Advanced Encryption Standard process


Advanced Encryption Standard process

The Advanced Encryption Standard (AES), the block cipher ratified as a standard by National Institute of Standards and Technology of the United States (NIST), was chosen using a process markedly more open and transparent than its predecessor, the aging Data Encryption Standard (DES). This process won plaudits from the open cryptographic community, and helped to increase confidence in the security of the winning algorithm from those who were suspicious of backdoors in the predecessor, DES.

A new standard was needed primarily because DES has a relatively small 56-bit key which was becoming vulnerable to brute force attacks. In addition the DES was designed primarily for hardware and is relatively slow when implemented in software. While Triple-DES avoids the problem of a small key size, it is very slow in software, is unsuitable for limited-resource platforms, and may be affected by potential security issues connected with the (today comparatively small) block size of 64 bits.

tart of the process

On January 2, 1997, NIST announced that they wished to choose a successor to DES to be known as AES. Like DES, this was to be "an unclassified, publicly disclosed encryption algorithm capable of protecting sensitive government information well into the next century." [http://csrc.nist.gov/CryptoToolkit/aes/pre-round1/aes_9701.txt] . However, rather than simply publishing a successor, NIST asked for input from interested parties on how the successor should be chosen. Interest from the open cryptographic community was immediately intense, and NIST received a great many submissions during the three month comment period.

The result of this feedback was a call for new algorithms on September 12, 1997 [http://csrc.nist.gov/CryptoToolkit/aes/pre-round1/aes_9709.htm] . The algorithms were all to be block ciphers, supporting a block size of 128 bits and key sizes of 128, 192, and 256 bits. Such ciphers were rare at the time of the announcement; the best known was probably Square.

Rounds one and two

In the nine months that followed, fifteen different designs were created and submitted from several different countries. They were, in alphabetical order: :CAST-256, CRYPTON, DEAL, DFC, E2, FROG, HPC, LOKI97, MAGENTA, MARS, RC6, Rijndael, SAFER+, Serpent, and Twofish.

In the ensuing debate, many advantages and disadvantages of the different candidates were investigated by cryptographers; they were assessed not only on security, but also on performance in a variety of settings (PCs of various architectures, smart cards, hardware implementations) and on their feasibility in limited environments (smart cards with very limited memory, low gate count implementations, FPGAs).

Some designs fell due to cryptanalysis that ranged from merely glancing blows to highly destructive assaults, while others lost favour due to poor performance in various environments or through having little to offer over other candidates. NIST held two conferences to discuss the submissions (AES1, August 1998 and AES2, March 1999), and in August 1999 they announced [http://csrc.nist.gov/CryptoToolkit/aes/round2/AESpressrelease-990809.pdf] that they were narrowing the field from fifteen to five: MARS, RC6, Rijndael, Serpent, and Twofish. All five algorithms, commonly referred to as "AES finalists", were designed by cryptographers considered well-known and respected in the community.The AES2 conference votes were as follows:
* Rijndael: 86 positive, 10 negative
* Serpent: 59 positive, 7 negative
* Twofish: 31 positive, 21 negative
* RC6: 23 positive, 37 negative
* MARS: 13 positive, 83 negative

A further round of intense analysis and cryptanalysis followed, culminating in the AES3 conference in April 2000, at which a representative of each of the final five teams made a presentation arguing why their design should be chosen as the AES.

election of the winner

On October 2, 2000, NIST announced [http://www.nist.gov/public_affairs/releases/g00-176.htm] that Rijndael had been selected as the proposed AES and started the process of making it the official standard by publishing an announcement in the Federal Register [http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=2001_register&docid=01-4886-filed.pdf] on February 28, 2001 for the draft FIPS to solicit comments. On November 26, 2001, NIST announced that AES was approved as FIPS PUB 197.

NIST won praises from the cryptographic community for the openness and care with which they ran the standards process. Bruce Schneier, one of the authors of the losing Twofish algorithm, wrote after the competition was over that "I have nothing but good things to say about NIST and the AES process" [http://www.schneier.com/crypto-gram-0010.html#8] .

References

A historical overview of the process can be found on NIST's website [http://csrc.nist.gov/CryptoToolkit/aes/] .

External links

On the sci.crypt newsgroup, there are extensive discussions about the AES process.


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Advanced Encryption Standard Process — Le Advanced Encryption Standard process est un processus de standardisation lancé par le NIST en 1997 pour demander aux cryptologues de concevoir un nouvel algorithme de chiffrement par bloc destiné au gouvernement des États Unis. Le but était de …   Wikipédia en Français

  • Advanced encryption standard process — Le Advanced Encryption Standard process est un processus de standardisation lancé par le NIST en 1997 pour demander aux cryptologues de concevoir un nouvel algorithme de chiffrement par bloc destiné au gouvernement des États Unis. Le but était de …   Wikipédia en Français

  • Advanced Encryption Standard process — Le Advanced Encryption Standard process est un processus de standardisation lancé par le NIST en 1997 pour demander aux cryptologues de concevoir un nouvel algorithme de chiffrement par bloc destiné au gouvernement des États Unis. Le but était de …   Wikipédia en Français

  • Advanced Encryption Standard — Infobox block cipher name = AES caption = The SubBytes step, one of four stages in a round of AES designers = Vincent Rijmen, Joan Daemen publish date = 1998 derived from = Square derived to = Anubis, Grand Cru related to = certification = AES… …   Wikipedia

  • Advanced Encryption Standard — Pour les articles homonymes, voir AES. AES Résumé Concepteur(s) …   Wikipédia en Français

  • Data Encryption Standard — The Feistel function (F function) of DES General Designers IBM First publis …   Wikipedia

  • Standard de chiffrement avance — Standard de chiffrement avancé Pour les articles homonymes, voir AES. AES …   Wikipédia en Français

  • Standard de chiffrement avancé — Pour les articles homonymes, voir AES. AES …   Wikipédia en Français

  • Encryption software — is software whose main task is encryption and decryption of data, usually in the form of files on (or sectors of) hard drives and removable media, email messages, or in the form of packets sent over computer networks. Contents 1 Security 2… …   Wikipedia

  • Advanced Access Content System — AACS decryption process The Advanced Access Content System (AACS) is a standard for content distribution and digital rights management, intended to restrict access to and copying of the next generation of optical discs and DVDs. The specification …   Wikipedia


We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.