With 128-bit AES on the horizon, encryption software gets tough
- By Kevin Jonah
- Aug 05, 2001
Federal information technology managers' data encryption options are about to expand.
There are three encryption standards approved for government use by the National Institute of Standards and Technology: the Digital Encryption Standard (DES), Triple DES and Skipjack.
By the end of the summer, NIST is scheduled to release a new Federal Information Processing Standard for data encryption called the Advanced Encryption Standard. AES is designed to replace the aging DES and will coexist with other FIPS-approved cryptographic standards.
AES, like DES and Triple DES, is a symmetric encryption algorithm, which means that the same key both encrypts and decrypts the data. AES is well-suited for securing data on disks and performing other tasks for which a single encryption key is practical.
Skipjack, on the other hand, is an asymmetric encryption method. Asymmetric encryption, also known as public-key encryption, encrypts messages with two pairs of keys.
Each user of a public-key system has a private, or secret, key known only to that user and a published, public key.
To send an encrypted message to someone, you would encrypt the message with your private and his public key; the recipient would use his private and your public key to decrypt.
Exchanging keys requires a public-key infrastructure for the dissemination of keys.Hey, I know you
Asymmetric encryption standards such as the Digital Signature Algorithm and the public-domain RSA are approved for use by NIST as digital signature systems because they can establish the identity of a sender through his or her public key.
AES will add some dearly needed encryption muscle to the government's data security arsenal in a form that will undoubtedly find favor among software developers.
Part of its likely popularity will be because AES is theoretically exportable. AES differs from current encryption standards in that it is based on an algorithm developed overseas, called Rijndael (pronounced rain doll or rhine dahl, according to the FIPS document).
The Bureau of Export Administration heavily regulates the export of U.S. encryption software, though it eased export restrictions on software last October with the most recent update to the bureau's policies.Sitting on the dock
Export restrictions on encryption technology have been a barrier to commercial software developers for two decades. U.S. software companies using encryption in their products had to ship dumbed-down versions with weaker security capabilities for export.
The PGP encryption standard'from Pretty Good Privacy Inc. of San Mateo, Calif.'became a rallying point for 'cypherpunks' protesting the laws as a restriction of free speech.
In fact, the restrictions on U.S. cryptographic products led to the success of overseas encryption software companies, such as Baltimore Technologies of Ireland, which were free to sell their products inside and outside the United States.
AES also offers stronger encryption than most current standards for encryption, as it supports encryption keys of 128, 192 and 256 bits in length, and encrypts data in blocks of 128 bits. The algorithm can be extended to encrypt in larger blocks and use larger keys in increments of 32 bits, but the current FIPS standard sets these three key lengths and the 128-bit block length.
Longer key length means a larger number of possible encryption keys, which lowers the likelihood of someone decrypting data by guessing the key or by trying all possible keys. With 128-bit keys, there are 3.4 x 1038 possible keys; there are 6.2 x 1057 possible 192-bit keys and 1.1 x 1077 possible 256-bit keys.Do the math
DES, because of its 56-bit encryption, has about 7.2 x 1016 possible keys, a relatively small number that makes its susceptible to the 'brute force' method of modern computing. So-called DES cracker machines can discover the key for a DES-encrypted file in a matter of hours.
By comparison, according to NIST, if a DES cracker succeeded in breaking DES in one second, it would take the same cracker software 149 trillion years to crack an AES-encrypted message. For practical purposes, AES is unbreakable through brute force attacks.
So for the foreseeable future, AES will remain a potent encryption tool. It took more than 20 years for DES to become vulnerable, and AES is expected to remain secure for much longer, particularly as hardware makes it possible for AES to encrypt larger blocks with larger keys.
But NIST will formally re-evaluate AES every five years and continue to monitor developments in code-breaking technology to determine if yet another encryption standard is required as a counter.
Only a few software developers have released AES-based encryption software so far, and it's doubtful that AES will displace public-key encryption for most Web and e-mail transactions.
For those applications, systems based on RSA encryption for sensitive data and Tessera or Clipper chip cards for more secure data are sure to remain as standards because they can encrypt data as well as verify identities.Kevin Jonah, a Maryland network manager, writes about computer technology.