How Belgium and a Rainy Doll Secured The World

We live in a world which is driven by standards, but who is the one that actually defines the standard? The NSA? No! Governments of the world? No!! The EU? No!!! The IEEE? Yes. Maybe! The IETF? Yes. Maybe!

Well, NIST is one of the most trusted standards agencies in the world, and they had a dream which would build a more security (and more compatible) world. So around the turn of the millennium there was a real lack of compatibility in the encryption of data using symmetric key encryption. The industry was pushing a whole lot of methods: DES, 3-DES, RC5, CAST, TWOFISH, SERPENT, and many more. Some were under licence, and where their usage was restricted, while others were free.

But which was best? Which was the fastest? And, most importantly, which was the most secure? The symmetric method is the core of security, and any flaws would lead to a large-scale lack of trust, especially as we move into cloud-based systems.

So NIST created the race for AES (Advanced Encryption Standard). It would be a prize that the best in the industry would join, and the winner would virtually provide the core of the industry.

So, in 1997, NIST announced the open challenge for a block cipher that could support 128-bit, 192-bit and 256-bit encryption keys. The key evaluation factors were: