September 18-20, 2024 | DoubleTree by Hilton, San Jose, California

NIST’s Crypto Publications Review: Lessons Learned from Reviewing AES and the NIST-Recommended Modes of Operation (G13a)

01 Sep 2021
15:30-16:00

NIST’s Crypto Publications Review: Lessons Learned from Reviewing AES and the NIST-Recommended Modes of Operation (G13a)

As outlined in NISTIR 7977, NIST commits itself to the periodic review and maintenance of its cryptographic standards and guidelines. In this context, NIST has established the Crypto Publication Review Board to identify publications to be reviewed. The Advanced Encryption Standards (AES) block cipher, standardized as Federal Information Processing Standard (FIPS) 197, is the first standard that was subjected to the review process. As the AES is used within a block cipher mode of operation, the NIST-recommended modes of operation (NIST SP 800-38 Series) were identified as the logical next target of the review process. The review presents an opportunity retrospectively examine the development of the AES and the NIST-recommended modes of operation, with a focus on technical properties that are likely to be much better understood in the years after the standards have been finalized. Already during the AES competition, the focus was not just on theoretical security properties but also on the ability to withstand attacks on cryptographic modules, including techniques to extract the secret key through side channels such as the time taken to perform a computation. In this presentation, we explain the methodology of the review process, discuss some potential weaknesses that were identified, and explore their practical impact on cryptographic modules.