Feeds

US give AES the official yes

256-bit encryption standard formally approved

  • alert
  • submit to reddit

SANS - Survey on application security programs

The Advanced Encryption Standard (AES) has at long last received the official stamp of approval which allows it to be used by the US Federal Government.

AES represents the fruits of a four-year project by cryptographers to develop a next generation encryption standard, and is expected to replace the Data Encryption Standard algorithm which was introduced in 1977.. Products implementing AES are expected to come to market shortly in the private and public sectors, protecting financial transactions and other sensitive data contained on everything from supercomputers to smartcards.

The encryption technique used in AES was selected through a competition organised by the Commerce Department's National Institute of Standards and Technology (NIST).

Rijndael (pronounced Rhine-doll) emerged as the eventual winner and was selected as the basis of AES in October 2000. The algorithm was developed by a pair of Belgian researchers Joan Daemen of Proton World International and Vincent Rijmen of Katholieke Universiteit Leuven.

Each algorithm submitted for the AES competition was required to support key sizes of 128, 192 and 256 bits. Rijndael was eventually selected because it had the best combination of security, performance, efficiency and flexibility. ®

Reg factoid

For a 128-bit key size, there are approximately 340 undecillion (340 followed by 36 zeros) possible keys.

External links

Commerce Secretary Announces New Standard for Global Information Security

Related stories

The encryption algorithm demolition derby
Belgians win US encryption standard contest

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.