NIST Home Page Button

***After February 28, 2001, these pages shall no longer be updated. All current AES-related information is available at http://www.nist.gov/aes/.

Advanced Encryption Standard (AES)
Development Effort


GENERAL
button AES Home Page
button Rijndael Information
button Modes of Operation
button Discussion Forum
   (Archive: read-only)
button Recent News
ROUND 2
(8/1999-5/2000)
button Finalist Algorithms
button Round 2 Analysis
button Round 2 Comments
button 3rd AES Conference
ROUND 1
(8/1998-4/1999)
button R1 Algorithms
button R1 Announcement
button R1 Comments
button 2nd AES Conference
button 1st AES Conference
Pre-ROUND 1
(1/1997-7/1998)
button Call for Candidates
button AES Beginnings

*** RIJNDAEL ***

Selected by NIST
for the Proposed AES

 

Recent Announcements

October 2, 2000 - NIST announces that Rijndael has been selected as the proposed AES.

September 29, 2000 - Information on the October 20, 2000 Modes of Operation Workshop is still available, and comments are invited.

August 7, 2000 - VHDL models developed by NSA to evaluate the hardware performance of the five finalists is available.

Additional AES "News" from Round 2.



SPECIAL NOTE - Intellectual Property
NIST reminds all interested parties that the adoption of AES is being conducted as an open standards-setting activity. Specifically, NIST has requested that all interested parties identify to NIST any patents or inventions that may be required for the use of AES. NIST hereby gives public notice that it may seek redress under the antitrust laws of the United States against any party in the future who might seek to exercise patent rights against any user of AES that have not been disclosed to NIST in response to this request for information.


Overview of the AES Development Effort

February 2001

The National Institute of Standards and Technology (NIST) has been working with industry and the cryptographic community to develop an Advanced Encryption Standard (AES). The overall goal is to develop a Federal Information Processing Standard (FIPS) that specifies an encryption algorithm(s) capable of protecting sensitive government information well into the next century. The algorithm(s) is expected to be used by the U.S. Government and, on a voluntary basis, by the private sector.

On January 2, 1997, NIST announced the initiation of the AES development effort and made a formal call for algorithms on September 12, 1997. The call stipulated that the AES would specify an unclassified, publicly disclosed encryption algorithm(s), available royalty-free, worldwide. In addition, the algorithm(s) must implement symmetric key cryptography as a block cipher and (at a minimum) support block sizes of 128-bits and key sizes of 128-, 192-, and 256-bits.

On August 20, 1998, NIST announced a group of fifteen AES candidate algorithms at the First AES Candidate Conference (AES1). These algorithms had been submitted by members of the cryptographic community from around the world. At that conference and in a simultaneously published Federal Register notice, NIST solicited public comments on the candidates. A Second AES Candidate Conference (AES2) was held in March 1999 to discuss the results of the analysis conducted by the global cryptographic community on the candidate algorithms. The public comment period on the initial review of the algorithms closed on April 15, 1999. Using the analyses and comments received, NIST selected five algorithms from the fifteen.

The AES finalist candidate algorithms were MARS, RC6, Rijndael, Serpent, and Twofish, and NIST developed a Round 1 Report describing the selection of the finalists.

These finalist algorithms received further analysis during a second, more in-depth review period prior to the selection of the final algorithm(s) for the AES FIPS. Until May 15, 2000, NIST solicited public comments on the remaining algorithms. Comments and analysis were actively sought by NIST on any aspect of the candidate algorithms, including, - but not limited to, - the following topics: cryptanalysis, intellectual property, crosscutting analyses of all of the AES finalists, overall recommendations and implementation issues. An informal AES discussion forum was also provided by NIST for interested parties to discuss the AES finalists and relevant AES issues.

Near the end of Round 2, NIST sponsored the Third AES Candidate Conference (AES3) - an open, public forum for discussion of the analyses of the AES finalists. AES3 was held April 13-14, 2000 in New York, NY, USA. Submitters of the AES finalists were invited to attend and engage in discussions regarding comments on their algorithms. The final agenda for AES3 includes links to the accepted papers, their presentations (if available), the submitter statements, and the submitter presentations. All papers proposed for AES3 were considered as official Round 2 public comments.

After the close of the Round 2 public analysis period on May 15, 2000, NIST studied all available information in order to make a selection for the AES. On October 2, 2000, NIST announced that it has selected Rijndael to propose for the AES. A report, press release, and AES fact sheet are available with that information.

After the announcement, NIST began preparing a draft Federal Information Processing Standard (FIPS) for the AES, which was published for public review and comment in February 2001. Following the 90-day comment period, the draft standard will be revised by NIST, as appropriate, in response to public comments. A review, approval, and promulgation process will then follow. If all steps of the AES development process proceed as planned, it is anticipated that the standard will be completed by the summer of 2001. At the time that NIST publishes the AES standard, it is intended that validation testing (i.e., conformance testing) for AES implementations will be available through NIST's Cryptographic Module Validation Program.



Last Modified: February 28, 2001

Questions?
Press Contacts

Computer Security Division
National Institute of Standards and Technology

NIST is an agency of the U.S. Department of Commerce

NIST Privacy Statement/Security Notice
NIST Disclaimer and Privacy Notice