Washington, D.C. -- Candidates for a new information scrambling code for the 21st century made their debut at an international cryptography conference today.
The Commerce Department's National Institute of Standards and Technology announced the acceptance of 15 sophisticated encoding formulas as candidates for the new encryption standard. Mathematical formulas, called algorithms, are at the heart of computerized encryption systems.
Researchers from 12 different countries worked on developing the formulas unveiled today at the First Advanced Encryption Standard Candidate Conference sponsored by NIST's Information Technology Laboratory.
NIST is inviting the worldwide cryptographic research community to "attack" the formulas in an attempt to break the codes during the first evaluation period, which will end April 15, 1999. Additionally, NIST will evaluate the algorithms for factors such as security and speed.
Reducing the field to five or fewer finalists that will undergo more intensive scrutiny is the goal of this first round of evaluation efforts. Finalists will be identified by the end of the summer of 1999. NIST eventually will propose that one of the 15 algorithms be adopted as the Advanced Encryption Standard. However, detailed analysis is required before this can happen, and the process is structured to build confidence in the AES. Consequently, the process is unlikely to be completed before 2001.
The AES will provide security for encrypted data. It will be a public algorithm designed to protect sensitive government information well into the next century. The AES will replace the Data Encryption Standard currently used by many federal agencies and businesses. NIST adopted DES in 1977 as a Federal Information Processing Standard for use by federal agencies to encrypt sensitive information.
IBM Corp. developed DES, which is used by the federal government and has found widespread acceptance in the private sector, particularly the financial services industry. Like DES, the AES will be available for private-sector use on a royalty-free basis.
NIST requested proposals for the AES on Sept. 12, 1997. A variety of organizations responded, and the 15 algorithms meeting NIST's minimum criteria were announced today at the conference in Ventura, Calif. Each of the 15 AES candidates supports key sizes of 128, 192 and 256 bits. At a 128 bit key size, there are approximately 340,000,000,000,000,000,000,000,000,000,000,000,000 (340 followed by 36 zeroes) possible keys.
The conference will run through Saturday, and each submitter of a candidate algorithm will provide a public briefing about its design and answer initial questions.
NIST has accepted the following algorithms as candidates. The list includes the algorithm name, algorithm submitters (and representative, if applicable) and submitter's country:
More information about the AES is available at http:/www.nist.gov/aes.
News and general information on the National Institute of Standards and Technology are available on the World Wide Web at http://www.nist.gov.
In April of 2002 the Bureau of Export Administration (BXA) changed its name to the Bureau of Industry and Security(BIS). For historical purposes we have not changed the references to BXA in the legacy documents found in the Archived Press and Public Information.