NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

Block Ciphers

Approved Algorithms

Currently, there are two (2) Approved1 block cipher algorithms that can be used for both applying cryptographic protection (e.g., encryption) and removing or verifying the protection that was previously applied (e.g., decryption): AES and Triple DES. Two (2) other block cipher algorithms were previously approved: DES and Skipjack; however, their approval has been withdrawn. See the discussions below for further information; also see SP 800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, for additional information about the use of these block cipher algorithms.

Federal agencies should see OMB guidance about the use of strong encryption algorithms and OMB Memorandum 07-16, item C about the use of NIST certified cryptographic modules.

Advanced Encryption Standard (AES)

AES is specified in Federal Information Processing Standard (FIPS) 197, Advanced Encryption Standard (AES), which was approved in November 2001. AES must be used with the modes of operation designed specifically for use with block cipher algorithms.

NIST announced the approval of FIPS 197 Advance Encryption Standard in 2001. This standard specifies the Rijndael algorithm as a FIPS-approved symmetric-key algorithm that may be used by U.S. Government organizations (and others) to protect sensitive information.

Additional information regarding the use of AES can be found at https://www.nsa.gov/ia/programs/suiteb_cryptography/.

Complete information on the AES development effort is available at the AES home page. Please note that these pages are included for historical reference only. As these pages refer to a development effort, they may contain errors. Refer to FIPS 197 for the actual specification of AES.

Triple DES

Triple DES is specified in Special Publication (SP) 800-67, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, which was last revised in January 2012. This Recommendation specifies the Triple Data Encryption Algorithm (TDEA) block cipher, which includes a Data Encryption Algorithm (DEA) cryptographic engine that is implemented as a component of TDEA. DEA was originally specified in FIPS 46, The Data Encryption Standard, which became effective in 1977 and was reaffirmed in 1983, 1988, 1993, and 1999. FIPS 46 has now been withdrawn, but DEA is specified as a component function of TDEA.

TDEA must be used with appropriate modes of operation designed for use with block cipher algorithms.

TDEA was originally specified in FIPS 46-3, Data Encryption Standard (DES), in October 1999, but was withdrawn in January 1988.

Skipjack

The Skipjack algorithm was originally referenced in FIPS 185, Escrowed Encryption Standard (EES), which was approved in February 1994 and withdrawn in October 2015.

Skipjack was approved for use with any of the four (4) modes of operation originally specified in FIPS 81, DES Modes of Operation: : the ECB, CBC, CFB and OFB modes. FIPS 81 was approved in December 1980 and withdrawn in May 2005. Note that these modes remain valid (see Block Cipher Modes). 

NIST provided a clarification regarding byte ordering to the Skipjack specification.

Skipjack is not approved for applying cryptographic protection (e.g., encryption), but may continue to be used for removing the protection (e.g., decryption).

Data Encryption Standard (DES)

DES was originally approved as FIPS 46 in January 1977. After several revisions, the final revision, FIPS 46-3, Data Encryption Standard (DES), was withdrawn in May 2005.

Back to Top

Testing Products

Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).

Back to Top

Additional Information

Modes of Operation for the FIPS-approved encryption algorithms are available on the Modes of Operation page.

 

1 An algorithm or technique that is either specified in a FIPS or NIST Recommendation.