University of Virginia, Department of Computer Science
CS551: Security and Privacy on the Internet, Fall 2000

Manifest: Monday 2 October 2000

Assignments Due
4 OctoberFull Project Proposal
11 OctoberProblem Set 3

Today: Guest lecture by Paco Hope, from Chain Mail, Inc.

Readings

Before 4 October: Stallings, 12.1, 14.2, 14.3.

Before 9 October:

Why did NIST select Rijndael to propose for the AES?

When considered together, Rijndael's combination of security, performance, efficiency, ease of implementation and flexibility make it an appropriate selection for the AES.

Specifically, Rijndael appears to be consistently a very good performer in both hardware and software across a wide range of computing environments regardless of its use in feedback or non-feedback modes. Its key setup time is excellent, and its key agility is good. Rijndael's very low memory requirements make it very well suited for restricted-space environments, in which it also demonstrates excellent performance. Rijndael's operations are among the easiest to defend against power and timing attacks.

Additionally, it appears that some defense can be provided against such attacks without significantly impacting Rijndael's performance. Rijndael is designed with some flexibility in terms of block and key sizes, and the algorithm can accommodate alterations in the number of rounds, although these features would require further study and are not being considered at this time. Finally, Rijndael's internal round structure appears to have good potential to benefit from instruction-level parallelism.

From ADVANCED ENCRYPTION STANDARD (AES) Questions and Answers


CS 655 University of Virginia
Department of Computer Science
CS 551: Security and Privacy on the Internet
David Evans
evans@virginia.edu