KINDLY PLEASE JUST ANSWER FROM THE TUTOR VIEW POINT IF
POSSIBLE
1)
The National Institute of Standards and Technology (NIST)
created a procedure to select a symmetric-key encryption algorithm to protect sensitive
federal information. The Advanced Encryption Standard (AES) is a standard used
by the U.S. government. It was announced by NIST after 5 years of a
standardization process, in which many designs were evaluated before the
solution was selected.
- Based
on your understanding of how AES was chosen, what is your opinion of the
criteria used?
In September 1997, in which researchers from twelve
different countries submitted encryption algorithms. Fifteen candidate formulas
chosen by NIST in August 1998 were "attacked" for vulnerabilities and
intensely evaluated by the worldwide cryptographic community to ensure that
they met the AES criteria. After the field was narrowed down to five in April
1999, NIST asked for intensified attacks and scrutiny on the finalists.
Evaluations of the encoding formulas examined factors such as security, speed,
and versatility(Security, 2001).
The criteria used were very intensive use. The attacks that
were used were necessary to make sure it can withstand most attacks. The evaluation
factors like security, speed, and versatility were needed to make sure that it
could withstand. The criteria were needed. It made it possible to find out if
it had any vulnerabilities if was it able to manage and work quickly and is it
versatile. All these things are important.
- Why do
you think these criteria were important?
They are important because it needs to be secure, with fast
speed, and have versatility. When a company needs an encryption algorithm that
will protect their sensitive information, they need to know that speed,
security, and versatility are well-tested and approved.
- What
do you think about the effectiveness and ease of use of AES?
I use Wi-Fi, I am sometimes on Facebook, and I have files
that are private. These are my confidential information. AES replaced DES by
the NIST in 2002 because DES was outdated. Because it was chosen, it is a safe
and secure algorithm to use until it is not secure. There is always someone
trying to find a way to hack into a company’s or a person’s secure messages.
They get more advanced each day. DES was secure until it was not because as
time went on DES showed that it was vulnerable to being cracked within 22
hours. The key length was only fifty-six bits. The only way to stay secure is
to always upgrade and keep adding security on top of security and trying to
stay ahead of hackers. Cover all vulnerable points in any algorithm and use AES
correctly.
References
Security, C. S. (2001, December 4).Commerce
Secretary Announces New Standard for Global Information Security. Retrieved
from NIST: www.nist.gov
2)
AES from my understanding has very few
cons. The government uses AESto replace DES because the attacks are less
likelybecause of the larger key size.The 128-bit and 256-bit are
both strong andless likely to have an attack because of the strong
keyschedule. I’m sure that all mathematical operations have been
attempted to engagea number ofrounds, but the AES algorithm is
fartoocomplex to crack.
The criteria are important because of the security involved.
For example, if government agencies were compromised by exposing sensitive
information, this could impact security, DOD, Homeland Security, etc. AES has
very few cons and implementing this feature in all databases is a no brainer.
According to IBM.com, “A data breach in the US costs over twice the global
average”. Proof is in numbers, and the numbers suggest that AES seems to be the
best when it comes to security.