<Table> <Tr> <Td> </Td> <Td> This section needs additional citations for verification . Please help improve this article by adding citations to reliable sources . Unsourced material may be challenged and removed . (November 2009) (Learn how and when to remove this template message) </Td> </Tr> </Table> <Tr> <Td> </Td> <Td> This section needs additional citations for verification . Please help improve this article by adding citations to reliable sources . Unsourced material may be challenged and removed . (November 2009) (Learn how and when to remove this template message) </Td> </Tr> <P> Concerns about security and the relatively slow operation of DES in software motivated researchers to propose a variety of alternative block cipher designs, which started to appear in the late 1980s and early 1990s: examples include RC5, Blowfish, IDEA, NewDES, SAFER, CAST5 and FEAL . Most of these designs kept the 64 - bit block size of DES, and could act as a "drop - in" replacement, although they typically used a 64 - bit or 128 - bit key . In the Soviet Union the GOST 28147 - 89 algorithm was introduced, with a 64 - bit block size and a 256 - bit key, which was also used in Russia later . </P> <P> DES itself can be adapted and reused in a more secure scheme . Many former DES users now use Triple DES (TDES) which was described and analysed by one of DES's patentees (see FIPS Pub 46 - 3); it involves applying DES three times with two (2TDES) or three (3TDES) different keys . TDES is regarded as adequately secure, although it is quite slow . A less computationally expensive alternative is DES - X, which increases the key size by XORing extra key material before and after DES . GDES was a DES variant proposed as a way to speed up encryption, but it was shown to be susceptible to differential cryptanalysis . </P>

What is data encryption standard how does it works