DevSecOps-Security-Privacy History

Advanced Encryption Standard (AES) – 2001 AD

Return to Timeline of the History of Computers


Advanced Encryption Standard

Vincent Rijmen (b. 1970), Joan Daemen (b. 1965)

“After the US government adopted the Data Encryption Standard (DES) in 1977, it quickly became the most widely used encryption algorithm in the world. But from the start, there were concerns about the algorithm’s security. DES had an encryption key of just 56 bits, which meant there were only 72,057,594,037,927,936 possible encryption keys, leaving experts to speculate whether anyone with the means had built special-purpose computers for cracking DES-encrypted messages.

DES had other problems. Designed to be implemented in hardware, software implementations were surprisingly slow. As a result, many academic cryptographers proposed new ciphers in the 1980s and 1990s. These algorithms found increasing use—in web browsers, for instance—but none had the credence that came with having gone through the government’s standards-making process.

So, in 1997, the US National Institute of Standards and Technology (NIST) announced a multiyear competition to decide upon the nation’s next encryption standard. NIST invited cryptographers all over the world to submit not only their best algorithms, but their recommendations for how the algorithms should be evaluated.

Adding another nail to the DES coffin, in 1998 the Electronic Frontier Foundation (EFF), a tiny civil liberties organization, announced that it had built one of those mythical DES-cracking machines, and for less than $250,000. Called Deep Crack, the machine could try 90 billion DES keys a second, allowing it to crack, on average, a DES-encrypted message in just 4.6 days.

In total, there were 15 credible submissions from nine different countries to the NIST contest. After considerable public analysis and three public conferences, the winner was decided in 2001: an algorithm called Rijndael, developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen. Rijndael is now called the Advanced Encryption Standard (AES). It can be run with 128-bit, 192-bit, or 256-bit keys, allowing for unprecedented levels of security. It can run on tiny 8-bit microcontrollers, and nearly all modern microprocessors now have special AES instructions, allowing them to encrypt at blindingly fast speeds.”

SEE ALSO Data Encryption Standard – DES (1974)

One of the 29 circuit boards from the Electronic Frontier Foundation’s encryption breaking machine, Deep Crack.

Fair Use Sources: B07C2NQSPV