tool supports all five DES modes of operation: CBC, CFB, CTR, OFB, and ECB.

DES was adopted by the National Bureau of Standards (now NIST) in 1977 as FIPS 46 and remained the U.S. federal encryption standard for nearly 25 years. During its era, the 56-bit key was considered adequate because brute-force attacks were computationally prohibitive. However, the EFF's Deep Crack machine cracked a DES key in 56 hours in 1998, and distributed.net achieved the same in 22 hours and 15 minutes in 1999. Today, cloud computing makes DES crackable in minutes. Despite this, DES-encrypted data from older systems, archived databases, and legacy file formats still exists and occasionally needs to be decrypted.

Understanding DES is also valuable for educational purposes. DES introduced foundational concepts that remain relevant in modern cryptography: the Feistel network structure (where encryption and decryption use the same algorithm in reverse), the use of S-boxes for non-linear substitution, and the importance of key scheduling. These concepts appear in many subsequent block ciphers. If you need to encrypt new data, use AES-256 instead — it provides vastly stronger security with better performance. For a comparison of all supported encryption algorithms, see our encryption algorithms guide.

Frequently asked questions

Why is DES considered insecure?

DES uses a 56-bit key, which provides only 2^56 possible keys. Modern hardware can try all possible keys in a matter of hours, making DES vulnerable to brute-force attacks. It was officially retired by NIST in 2005.

What is the difference between DES and Triple DES?

Triple DES (3DES) applies DES three times with two or three independent keys, achieving 112-bit or 168-bit effective key strength. It is slower than AES but was used as an interim upgrade from single DES before AES was widely adopted.

When would I use DES?

Only when interoperating with legacy systems that were built before AES adoption and cannot be updated. No new system should use DES for security.

Can DES-encrypted data be cracked by an attacker?

Yes. A dedicated machine can brute-force a 56-bit DES key in under a day. The EFF's Deep Crack machine demonstrated this in 1998, and modern cloud hardware is far faster. Never use single DES for data that needs to remain confidential.

How do I decrypt data from a legacy system that used DES?

You need the original 8-character (56-bit effective) DES key and the mode of operation that was used during encryption. Most legacy systems used DES-CBC. Enter the ciphertext (typically Base64-encoded), the key, and select CBC mode. If you do not have the key, DES cannot be decrypted without brute-force, though the weak 56-bit key makes brute-force feasible with specialized tools.

What replaced DES as the encryption standard?

AES (Advanced Encryption Standard) replaced DES in 2001 after a five-year public competition organized by NIST. The Rijndael algorithm was selected from 15 candidates. AES supports 128, 192, and 256-bit keys, provides much stronger security, and runs faster than DES on modern hardware. You can use AES encryption on this site for secure encryption.

Related tools

JSON Formatter

Format, validate, and prettify JSON data online for API debugging and code review

Ab64

Base64 Encoder

Encode and decode Base64 strings and files for APIs, emails, and data URIs

%

URL Encoder

Encode and decode URL components online for safe query strings and API parameters

Hash Generator

Generate MD5, SHA-256, SHA-512, BLAKE3, and 25+ cryptographic hashes to verify file integrity

//.*

Regex Tester

Test and debug regular expressions online with live matching and capture groups

Related guides

Developer10 min read

AES vs DES vs Triple DES: Encryption Algorithms Explained

An educational overview of symmetric encryption algorithms, their security levels, key sizes, and when to use each one in modern applications.