Encyclopedia  |   World Factbook  |   World Flags  |   Reference Tables  |   List of Lists     
   Academic Disciplines  |   Historical Timeline  |   Themed Timelines  |   Biographies  |   How-Tos     
Sponsor by The Tattoo Collection
Advanced Encryption Standard process
Main Page | See live article | Alphabetical index

Advanced Encryption Standard process

On January 2, 1997 the National Institute of Standards and Technology, or NIST, called for cryptographers to propose a new standard block cipher for United States Government use in non-classified but sensitive applications. (Knowledge of what is used for classified applications is itself classified.) The Advanced Encryption Standard (AES) was intended to replace Triple DES, itself a interim fix for the aging Data Encryption Standard (DES). The primary motivation for a new standard was the fact that DES has a relatively small 56-bit key which was becoming vulnerable to brute force attacks. In addition the DES was designed primarily for hardware and is relatively slow when implemented in software. While Triple-DES avoids the problem of a small key size, it is very slow in software, and also unsuitable for limited-resource platforms.

Since the specification for the AES is not secret, it is expected that the cipher will also see much use in non-government applications, and outside the US. This was the case for its predecessors DES and Triple-DES.

The requirements for the new standard were quite tough. A block size of 128 bits was specified, and key sizes of 128, 192, and 256 bits had to be supported. The cipher had to be secure and speed was also considered important. It also had to be capable of running in extremely small embedded systems with limited amounts of RAM and ROM.

Fifteen different designs were submitted from several different countries. They were, in alphabetical order:

CAST-256, CRYPTON, DEAL, DFC, E2, FROG, HPC, LOKI97, MAGENTA, MARS, RC6, Rijndael, SAFER+, Serpent, and Twofish.
Some were found to be less secure than required, but for most no attacks of significance were found. A shortlist of five designs was selected for Round 2 of the selection process:
MARS, RC6, Rijndael, Serpent, and Twofish.

On October 2, 2000, NIST announced that Rijndael had been selected as the proposed AES, and underwent the process of being made the official standard. On November 26, 2001, NIST announced that AES was approved as FIPS PUB 197.

See also:

Block ciphers
Algorithms: 3-Way | AES | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | DEAL | DES | DES-X | FEAL | G-DES | GOST | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre; | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | RC2 | RC5 | RC6 | Red Pike; | S-1 | SAFER | Serpent | SHARK | Skipjack | Square | TEA | Triple DES; | Twofish | XTEA
Design: Feistel network; | Key schedule; | Product cipher; | S-box | SPN   Attacks: Brute force; | Linear / Differential cryptanalysis | Mod n; | XSL   Standardisation: AES process; | CRYPTREC | NESSIE   Misc: Avalanche effect | Block size; | IV | Key size; | Modes of operation; | Piling-up lemma; | Weak key;