Most read:
- The case for Java modularity
- Four harmful Java idioms, and how to fix them
- iBATIS, Hibernate, and JPA - Which is right for you?
- Build the enterprise with EJB 3, JBoss Seam, and Maven 2
- Hello, OSGi, Part 1: Bundles for beginners
Popular archives:
Java Q&A Forums - Let the great migration begin
We're pleased to announce the first phase of the integration of the Java Q&A Forums with our community platform, JavaWorld's
Daily Brew. Whether you're one of our longtime forum users or a brand newbie, we hope you'll visit the Java Q&A Forums in their new home alongside JW Blogs.
Featured Whitepapers
| Enterprise AJAX - Transcend the Hype |
| Oracle Compatibility Developer's Guide |
AES: Who won?
Discover the results of the Advanced Encryption Standard contest
Private-key cryptography has been used for ages, especially on the battlefield. It employs a shared-secret key for communication. By contrast, public-key cryptography, invented in the mid-1970s, relies on the notion of key pairs: a secret private key and a freely available public key. Public-key cryptography obviated the problem of reliable key distribution, a major drawback of private-key cryptography. On the other hand, private-key cryptography is much faster. In practice, a hybrid of these techniques is used -- public-key cryptography is used to set up a session key, which becomes the basis for subsequent communication with private-key cryptography.Approved in 1977, the Data Encryption Standard (DES) was an early standard for private-key cryptography. (See the Sidebar for more on DES.) By 1997, it had become long in the tooth, so the National Institute of Standards and Technology (NIST) issued a Request for Comment (RFC) for a new standard -- the Advanced Encryption Standard (AES) -- to replace DES. The NIST planned to work closely with the cryptographic community to develop this next-generation private-key algorithm. Note: For further background on AES and a report from the third AES conference, held in April 2000, see Raghavan N. Srinivas's "AES: Cryptography advances into the future" (JavaWorld, April 2000).
For an introduction to computer security and cryptography, see "Java security evolution and concepts, Part 1: Security nuts and bolts" (JavaWorld, April 2000), also by Raghavan N. Srinivas.
The process
The cryptographic landscape had changed since the days of DES; the new standard needed to be small, hard to crack, fast, and suitable for small devices. These tough and sometimes conflicting requirements, as well as the perception that the government had botched the original DES development process, led to a common belief that the AES process was doomed under the NIST's direction. The National Bureau of Standards (NBS), which oversaw the DES process, had been widely criticized for its closed and highly secretive approach. The NIST, which morphed out of the NBS, made the AES process far more open by soliciting active input from the cryptographic community.
The requirements
In 1998, the NIST solicited from the industry algorithms that had to meet NIST-defined requirements. The algorithms had to:
- Implement private-key cryptography
- Be a block cipher
- Work on 128-bit blocks and with three key sizes: 128, 192, and 256 bits
The NIST also stipulated that candidate algorithms had to be available worldwide on a nonexclusive, royalty-free basis. The NIST would evaluate candidates based on security margin, performance, and other factors. The institute left other questions about the selection process unanswered, including:
- Would a single or multiple algorithm be selected?
- Would the NIST insist on tweaks to the algorithm as a condition for selection?
- Would the NIST use an arbitrary tiebreaking criteria to decide a close race?
Of course, nagging doubts persisted about whether the NIST was capable of reaching a solution that would satisfy both the cryptographic and user communities.
- Find information and news about the Advanced Encryption Standard (AES)
http://csrc.nist.gov/encryption/aes - The Rijndael homepage
http://www.esat.kuleuven.ac.be/~rijmen/rijndael - "Standing the Test of TimeThe Data Encryption Standard," Susan Landau (Notices, March 2000) -- a fascinating and concise look at how the Data Encryption Standard (DES) has outlived its usefulness
http://www.ams.org/notices/200003/fea-landau.pdf - "Communications Security for the Twenty-first CenturyThe Advanced Encryption Standard," Susan Landau (Notices, April 2000) -- follows up her previous article by outlining the promise of AES
http://www.ams.org/notices/200004/fea-landau.pdf - IAIK's Java implementations of the five second-round AES candidate algorithms
http://jcewww.iaik.at/aes - Cryptix's implementation of Rijndael
http://www.cryptix.com - "AESCryptography advances into the future," Raghavan N. Srinivas (JavaWorld, April 2000)
http://www.javaworld.com/jw-04-2000/jw-0428-aes.html - "Java security evolution and concepts, Part 1Security nuts and bolts," Raghavan N. Srinivas (JavaWorld, April 2000)
http://www.javaworld.com/jw-04-2000/jw-0428-security.html