Nist Announces New Government Aes Encryption Standard - Technology Information

Online Newsletter, Nov, 2000

On October 2, the National Institute of Standards and Technology (NIST) selected a new algorithm (Advanced Encryption Standard - "AES") to be used as the U.S. government's official encryption standard. The new standard is called "Rijndael" named after its Belgian creators Dr. Joan Daemen (Proton World International) and Dr.

Vincemt Rijmen (a postdoctoral researcher in the Electrical Engineering Department [ESAT] of Katholieke Universiteit Leuven). Background The new AES method of encryption will replace the DES (Data Encryption Standard) adopted by the federal government as the Federal Information Processing Standard (FIPS) since 1977. DES, which relied on 56-bit encryption keys was demonstrated to be weak and easily "cracked" (see "Cracking DES" 'Online Newsletter' September 1998 p.8). -- The DES algorithm, adopted by the U.S. government in 1977, was the government's secret-key data encryption standard and also widely used around the world in a variety of applications including banking and wide-area networking. It is a block cipher that transforms 64-bit data blocks under a 56-bit secret key, by means of permutation and substitution. It encrypts a confidential message into scrambled output under the control of the secret key. The input message is known as "plaintext" and the resulting output message as "ciphertext". The idea is that only recipients who know the secret key can decrypt the ciphertext to obtain the original message. -- It had also become insecure as proven by a team sponsored by the EFF (Electronic Frontier Foundation) that cracked it in less than 56 hours and for less than $250,000. DES withstood the test of time for more than 20 years but the book "Cracking DES" showed how it was brought down rather easily. Also, government restrictions on publishing information about encryption made it possible to only publish it in print - but not online. As a result, the EFF sponsored a lawsuit by Professor Daniel Bernstein to overturn the law and the regulations that made Internet publication of such research results illegal. Then again, in 1977 there were few, if any, PCs or hackers. All of that has changed. Features of AES Rijndael will now be the official scrambling standard for all U.S. government agencies. It will also be available for use royalty-free worldwide and is likely to be widely adopted for use by private sector companies both nationally and internationally, according to the Electronic Privacy Information Center (EPIC). The announcement of the Rijndael encryption standard followed a three-year competition. The proposed selection of Rijndael will be formally announced in the 'Federal Register' in several months, and then NIST will receive public comments on the draft Federal Information Processing Standard (FIPS) for 90 days. NIST also invited the worldwide cryptographic community to "attack" the encryption formulas in an effort to break the codes. Just a few decades ago the science of cryptography was an esoteric endeavor employed primarily by governments to protect state and military secrets. Today, millions of Americans use cryptography, often without knowing it. Most people who use automated teller machines (ATMs) have used cryptography because the secret PINS required by the machines are encrypted before being sent to a computer that makes sure the number matches the card. -- Others use information encryption when they make a purchase over the Internet. Their credit cards are encrypted when they place an order (but many Web sites do not adequately protect the security of the lists of names containing personal information and/or credit card numbers and many have been compromised). Both DES and Triple DES have become widespread in the financial services industry. Consequently, the new AES may affect millions of consumers and businesses. NIST requested proposals for AES on September 12, 1997. Each of the candidate algorithms was required to support key sizes of 128, 192, and 256 bits. For a 128-bit key size, there are about 340 (followed by 36 zeros) possible keys. ... (That ought to do it.) Good security was the primary quality required of the winning formula, but the algorithms must be able to run securely and efficiently on large computers, desktop computers, and even small devices such as smart cards. AES Calendar of Events The AES will become official after the 90-day public comment period concludes. NIST then makes appropriate changes to the Draft FIPS, and the Secretary of Commerce approves the FIPS. Current estimates place this sometime in the Spring of 2001 (i.e. April-June). A tentative timeline for the remainder of AES development efforts is as follows: October 2, 2000 Announcement of NIST's selection for the AES. November 2000 Draft FIPS for the AES published for public comments. February 2001 Comment period closes. April-June 2001 AES FIPS becomes official; conference testing available. This timeline is subject to change, depending on the publication date of the Draft FIPS and other factors. Conclusion While the AES will become the new official standard, Triple DES will remain an approved algorithm (for U.S. government use) for the foreseeable future. Only the single DES is being phased out. AES will specify three key sizes: 128, 192, and 256 bits. In decimal terms, this means that there are approximately: