NET NEWS: Race to Pick a Better Cipher

See allHide authors and affiliations

Science  04 Sep 1998:
Vol. 281, Issue 5382, pp. 1411
DOI: 10.1126/science.281.5382.1411c

Last month, 15 teams of cryptographers began a unique and unprecedented contest: Their proposed codes are vying to become the U.S. government's new standard for encoding sensitive data. Like the current Data Encryption Standard (DES), the winner of the competition—run by the National Institute of Standards and Technology (NIST)–will likely become the de facto standard for all sorts of commercial applications as well, from automatic teller machines to video phones.

The need to replace DES became more apparent in July, when a group of cryptologists cracked a DES-encoded message in just 3 days. Their computer, called “Deep Crack,” picked the DES lock by brute force, trying combinations until it found one that worked. Each “combination” is a random string, or key, of 56 bits. Though the feat made headlines, it was scarcely news to cryptologists, who have argued for years that 56-bit keys are too short. In fact, the secret message decoded by Deep Crack read: “It's time for those 128-, 192-, and 256-bit keys.”

NIST asked for proposals to create a new Advanced Encryption Standard last year and announced the 15 candidates from around the world last month. The entrants include IBM, which developed DES in 1977, and RSA Labs, which sponsored the decryption contest in July. Each group has made its algorithm available on the Web so that other cryptanalysts can look for weaknesses ( (Indeed, at least one has already been cracked.) NIST will also judge the schemes on speed and adaptability to different platforms. Though the field will be narrowed to five candidates in 1999, just how NIST will determine a winner is still uncertain. “The world has never picked an encryption standard from a multiplicity of choices,” says Bruce Schneier, president of Counterpane Systems, one of the entrants. “We're learning as we go.”

Navigate This Article