Christian Röpke wrote:

password cracking : - DES can only be cracked by a brute force attack, because there is no way to crack the s-boxes. - to crack DES, means to find the 56 bit long key.

That is "approximately" true, but misses the point. Password cracking is done, not by breaking DES or MD5, but by guessing passwords. There are many approaches to password guessing. A good cracking tool will start by trying commonly used passwords from a dictionary, along with simple variants. Then a larger dictionary of words, names etc will be tried, again with simple variants. Finally, a brute force search of all combinations of typeable characters is tried. It makes little difference what algorithm is used to encrypt the password. Actually, the only real impact would be the speed of an encryption, since each guessed password will be encrypted and compared to the stored encrypted value. DES is crackable, but it takes a huge amount of processing power. In 1999, a single DES key was cracked by 100,000 distributed PC's working together, plus a supercomputer designed specifically for the task, in about 23 hours. AFAIK there has not been a more recent publicly disclosed crack. 2-key triple DES is considered no stronger than DES, because of the "Meet in the middle" attack. 3-key triple DES, despite its use of 168 bits of key material, is considered to have only 112 bits of "strength" due to the same class of attack. Actually, given enormous amounts of memory, theoretical attacks have been designed that require only about 2^90 decryptions to break three-key triple DES. Even that is far beyond what can be accomplished on today's equipment. OTOH, Rijndael is potentially much stronger. I say potentially, because it is new and less studied so there are risks. It is not likely that a major break of DES will occur before quantum computing becomes a reality. However, Rijndael is IMO somewhat more likely to fall to a catastrophic break. There is already at least one troubling advance (an attack based on overdefined equations) that has reduced the theoretical effort to crack Rijndael. Once a weakness is found in the armor of an algorithm, historically we have seen further advances to weaken it.