May 23rd, 2005

classic beard

This time for sure! [Crypto: DES is dead. AES is good enough]

Following up on my livejournal post from almost a year ago, via CryptoMe, the Department of commerce has finally announced in the Federal Register the
Approval of the Withdrawal of Federal Information
Processing Standard (FIPS) 46-3, Data Encryption Standard (DES); FIPS
74, Guidelines for Implementing and Using the NBS Data Encryption
Standard; and FIPS 81, DES Modes of Operation
(also available in pdf.)

Just another reminder that you really don't want to be using a crypto system that John Gilmore can break :-)

"Federal government organizations are now encouraged to use FIPS 197, Advanced
Encryption Standard (AES), which was approved for Federal government use in November 2001. FIPS 197 specifies a faster and stronger algorithm than the DES for encryption. For some applications, Federal government departments and agencies may use the Triple Data Encryption Algorithm to provide cryptographic protection for their information."

Also,

"Although both AES and three-key TDES are considered adequate for the protection of Federal government information for many years, TDES is less efficient and is slightly less secure than AES. In order to encourage the use of AES over TDES, AES has been published as a Standard (FIPS 197), whereas TDES was published as a NIST Recommendation (Special Publication 800-67)."
  • Current Mood
    pleased pleased
  • Tags