HomeEncryption technologyAES Encryption

Advanced Encryption Standard

Origins of Cryptography

Cryptography is the science concerned with linguistic and mathematical techniques for securing information. Historically, cryptography has been concerned solely with encryption; converting information from its normal, comprehensible form into an incomprehensible format, thus rendering it useless without secret knowledge. Encryption has been used primarily to ensure secrecy in important communications, such as those of intelligence agents, military leaders, and diplomats. The first primitive (by modern standards) use of cryptography can be traced as far back as 2500 B.C. during Egypt's Old Kingdom. Cryptography was also used in Classical Greece and by the Roman Empire. Cryptography evolved steadily during the medieval and renaissance periods, coming into widespread use in the mid to late nineteenth century (in paper form of course), maturing with the mechanical and electromechanical cryptographic cipher machines (like the famous German Enigma) that were in wide use at the beginning of WWII and continued to be improved upon during the Cold War.

NSA Develops DES Encryption

The rapid growth of electronic transactions in the 1960's and early 1970's brought about the need for a means to protect them. Developed in the 1970s as a cooperative effort between IBM, the National Security Agency and several other governmental agencies, the Data Encryption Standard (DES) was the first attempt to produce a high-quality, government-sanctioned encryption algorithm for public commercial use (rather than the traditional military and diplomatic applications). DES was a relatively effective solution, using a 64 bit key, and many financial institutions adopted it as part of their transaction security systems. Unfortunately, security was not treated with the same measure of seriousness it is today. For example, in a scenario which sounds eerily familiar to PC users today sharing passwords to "make things easier", satellite and cable television companies produced thousands of decoder boxes using the same single DES key permanently installed . . . to make it easy for technicians to read and support them.

As with all human advances, the technological revolution of the 1990's resulted in both tremendous benefits and opportunities, and new ways for unscrupulous people to take advantage of them. Incidents of computer-based crime and security breaches grew exponentially, culminating in the near-epidemic proportions we see today. Through the late 1990's DES itself still had not been cracked. However, the ever-increasing power of computers along with the astounding growth of the Internet made the feat at least seem possible. The Electronic Frontier Foundation, a nonprofit group concerned with digital rights, decided to attempt such a feat and in February of 2000, after teaming up with Distributed.net - succeeded. With the effective obsolescence of DES, the need and urgency for a successor algorithm was apparent.

AES Rijndael Algorithm Emerges

The first potential heir to emerge was Triple DES (also known as TDES and 3DES). Triple DES uses the original DES algorithm literally three times to encrypt data. Triple DES appears to be holding its own today and many users of DES are in the midst of a migration to the enhanced version. However it could be vulnerable to another growth spurt in the processing power of computers. At the same time that the cryptography community was searching for a replacement for DES, the National Institute of Standards and Technology (NIST) was in the process of coordinating an open, public competition to find its own replacement for DES. The goal was to produce a secure and efficient algorithm with a long shelf life. Algorithms from all over the world were subjected to both public and governmental review and testing.

The algorithm chosen by NIST was a block cipher named Rijndael. Developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, Rijndael (pronounced Rhinedahl) is a portmanteau comprising the names of its two inventors. It is more computationally efficient than 3DES and supports key lengths up to 256 bits. It is also relatively easy to implement, and requires very little memory. Rijndael was adopted as the Advanced Encryption Standard by NIST as US FIPS PUB 197 in November 2001. Although 3DES has an acceptance advantage because of its DES bloodline, AES has emerged as one of the strongest and most efficient algorithms in existence today and is expected to be adopted worldwide.

Strictly speaking, AES is not exactly Rijndael (although in verbal practice they are used interchangeably) as Rijndael supports a larger range of block and key sizes; AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits, whereas Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits. The greater the bit size specified, the more difficult it is to break the encryption algorithm and therefore, the more secure your data is.

The Future of AES Encryption

AES has achieved acceptance and adoption from both governments and private enterprises. The National Security Agency (NSA) reviewed all the AES finalists, including Rijndael, and stated that all of them were secure enough for U.S. Government non-classified data. In June 2003, the U.S. Government announced that AES could be used for classified information. In May of 2005, Microsoft announced that it had added a wireless LAN security specification to Windows XP. The specification, called Wi-Fi Protected Access 2 (WPA2), requires a Wi-Fi client to include the AES algorithm for encrypting data traversing a Wi-Fi network. Because of its efficiency and power, AES will be with us for the long haul.