AES for GnuPG, on Mon Oct 2?

Michael H. Warfield mhw@wittsend.com
Sun, 1 Oct 2000 16:10:40 -0400


On Sun, Oct 01, 2000 at 12:24:22PM -0700, Dale Harris wrote:

> On Sat, Sep 30, 2000 at 08:36:10PM -0700, Mark Atwood elucidated:
> > The National Institute of Standards and Technology (NIST) will
> > announce the winner of the Advanced Encryption Standard competition on
> > Oct. 2 at 11:00 am EST.

> > http://csrc.nist.gov/encryption/aes/

> > When will GPG incorporate the AES? I see in the OpenPGP that there are
> > slots reserved for the AES. What would be cool is if someone has
> > written "AES modules" for all 4 of the finalists, so that there can be
> > a GnuPG 1.0.4 release on Monday at 11:01 am EST.

> Personally, I think we'd have to see what the NIST chooses. If they pick
> something that is patented, then I would think that it would be prudent for
> GnuPG to ignore it, or have optional support. However if it was something
> that is open and freely available for use, then I'd think that GPG would
> support it, as long as it was deemed secure, and free of any backdoors.
One of the stipulations of the AES competition was that the algorithm must be free of encumberances. That being said, apparently Hitachi chimed in on at least one of the round two candidates claiming that it was covered under one of their patents. IMHO... That was the kiss of death. We do not have to wait for NIST to be prepared. Someone has already suggested that the final candidates could be ready for inclusion within moments of the announcement. There were only 5 round two candidates. We also have some "hints" as to what the announcement is going to be (although it is a bit of conjecture). Attached below is the relevant message from coderpunks. Take it for what it's worth.
> Dale
-- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! ===== Begin Attached Message =====
> From coderpunks-errors@toad.com Sat Sep 30 17:22:55 2000
To: cypherpunks@openpgp.net, cryptography@c2.net, coderpunks@toad.com Subject: Re: AES winner to be announced Monday. Message-ID: <9a9074440a285dfd0fb89d90d50c91e4@dizum.com> Date: Sat, 30 Sep 2000 21:50:04 +0200 (CEST) Sender: owner-coderpunks@toad.com On Fri, 29 Sep 2000 14:38:30 -0400, "Trei, Peter" <ptrei@rsasecurity.com> wrote:
> I can't get the web page myself, but the appended message
> is in sci.crypt today:
>
> Peter Trei
> ------------------------
> From: Jim Gillogly <jim@acm.org>
> 1:03 PM
>
> Subject: Re: Deadline for AES...
>
> Tim Tyler wrote:
> > No official announcement of the date has been posted yet on
> > http://csrc.nist.gov/encryption/aes/
>
> The new notice just went up at this site: announcement to be made
> 2 Oct with simultaneous webcast. They (explicitly) won't say yet
> how many algorithms have been chosen as the AES. There's no mention
> of new versions of SHA-* with appropriately longer hashes.
> --
> Jim Gillogly
> Sterday, 8 Winterfilth S.R. 2000, 17:00
> 12.19.7.10.12, 8 Eb 15 Chen, Fifth Lord of Night
Though NIST is being very secretive regarding the AES announcement, they let the following rumors leak: 1. There is a single winner. 2. It is not an American design. If so, this rules out MARS, RC6, and Twofish. But now comes the third rumor: 3. The winner is not covered by any patent or patent claim identified or disclosed to NIST by interested parties. Assuming this is true, there is only one algorithm that is not explicitly mentioned in Hitachi's claim: Rijndael.