COMMERCE DEPARTMENT ANNOUNCES WINNER OF GLOBAL INFORMATION SECURITY COMPETITION.A worldwide competition to develop a new encryption technique that can be used to protect computerized information ended today when Secretary of Commerce Norman Y. Mineta announced the nation's proposed new Advanced Encryption Standard (cryptography, algorithm) Advanced Encryption Standard - (AES) The NIST's replacement for the Data Encryption Standard (DES). The Rijndael /rayn-dahl/ symmetric block cipher, designed by Joan Daemen and Vincent Rijmen, was chosen by a NIST contest to be AES. .
Mineta named the Rijndael (pronounced Rhine-doll) data encryption data encryption, the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient. Historically, data encryption has been used primarily to protect diplomatic and military secrets from foreign formula as the winner of a three-year competition involving some of the world's leading cryptographers.
"Once final, this standard will serve as a critical computer security tool supporting the rapid growth of electronic commerce," Mineta said. "This is a very significant step toward creating a more secure digital economy. It will allow e-commerce and e- government to flourish safely, creating new opportunities for all Americans," he said.
Computer scientists at the National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. , an agency of the Commerce Department's Technology Administration, organized the international competition in a drive to develop a strong information encryption formula to protect sensitive information in federal computer systems. Many businesses are expected to use the AES as well.
The proposed selection of Rijndael as the AES will be formally announced in the Federal Register in several months, and NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. then will receive public comments on the draft Federal Information Processing Standard Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States Federal government for use by all non-military government agencies and by government contractors. for 90 days.
Researchers from 12 different countries worked on developing advanced encoding methods during the global competition.
NIST invited the worldwide cryptographic community to "attack" the encryption formulas in an effort to break the codes. After narrowing the field down from 15 formulas to five, NIST invited cryptographers to intensify their attacks on the finalists. The agency and the world cryptographic community also evaluated the encoding formulas for factors such as security, speed and versatility.
The competing AES candidates were sophisticated mathematical formulas called algorithms. Algorithms are at the heart of computerized encryption systems, which encode everything from electronic mail to the secret personal identification numbers, or PINs, that people use with bank teller A bank teller is an employee of a bank who deals directly with most customers. In some places this employee is known as a cashier.
Tellers are considered a "front line" in the banking business. machines.
When approved, the AES will be a public algorithm designed to protect sensitive government information well into the 21st century. It will replace the aging Data Encryption Standard See DES.
Data Encryption Standard - (DES) The NBS's popular, standard encryption algorithm. It is a product cipher that operates on 64-bit blocks of data, using a 56-bit key. It is defined in FIPS 46-1 (1988) (which supersedes FIPS 46 (1977)). , which NIST adopted in 1977 as a Federal Information Processing Standard used by federal agencies to protect sensitive, unclassified un·clas·si·fied
1. Not placed or included in a class or category: unclassified mail.
DES and a variant called Triple DES See DES.
(cryptography) triple DES - A product cipher which, like DES, operates on 64-bit data blocks. There are several forms, each of which uses the DES cipher 3 times. Some forms use two 56-bit keys, some use three. The DES "modes of operation" may also be used with triple-DES. are used widely in the private sector as well, especially in the financial services industry.
The effort to establish the AES reflects the dramatic transformation that cryptography has undergone in recent years.
Just a few decades ago the science of cryptography was an esoteric endeavor employed primarily by governments to protect state and military secrets. Today, millions of Americans use cryptography, often without knowing it. Most people who use automated teller machines automated teller machine (ATM), device used by bank customers to process account transactions. Typically, a user inserts into the ATM a special plastic card that is encoded with information on a magnetic strip. have used cryptography because the secret PINs required by the machines are encrypted before being sent to a computer that makes sure the number matches the card.
Hundreds of encryption products currently employ DES or Triple DES, and such systems have become almost ubiquitous in the financial services industry. Consequently, the selection of the AES may affect millions of consumers and businesses.
NIST requested proposals for the AES on Sept. 12, 1997, and a variety of organizations around the world responded with enthusiasm. Each of the candidate algorithms was required to support key sizes of 128, 192 and 256 bits. For a 128-bit key size, there are approximately 340,000,000,000,000,000,000,000,000,000,000, 000,000 (340 followed by 36 zeros) possible keys.
NIST evaluated the candidate algorithms and received invaluable assistance from cryptographers at computer security companies and universities around the world. Good security was the primary quality required of the winning formula, but factors such as speed and versatility across a variety of computer platforms also were considered. In other words Adv. 1. in other words - otherwise stated; "in other words, we are broke"
put differently , the algorithms must be able to run securely and efficiently on large computers, desktop computers and even small devices such as smart cards.