An interesting observation the book makes when discussing the DES encryption algorithm, is that all of the talk of the NSA placing backdoors in it are essentially false. To date, no known flaws have been found against DES, and that after being around for over 30 years, the only attack against DES is an exhaustive key attack. This type of attack is where an adversary has to try each of the possible 72 quadrillion key (256permutations â" as the key is 56 bits long) until the right key is discovered.

This is an odd thing to say. It almost sounds like an attempt at whitewashing the current Dual EC DRBG [projectbullrun.org] business by debunking a not commonly made claim about another cryptographic algorithm with a vaguely similar name.

It is widely known and accepted that the NSA strengthened DES against differential cryptanalysis, while also ensuring that the key length is short. They both strengthened and weakened it in different way. There also are [wikipedia.org] attacks against DES, which are, in theory, faster than brute force.

Giving the number of tries necessary to brute force a 56bit key is also kind of odd, since that is a key size that can actually be broken these days without too much effort. What's the point in trying to wow the audience with big numbers in that case? Seems misleading to me. Granted, that may have been just the reviewer and not be part of the actual book.