The two researchers, Joan Daemen of Proton World International and Vincent Rijmen, a researcher in the electrical engineering department of Catholic University in Leuven, Belgium, were identified Monday at a news conference as the winners of the competition.
Rijmen and Daemen's Rijndael algorithm (pronounced Rhine-doll) was selected as the best among five finalists in a competition that began three years ago, when the National Institute of Standards and Technology (NIST) called on cryptographers worldwide to submit algorithms. Fifteen responses were received, including submissions from Costa Rica, France, Japan, South Korea, Norway and the US. The field was trimmed to five earlier this year.
Ray Kammer, director of NIST, part of the US Department of Commerce, and other officials of NIST and the department announced the winning algorithm at NIST's headquarters.
The AES supports key sizes of 128 bits, 192 bits and 256 bits and will serve as a replacement for the Data Encryption Standard (DES), which has a key size of 56 bits. The government began to think about the need to replace DES in the early 1990s, officials said. DES is used as the US government's encryption standard to protect unclassified information, but is also used by many banks for transactions taking place over telecommunications lines.
Developed in the mid 1970s by IBM, DES was approved by the Commerce Department as a standard in 1977. It no longer provides the level of security needed by many applications, said Cheryl L. Shavers, undersecretary of commerce for technology.
"A variant known as Triple DES does provide much stronger security, but it is not efficient at doing that job," Shaver said.
The Rijndael algorithm is expected to be implemented by many government agencies just as DES was, based on NIST's recommendation, but its use is not mandatory throughout the federal government.
"Many people are not comfortable that they can make a judgment [when selecting an algorithm]," Kammer said. "They now have our recommendation."
Kammer said the Department of Treasury, as well as financial institutions, have been especially interested in the algorithm, and it is likely that financial institutions in the US will make it a standard. The US National Security Agency, which Kammer said had no direct involvement in the selection process, has said it will use the algorithm in some national security operations.
Ed Roback, acting chief of NIST's computer security division, said security software vendors have been eagerly awaiting Monday's announcement. Many even prepared products employing all of the five finalists and might release the one based on Rijndael later Monday.
NIST required that the five finalists submit their algorithm in C and Java computer programming languages, but Rijndael has been produced in other languages, Roback said.
Kammer said any one of the five finalists could have provided the level of security necessary for AES, but the Rijndael algorithm has the best combination of security, performance, efficiency, ease of implementation and flexibility.
Specifically, Rijndael appears to be a good performer in both hardware and software across a wide range of computing environments, and Rijndael's low memory requirements also make it well-suited for tight spaces, NIST officials said.
All five finalists agreed to make their algorithm available royalty free if selected.
Daemen and Rijmen, who participated in the news conference by conference call, said they don't expect to profit financially from having their algorithm selected; however, Daemen said the company he works for welcomed the attention the selection brought. The two researchers said they viewed the accomplishment much as an artist who presents his work to the public.
NIST now must prepare a draft AES Federal Information Processing Standard for public review and comment during a period expected to close in February. The standard is expected to become official in the second quarter of next year.
NIST and Commerce Department officials stressed that the selection of the algorithm was a long, careful and open process. A report written by NIST's AES selection team discusses various issues related to AES. The report and other AES-related information, including public comments and Rijndael's specifications, test values and code, can be found at http://www.nist.gov/aes/.