Cryptography Reference
In-Depth Information
search efforts; these key lengths are all currently well beyond the capabilities of
state-of-the-art exhaustive key search techniques;
3. the block cipher had to operate at a faster speed than Triple DES across a range
of different computing platforms.
In contrast to the development of DES, it was specified that the selection process
would be by an open public 'competition' and that the chosen algorithm and
design details must be made freely available. There are probably two reasons why
such a decision was made:
Confidence
: to allay the suspicions that hung over the development process for
DES and thus to maximise public confidence in, and international adoption
of, the resulting encryption standard;
Expertise
: to benefit from the dramatic increase in public expertise in cryptology
that had taken place between the 1970s and the 1990s by:
• encouraging the best cryptographic designers to take part;
• obtaining the widest scrutiny of the candidate algorithms.
The result of this call was 15 candidate proposals, which were quickly reduced
to 11. In 1999, after a public consultation process, this was reduced to five
candidates. Finally in 2000, the winning algorithm
Rijndael
was selected. Rijndael
was designed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen,
who at that time were working for a Belgian card payment organisation and a
Belgian university, respectively. While Rijndael was selected on merit, and after
significant scrutiny by international experts, it did no harm to the confidence in
the process that the final selection was not from the US and was designed by a
partnership between the commercial and academic sectors. The principal reasons
for Rijndael's final selection were due to performance issues and not security
issues. The four other finalists in the AES process, MARS, RC6, Serpent and
Twofish, are also highly regarded.
Federal Information Processing Standard FIPS 197, the Advanced Encryption
Standard, was published in 2001 and contained a slightly modified version of
Rijndael. This standard specifies AES as a symmetric encryption algorithm that
may be used by US Government organisations (and others) to protect sensitive
information.
4.5.2
Design of AES
Unlike DES, AES is not designed to an explicit blueprint such as the Feistel Cipher.
However, it is based on a design principle often referred to as a
substitution-
permutation network
. This simply means that the design is based on a series
of linked operations, some of which involve replacing inputs by specific outputs
(
substitutions
) and others involve shuffling bits around (
permutations
). A detailed
specification of AES is beyond our scope, however, we will provide at least a
conceptual overview of the encryption process.
