Round 2 AnalysisMore information is available regarding Round 2 analysis of the finalists.
Round 2 Public CommentsOn September 15, 1999, a Federal Register announcement called for public comments on the AES finalists. That announcement also presented some suggested topics for public comments.
Beginning December 8, 1999, NIST made available all public comments received-to-date, in order to generate more analysis and discussion during Round 2.
AES3 ConferenceThe Third AES Candidate Conference (AES3) was held in New York City, 13-14 April 2000, near the end of Round 2.
NIST's Round 1 ReportNIST developed a document, Status Report on the First Round of the Development of the Advanced Encryption Standard [PDF] which summarized Round 1 analysis and presents NIST's selection of the finalists for Round 2. (Addenda [PDF] for the Round 1 Report are also available. Last updated October 1, 1999.)
Here is an abstract for the status report:
Abstract: In 1997, the National Institute of Standards and Technology (NIST) initiated a process to select a symmetric-key encryption algorithm to be used to protect sensitive (unclassified) Federal information in furtherance of NIST's statutory responsibilities. In 1998, NIST announced the acceptance of fifteen candidate algorithms and requested the assistance of the cryptographic research community in analyzing the candidates. This analysis included an initial examination of the security and efficiency characteristics for each algorithm. NIST has reviewed the results of this research and selected five algorithms (5) as finalists. The research results and rationale for the selection of the finalists are documented in this report. The five finalists will be the subject of further study before the selection of one or more of these algorithms for inclusion in the Advanced Encryption Standard.
Results of NIST's Round 1 TestingAlthough NIST relied primarily on public analysis and comments to make its selection of the Round 2 finalists, it did perform some testing of its own during Round 1, using the code that was originally provided by the submitters.
Proposed Modifications ("Tweaks")Submitters of only four (4) of the fifteen (15) Round 1 algorithms proposed modifications to their algorithms. For a brief summary of those proposals, and NIST's assessment of those proposals, please read Section 2.8 of NIST's Round 1 Report.
Modifications were proposed by the submitters of the following four algorithms (available as ZIP files):
Additional Round 2 Information
Computer Security Division
National Institute of Standards and Technology