Wizard API updated!
Tim Boudreau has released a new version of the Swing Wizard library (version 0.997) that fixes the WizardException bug reported in JavaWorld's recent Open Source Java Project profile. The article's examples have been reworked to test out the new, improved WizardException. Thanks, Tim, for this helpful fix!
Open Source Java Projects: The Wizard API

Newsletter sign-up

Sign up for our technology specific newsletters.

Enterprise Java
View all newsletters
Email Address:
JavaWorld.com > Java Development Tools >

AES: Cryptography advances into the future

Find out the latest steps towards the development of the Advanced Encryption Standard, the next-generation standard for private-key cryptography

By Raghavan N. Srinivas, JavaWorld.com, 04/28/00

The Data Encryption Standard (DES) boasts nearly universal acceptance today, with only a few exceptions. Government communications, bank electronic funds transfers, civilian satellite communications, and even computer systems' passwords -- all rely on DES for protection.

DES, officially approved as a standard in 1977, heralded a new era in cryptography. Prior to DES, hardly anything about cryptography was in the realm of public interest and analysis. DES changed all that, however. By certifying a secure algorithm, the government opened an avenue for studying and attacking cryptographic algorithms. (Note: See the sidebar for a brief description of cryptanalysis, a complementary field to cryptography. Cryptanalysis is the science of attacking cryptographic algorithms.)

There have been several criticisms directed at DES, including its inadequate 56-bit key length and an alleged trapdoor inserted by the National Bureau of Standards (NBS), the predecessor to today's National Institute of Standards and Technology (NIST). Despite these gripes and further claims of attacks, DES has withstood the test of time, until recently: in January 1999, a cobbled-together network of 100,000 PCs cracked a DES-encoded message in slightly less than 24 hours.

It was apparent that with the availability of cheaper and faster hardware, DES would be rendered untenable in a few years. To address this problem, the NIST issued a Request For Comment (RFC) in 1997 for a standard -- to be called AES, or the Advanced Encryption Standard -- to replace DES. NIST would work closely with the industry and the cryptographic community to develop this next-generation private-key algorithm.

Private-key cryptography

As a bit of background, private-key cryptography uses a secret key for both encryption and decryption. The algorithm employs several iterations, referred to as rounds. Each round uses a subkey derived from the key. The transformation from plaintext to ciphertext and vice versa uses the subkey and progresses through the rounds. The selection or generation of subkeys is referred to as the key schedule.

Usually, both encryption and decryption processes use the same algorithm, with the key schedule being different.

(Note: For an introduction to computer security and cryptography, see "Java Security Evolution and Concepts, Part 1: Security Nuts and Bolts," also by Raghavan N. Srinivas.)

AES criteria

To be a successful replacement to DES, the AES algorithm design would need to satisfy a number of criteria: strong security, simple design, good performance, and so on.

Security obviously holds the top priority for the AES algorithm. With security in mind, the algorithm must account for future resiliency -- the algorithm's designed-in ability to withstand future attacks.

Moreover, the algorithm design, contrary to conventional wisdom, should be simple so that it can be successfully cryptanalyzed.

Next on the AES criteria list: good performance. Widespread market adoption will require reasonably good performance on a variety of platforms, ranging from easy-to-crack smart cards to the largest servers. Good algorithm performance includes speed for the encryption and decryption process as well as the key schedule.

1 | 2 | 3 | 4 | 5 | 6 |  Next >
Resources