Selection of Future Cryptographic Standards
draft-mcgrew-standby-cipher-00

Document Type Expired Internet-Draft (individual)
Last updated 2013-07-29 (latest revision 2013-01-25)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-mcgrew-standby-cipher-00.txt

Abstract

The Advanced Encryption Standard (AES) is extensively used and is widely believed to provide security that is more than adequate. Several other cipher designs have been proposed for use in standards, and new designs continue to be developed, while consideration of cost and complexity impels that the number of mandatory-to-implement ciphers be minimized. This note outlines an approach to the selection of cryptographic algorithms that best serves the needs of the users of cryptography: AES should continue in its role as the mandatory-to-implement cipher, while other cipher designs should be reviewed with the goal of selecting a single standby cipher. If future advances in the science of cryptanalysis uncover security issues with the AES, the standby cipher will be ready for adoption as its replacement.

Authors

David McGrew (mcgrew@cisco.com)
Anthony Grieco (agrieco@cisco.com)
Yaron Sheffer (yaronf.ietf@gmail.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)