AES Crypto Standard Winner Announced

The two researchers, Joan Daemen of Proton World International and Vincent Rijmen, a researcher in the electrical engineering department of Catholic University in Leuven, Belgium, were identified Monday at a news conference as the winners of the competition.

Rijmen and Daemen's Rijndael algorithm (pronounced Rhine-doll) was selected as the best among five finalists in a competition that began three years ago, when the National Institute of Standards and Technology (NIST) called on cryptographers worldwide to submit algorithms. Fifteen responses were received, including submissions from Costa Rica, France, Japan, South Korea, Norway and the US. The field was trimmed to five earlier this year.

Ray Kammer, director of NIST, part of the US Department of Commerce, and other officials of NIST and the department announced the winning algorithm at NIST's headquarters.

The AES supports key sizes of 128 bits, 192 bits and 256 bits and will serve as a replacement for the Data Encryption Standard (DES), which has a key size of 56 bits. The government began to think about the need to replace DES in the early 1990s, officials said. DES is used as the US government's encryption standard to protect unclassified information, but is also used by many banks for transactions taking place over telecommunications lines.

Developed in the mid 1970s by IBM, DES was approved by the Commerce Department as a standard in 1977. It no longer provides the level of security needed by many applications, said Cheryl L. Shavers, undersecretary of commerce for technology.

"A variant known as Triple DES does provide much stronger security, but it is not efficient at doing that job," Shaver said.

The Rijndael algorithm is expected to be implemented by many government agencies just as DES was, based on NIST's recommendation, but its use is not mandatory throughout the federal government.

"Many people are not comfortable that they can make a judgment [when selecting an algorithm]," Kammer said. "They now have our recommendation."

Kammer said the Department of Treasury, as well as financial institutions, have been especially interested in the algorithm, and it is likely that financial institutions in the US will make it a standard. The US National Security Agency, which Kammer said had no direct involvement in the selection process, has said it will use the algorithm in some national security operations.

Ed Roback, acting chief of NIST's computer security division, said security software vendors have been eagerly awaiting Monday's announcement. Many even prepared products employing all of the five finalists and might release the one based on Rijndael later Monday.

NIST required that the five finalists submit their algorithm in C and Java computer programming languages, but Rijndael has been produced in other languages, Roback said.

Kammer said any one of the five finalists could have provided the level of security necessary for AES, but the Rijndael algorithm has the best combination of security, performance, efficiency, ease of implementation and flexibility.

Specifically, Rijndael appears to be a good performer in both hardware and software across a wide range of computing environments, and Rijndael's low memory requirements also make it well-suited for tight spaces, NIST officials said.

All five finalists agreed to make their algorithm available royalty free if selected.

Daemen and Rijmen, who participated in the news conference by conference call, said they don't expect to profit financially from having their algorithm selected; however, Daemen said the company he works for welcomed the attention the selection brought. The two researchers said they viewed the accomplishment much as an artist who presents his work to the public.

NIST now must prepare a draft AES Federal Information Processing Standard for public review and comment during a period expected to close in February. The standard is expected to become official in the second quarter of next year.

NIST and Commerce Department officials stressed that the selection of the algorithm was a long, careful and open process. A report written by NIST's AES selection team discusses various issues related to AES. The report and other AES-related information, including public comments and Rijndael's specifications, test values and code, can be found at http://www.nist.gov/aes/.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Margret Johnston

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?