---

Home Security

Security Portal: Advanced Encryption Standard Released

By

“About 25 years ago the US NBS (National Board of Standards,
renamed to NIST) put out a call for an encryption algorithm,
unfortunately at that time public cryptography was minimal (they
mostly worked for the NSA). Another call was put out in the federal
register to which IBM responded with an algorithm called “Lucifer”.
This is where things get interesting. Originally Lucifer used a 128
bit key, however after the NSA got involved the key length was
reduced to 56 bits, making it 4,722,366,482,869,645,213,696 times
easier to brute force the key (2^72). This is rather interesting
because it made it possible for the EFF to design and build a
custom chip that had one purpose, to brute force DES keys. For less
then $250,000 they engineered and manufactured a machine that could
run through the entire 56 bit key space in a matter of days (less
then 5 days on average). This was accomplished by a small public
effort and completed in January of 1999.”

“This is especially interesting since the NSA is many years
ahead of public cryptographic efforts (the NSA is the world’s
largest employer of mathematicians). People realized that DES on
it’s own was secure against casual attackers, but not against a
reasonably determined attacker, so 3DES was created, basically 2 56
bit keys are used to encrypt the data, first the A key, then the B
key, then the A key again. This makes the resulting effort required
to brute force it exponentially higher, unless there is some
fundamental flaw in DES it probably isn’t possible to brute force
it. This of course creates a new problem, the resulting encryption
and decryption is extremely slow and computationally expensive.
NIST responded to this several years ago by calling for a
replacement for DES, the AES (Advanced Encryption Standard), which
has now been chosen and announced.”

AES must be faster, stronger and cheaper to implement then
DES. It had to be fast when implemented in software, and small so
it could be implemented in hardware (token cards/etc). It has
to be highly resistant to attack since like DES it will be in
service for a long time (to put it in perspective UNIX measures
time in seconds since 1970, the “epoch”). After a lengthy process
of many submissions it was whittled down to 5 finalists. At this
point these algorithms are reasonably safe, they have been analyzed
in great detail, and while some concerns have been found in most
cases they are minor or easily solved (i.e. using more rounds). The
algorithm chosen was Rijndael.”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.