Advanced Encryption Standard
For the past three years,the National Institute of Standards and Technology （NIST） has been working to develop a new encryption standard to keep government information secure.The organization is in the final stages of an open process of selecting one or more algorithms,or data-scrambling formulas,for the new Advanced Encryption Standard （AES） and plans to make adecision by late summer or early fall.The standard is slated to go into effect next year.
AES is intended to be a stronger,more efficient successor to Triple Data Encryption Standard（3DES）,which replaced the aging DES,which was cracked in less than three days in July 1998.
“Until we have the AES,3DES will still offer protection for years to come.So there is no need to immediately switch over,”says Edward Roback, acting chief of the computer security division at NIST and chairman of the AES selection committee.“What AES will offer is a more efficient algorithm.It will be a federal standard,but it will be widely implemented in the IT community.”
According to Roback,efficiency of the proposed algorithms is measured by how fast they can encrypt and decrypt information,how fast they can present an encryption key and how much information they can encrypt.
The AES review committee is also looking at how much space the algorithm takes up on a chip and how much memory it requires.Roback says the selection of a more efficient AES will also result in cost savings and better use of resources.
“DES was designed for hardware implementations,and we are now living in a world of much more efficient software,and we have learned an awful lot about the design of algorithms,”says Roback.“When you start multiplying this with the billions of implementations done daily,the saving on overhead on the networks will be enormous.”
The process of selecting the algorithm for AES has been notable for its openness and transparency.This is a marked departure from the government's past inclination toward secrecy in discussing encryption standards,which led to the public cracking of DES after critics questioned the government's assertion that the standard was still secure.