crypto systems

Crypto systems
Information on Cryptographic Standards


 
FIPS-approved Algorithms
 
Currently, there exist three (3) FIPS-approved* encryption algorithms: AES, Triple DES, and Skipjack.
AES FIPS 197, Advanced Encryption Standard (AES), November 2001.
 

NIST is pleased to announce the approval of FIPS 197 Advance Encryption Standard which specifies the Rijndael encryption algorithm as a FIPS-approved symmetric encryption algorithm that may be used by U.S. Government organizations (and others) to protect sensitive information.

Federal agencies should also see OMB guidance.

Complete information on the AES development effort is available at the AES home page. Please note that these pages are included for historical reference only. As these pages refer to a development effort, they may contain errors. Refer to FIPS 197 for the actual specification of AES.
Triple DES NIST has completed Special Publication 800-67, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher. NIST SP 800-67 specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). This recommendation precisely defines the mathematical steps required to cryptographically protect data using TDEA and to subsequently process such protected data. When implemented in an SP 800-38 series-compliant mode of operation and in a FIPS 140-2 compliant cryptographic module, TDEA may be used by Federal organizations to protect sensitive unclassified data.

FIPS 46-3, Data Encryption Standard (DES), October 1999, the former specification for Triple DES, has been withdrawn.
Skipjack The declassified Skipjack algorithm was originally referenced in FIPS 185, Escrowed Encryption Standard (EES), February 1994.

NIST is providing a clarification regarding byte ordering to the specification for Skipjack.
FIPS 81, DES Modes of Operation, December 1980.

Skipjack may use any of the four (4) DES modes of operation (ECB, CBC, CFB, OFB) specified in FIPS 81. Also see Modes of Operation.
DES FIPS 46-3, Data Encryption Standard (DES), October 1999.

On May 19, 2005 FIPS 46-3 was withdrawn is is no longer approved for Federal use.

 
Testing/Products
 
Testing requirements and validation lists are available for AES, Triple DES, and Skipjack implementations.
 

 
Additional Information
 
Details on the security of DES and the migration from DES to Triple DES are discussed in FIPS 46-3.
 

 
Future Plans
 
Modes of Operation for the FIPS-approved encryption algorithms are available on the Modes of Operation page.

A draft of the AES Key Wrap specification is available on the Key Management page.
 

 

* NIST cryptographic standards are specified in Federal Information Processing Standards (FIPS) Publications. The term "FIPS-approved" indicates something (e.g., a cryptographic algorithm) that is either a) specified in a FIPS or b) adopted in a FIPS and specified either in an appendix to the FIPS or in a document referenced by the FIPS.