Rijndael gets first commercial backing

Belgian mathematicians set the standard for future computer security

A new international standard for securing digital information was announced Monday and shortly afterwards received its first commerical endorsement from Irish computer security specialists Baltimore.

A Belgian cipher, or mathematical problem, called Rijndael after its creators Vincent Rijmen and Joan Daemen from the Katholieke Universiteit Leuven, was chosen Monday to be the fundamental building block for the next generation of cryptographic technologies.

The US commerce department's National Institute of Standards and Technology (NIST) chose Rijndael from hundreds of entries to a competition announced in January 1997 as the new symmetric mathematical problem on which to base the new Advanced Encryption Standard (AES). This will replace the current Data Encryption Standard (DES), because this is now considered vulnerable to attack due to the limited complexity of the underlying mathematical problem.

Shortly after the winner of the AES contest was revealed Rijndael gained commercial recognition when Baltimore Technologies, which provides commercial security solutions using encryption, announced that all of its products will use the algorithm. The first will be available next week.

Mathematical problems are fundamental to the modern use of encryption because they enable two parties to communicate in private without exchanging keys by employing mathematically linked "public" and "private" keys. It is therefore vital to the security of any cryptosystem that the underlying mathematical algorithm is robust. For an encryption standard to be acceptable to companies and ordinary computer users, it is also important that the central algorithm is efficient and can be calculated quickly using minimal processing power.

AES will be used to establish new standards for conducting Internet commerce transaction and exchanging critical information securely and privately. The three and a half years of testing by NIST have, therefore, been important to establishing faith in the new standard.

"The thorough testing process for the AES should increase public confidence and eliminate suspicion of trapdoors or hidden weaknesses in the Rijndael algorithm," said Baltimore Technologies' senior cryptographer William Whyte. "This will help not only interoperability, but the credibility of cryptography as a whole."

The other shortlisted algorithms for AES were called MARS, RC6, Serpent, and Twofish.

Take me to Surveillance

What do you think? Tell the Mailroom. And read what others have said.