AES: the Advanced Encryption Standard
The goal of the Advanced Encryption Standard (AES) competition was to specify
"an unclassified, publicly disclosed encryption algorithm capable of
protecting sensitive government information well into the next century".
The AES competition was organized
by the United States National Institute of Standards and Technology (NIST).
Each AES submission was required to be a block cipher
supporting a block length of 128 bits
and key lengths of 128, 192, and 256 bits.
The call for proposals specified the following evaluation criteria:
- Security ("the most important factor in the evaluation"):
- "Actual security of the algorithm compared to other submitted algorithms";
- "The extent to which the algorithm output is indistinguishable from a random permutation
on the input block";
- "Soundness of the mathematical basis for the algorithm's security";
- "Other security factors raised by the public during the evaluation process,
including any attacks which demonstrate that the actual security of
the algorithm is less than the strength claimed by the submitter".
- "Licensing requirements" ("AES shall be available on a worldwide, non-exclusive, royalty-free basis");
- "Computational efficiency";
- "Memory requirements".
- "Algorithm and implementation characteristics":
- "Flexibility" (e.g., additional key sizes, additional block sizes, wide variety of platforms, stream cipher, MAC generator, PRNG, hash);
- "Hardware and software suitability";
- M-17, 1997.01.02: NIST announces AES competition.
- M-14, 1997.04.15: AES Evaluation Criteria/Submission Requirements Workshop. Gaithersburg.
- M-9, 1997.09.12: NIST issues call for algorithms.
- M0, 1998.06.15: Deadline for submissions.
- M2, 1998.08.20: First AES Candidate Conference. NIST announces 15 AES candidates.
- M9, 1999.03.22–23: Second AES Candidate Conference.
- M14, 1999.08.09: NIST announces its selection of 5 AES finalists.
- M22, 2000.04.13–14: Third AES Candidate Conference.
- M23, 2000.05.15: End of comment period.
- M28, 2000.10.02: NIST announces its selection of AES.
Vincent Rijmen, Joan Daemen
Carolynn Burwick, Don Coppersmith, Edward D'Avignon, Rosario Gennaro, Shai Halevi, Charanjit Jutla, Stephen M. Matyas, Luke O'Connor, Mohammad Peyravian, David Safford, Nevenko Zunic
Ron Rivest, Matt Robshaw, Ray Sidney, Yiqun Lisa Yin
Ross Anderson, Eli Biham, Lars Knudsen
Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson
Carlisle Adams, Stafford Tavares, Howard Heys, Michael Wiener
Chae Hoon Lim
Henri Gilbert, Marc Girault, Philippe Hoogvorst, Fabrice Noilhan, Thomas Pornin, Guillaume Poupard, Jacques Stern, Serge Vaudenay
Masayuki Kanda, Shiho Moriai, Kazumaro Aoki, Hiroki Ueda, Miyako Ohkubo, Youichi Takashima, Kazuo Ohta, Tsutomu Matsumoto
Dianelos Georgoudis, Damian Leroux, Billy Simón Chaves
Lawrence Brown, Josef Pieprzyk, Jennifer Seberry
Michael Jacobson Jr., Klaus Huber
James Massey, Gurgen Khachatrian, Melsik Kuregian
This is version 2014.01.27 of the aes.html web page.