This time for sure! [Crypto: DES is dead. AES is good enough]

May 23, 2005 14:59

Following up on my livejournal post from almost a year ago, via CryptoMe, the Department of commerce has finally announced in the Federal Register the
Approval of the Withdrawal of Federal Information
Processing Standard (FIPS) 46-3, Data Encryption Standard (DES); FIPS
74, Guidelines for Implementing and Using the NBS Data Encryption
Standard; and FIPS 81, DES Modes of Operation
(also available in pdf.)

Just another reminder that you really don't want to be using a crypto system that John Gilmore can break :-)

"Federal government organizations are now encouraged to use FIPS 197, Advanced
Encryption Standard (AES), which was approved for Federal government use in November 2001. FIPS 197 specifies a faster and stronger algorithm than the DES for encryption. For some applications, Federal government departments and agencies may use the Triple Data Encryption Algorithm to provide cryptographic protection for their information."

Also,

"Although both AES and three-key TDES are considered adequate for the protection of Federal government information for many years, TDES is less efficient and is slightly less secure than AES. In order to encourage the use of AES over TDES, AES has been published as a Standard (FIPS 197), whereas TDES was published as a NIST Recommendation (Special Publication 800-67)."

crypto

Previous post Next post
Up