AES Is Ready to Assume Crypto Lead | eWeek

AES Is Ready to Assume Crypto Lead

Écrit par
Dennis Fisher
Dennis Fisher
Apr 30, 2001
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

The Advanced Encryption Standard is still more than two months away from government approval, but some vendors and cryptographers are already pouring over the spec, calling attention to its promise as well as its pitfalls.

While some tout AES as a breakthrough that will make encryption-dependent software and hardware faster and more practical for enterprise users, others are picking it apart for holes.

Rijndael (pronounced “Rhine-doll”), the algorithm chosen by the National Institute of Standards and Technology as the AES standard, will replace the current standard, DES (Data Encryption Standard). Developed by two Belgian cryptographers, Rijndael was selected by NIST as a proposed standard last fall. It then went into a public comment period.

The public comment period for AES will close May 29, at which time any necessary modifications will be made to the algorithm. AES should then become an approved federal standard a month or two later. So far, the dozen or so comments that NIST has received have been quite positive, said Jim Foti, a mathematician working on the AES project at NIST, in Washington.

AES promises more speed and security than its predecessor, and vendors such as Check Point Software Technologies Ltd. plan to be among the first to market with AES-based products. Check Point, of Redwood City, Calif., plans to unveil its Next Generation line of firewalls and VPNs (virtual private networks) this quarter.

Cisco Systems Inc. is also due to roll out AES-based products within the next few months. Cisco, of San Jose, Calif., plans to include the algorithm in its VPN and firewall hardware when AES chips are available.

The thing AES doesnt have, critics point out, is a track record. Because it is only a few years old, AES hasnt undergone the number and variety of attacks that the 25-year-old DES and its cousin, Triple DES, have.

Nevertheless, AES is turning heads. Check Points early testing shows that software using AES encryption is as much as 300 percent faster than the same program using Triple DES. This performance gain outweighs any possible security concerns, company executives and users said.

“My main concerns would be the speed and whether I can export it,” said Larry Jones, principal computer scientist at Computer Sciences Corp., in El Segundo, Calif., and a user of Ciscos VPN and firewall products as well as Check Points Firewall-1. “If its faster [than Triple DES], Im interested, but the security of Triple DES is still solid.”

The export standards for AES will be the same as those for Triple DES.

For its part, Triple DES will still be a valid standard even after AES is approved, making application development and implementation that much more complex. Some in the cryptography community said they believe that Triple DES will still be a solid choice.

“Triple DES is much more well-studied,” said Bruce Schneier, founder and chief technology officer of Counterpane Internet Security Inc., in San Jose, and author of the Blowfish and Twofish crypto algorithms.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.