Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

NIST usually doesn't standardize algorithms just because. Which is reasonable, because having more algorithms doing the same thing only creates confusion and more sources for error. New algorithms should only be introduced when they serve a need or when the existing algorithms have weaknesses. The likely next algorithm standardization process NIST is going to start is about Post Quantum cryptography. However NIST has lost a bit of its relevance with the IETF taking over after questions about NSA influence over NIST.

Btw, there is no requirement for NIST algs to be US-based. E.g. AES was developed in Belgium.



Belgium is an America loving country though, like all of western Europe as far as I know, and Americans usually quite aware who the friends and 'terrorists' are. I wonder if AES had been from, I don't know, Kenya or Kazakhstan or Bolivia, if it had had much chance at all (though I'm not up to date on the exact America-sentiment in each of those countries, we hardly hear about them in Western news).


Rijndael, the Belgian cipher in question, famously won a very well-regarded cryptographic contest to obtain its role as AES. "Belgium" has nothing to do with it.


I know it was a Belgian cryptographer, not Belgium the state. I still think the country has makes a difference in how people regard an entry for the contest.


Cryptographic algorithm competitions are more rigorous than beer competitions.


Of course, but do you think an algorithm from a state that most Americans see as "behind" or even a "terrorist state" has a perfectly equal chance of winning? The judges might even explicitly try to give each an equal chance but at least subconsciously, I would expect there to be some bias.


You can read about the AES process here with many detailed references you can follow up on.

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard_p...

The submitters were not countries but (typically groups of) practitioners. Only one proposal was made by a group consisting entirely of Americans and it did not win. Like all such processes, I'm sure this particular one was imperfect and could be made better. You're making it sound like the judging of an Olympic Ice Dancing event, though, and I think all available evidence suggests that it wasn't.


AES beat out American ciphers from the likes of Bruce Schneier and David Wagner.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: