a. The Advanced Encryption Standard (AES) is a symmetric block cipher used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

b. The origins of AES date back to 1997 when the National Institute of Standards and Technology (NIST) announced that it needed a successor to the aging Data Encryption Standard (DES) which was becoming vulnerable to brute-force attacks.

c. This new encryption algorithm would be unclassified and had to be capable of protecting sensitive government information well into the next century.

d. It was to be easy to implement in hardware and software as well as in restricted environments (for example, in a smart card) and offer good defences against various attack techniques.

e. The selection process to find this new encryption algorithm was fully open to public scrutiny and comment; this ensured a thorough, transparent analysis of the designs.

f. Fifteen competing designs were subject to preliminary analysis by the world cryptographic community including the National Security Agency (NSA).

g. In August 1999, NIST selected five algorithms for more extensive analysis. These were:

• MARS, submitted by a large team from IBM Research

• RC6, submitted by RSA Security

• Rijndael, submitted by two Belgian cryptographers, Joan Daemen and Vincent Rijmen

• Serpent, submitted by Ross Andersen, Eli Biham and Lars Knudsen

• Twofish, submitted by a large team of researchers including Counterpane's respected cryptographer Bruce Schneier

h. Implementations of all of the above were tested extensively in ANSI, C and Java languages for speed and reliability in encryption and decryption, key and algorithm setup time, and resistance to various attacks both in hardware- and software- centric systems.

i. Members of the global cryptographic community conducted detailed analyses. After much enthusiastic feedback, debate and analysis, the Rijndael cipher was selected as the proposed algorithm for AES in October 2000 and was published by NIST as U.S. FIPS PUB 197.

j. The Advanced Encryption Standard became effective as a federal government standard in 2002. It is also included in the ISO/IEC 18033-3 standard which specifies block ciphers for the purpose of data confidentiality.

k. In June 2003, the U.S. government announced that AES could be used to protect classified information, and it soon became the default encryption algorithm for protecting classified information as well as the first publicly accessible and open cipher approved by the NSA for top-secret information.

l. Its successful use by the U.S. government led to widespread use in the private sector leading AES to become the most popular algorithm used in symmetric key cryptography.

m. The transparent selection process helped create a high level of confidence in AES among security and cryptography experts.

n. AES is more secure than its predecessors DES and 3DES as the algorithm is stronger and uses longer key lengths. It also enables faster encryption than DES and 3DES.

o. AES comprises three block ciphers AES-128, AES-192 and AES-256.

p. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128, 192 and 256 bits respectively.

q. Symmetric or secret-key ciphers use the same key for encrypting and decrypting, so both the sender and the receiver must know and use the same secret key.

r. All key lengths are deemed sufficient to protect classified information up to the "Secret" level with "Top Secret" information requiring either 192 or 256 bit key lengths.

s. There are 10 rounds for 128 bit keys, 12 rounds for 192 bit keys, and 14 rounds for 256 bit keys -- a round consists of several processing steps that include substitution, transposition and mixing of the input plaintextand transform it into the final output of cipher text.

t. As a cipher, AES has proven reliable. The only successful attacks against it have been side-channel attacks on weaknesses found in the implementation or key management of certain AES-based encryption products.