The AES Process - DES replacement

Brian Gladman gladman at seven77.demon.co.uk
Wed, 8 Jul 1998 18:11:24 +0100 

The US National Institute of Standards and Technology is currently running a
programe under the title 'Advanced Encryption Standard' to replace DES.
Given the importance of DES when few were using cryptography, AES promises
to be of enormous significance as it will come of age when encryption use
will be very widespread.

I am used to being critical of the US on cryptography matters but on this
occasion I have to give them credit for a far sighted effort and for running
a very open international process.

The call for candidates is now closed and we won't know for a while how many
candidate algorithms have been accepted. However, several groups have
published their submissions including:

    Serpent, from Ross Anderson (UK) , Eli Biham (Israel) and Lars Knudsen
(Norway)
    Twofish, from Bruce Schneier and colleagues (US)
    Mars, from Don Coppersmith and colleagues at IBM (US)
    CAST-256 from Carlisle Adams of Entrust (Canada)
    RC6 from Ron Rivest and colleagues (US)
    Rijndael form Joan Daeman and Vincent Rijmen (Belgium)
    DEAL from Lars Knudsen (Norway)
    LOKI97 from Lawrie Brown and Josef Pieprzyk (Australia)
    FROG from TecApro International (Spain)

Given some of the names on this list it is reasonable to expect a world
class algorithm to emerge (assuming that the US are serious which I believe
that they are).

There is some difficulty in the US groups publishing their source code but
where this has been published in the US it has always 'leaked out' in about
12 hours.  In any event all the paper descriptions are available and it is a
good exercise to implement from these descriptions in order to see how good
they are at describing the algorithms.

My congratulations go to Ross as being the only visible UK contributor
(there may be others).

I have been taking an interest in the AES process for some time and I have
been intending to implement the leading algorithms to see what is involved.
Being entirely parochial I have started with Serpent, in part because it is
partially 'home grown' but also because it has some interesting properties.
I am also implementing others as well and I would be interested in any
observations of interested list members on which they see as leading
candidates (off list please to keep bandwidth down - I will summarise
results to the list if enough people reply).

My contribution so far is up on my Web page
(http://www.seven77.demon.co.uk/) and Ross also has material on his page.

This has come along at a convenient time in view of the UK government's
plans to control cryptographic (and other) information in intangible form as
it allows me to ensure that my Web page (as well as Ross's) will become
illegal under any such legislation.

  Brian