US to update ageing encryption standard

After three years of competition, a technique to replace the US government backed Data Encryption Standard (DES) algorithm has been selected.

Rijndael has been named by the US National Institute of Standards and Technology (NIST) as the successor to the ageing DES standard, and the basis of the Advanced Encryption Standard (AES).

Announcing the winner of the competition, US Secretary of Commerce, Norman Mineta, said: "Once final, this standard will serve as a critical computer security tool supporting the rapid growth of electronic commerce. This is a very significant step toward creating a more secure digital economy."

A replacement to the DES algorithm was needed because the relatively small cryptographic key sizes used - just 56 bits - leave it vulnerable to attack from modern cracking techniques.

AES, which is defined for either 128, 192 or 256 bit versions, is designed to be capable of protecting sensitive government information for many years to come. AES will be used by the US government and, on a voluntary basis, by the private sector, and will replace DES as a federally-sanctioned, trusted symmetric encryption algorithm.

Brian Gladman, technical advisor to the Foundation for Information Privacy Research, said Rijndael has already been incorporated in products, even before AES has been finalised, which is expected to happen next spring.

Gladman said he expects AES to become as ubiquitous as DES, and to be used in everything from web servers and financial systems to smart cards.

Computer scientists at the National Institute of Standards and Technology, an agency of the Commerce Department's Technology Administration, organised the international competition that led to the definition of an AES.

Researchers from 12 different countries worked on developing advanced encoding methods during the global competition. After narrowing the field down from 15 formulas to five, NIST invited cryptographers to intensify their attacks on the finalists. The agency and the world cryptographic community also evaluated the encoding formulas for factors such as security, speed and versatility across a variety of computer platforms.

The algorithms must be able to run securely and efficiently on large computers, desktop computers and even small devices such as smart cards. Rijndael was selected because it had the best combination of security, performance, efficiency and flexibility.

The Rijndael developers are Belgian cryptographers Joan Daemen of Proton World International and Vincent Rijmen of Katholieke Universiteit Leuven. Cambridge University's Ross Anderson also participated in the competition.

Baltimore Technologies senior cryptographer, William Whyte, said: "The thorough testing process for the AES should increase public confidence and eliminate suspicion of trapdoors or hidden weaknesses in the Rijndael algorithm. This will help not only interoperability, but the credibility of cryptography as a whole."