In October 2003, NIST's Cryptographic Module Validation Program (CMVP) reached a significant milestone by issuing the 100th Advanced Encryption Standard (AES) Algorithm Validation Certificate for hardware implementation of AES named 7814-W. This is an intelligent packet-processing chip that implements AES, Triple DES, integrated public key cryptography, and compression. 7814-W implements the Electronic Codebook and the Cipher Block Chaining modes of operation for both encryption and decryption, and supports key sizes 128 bit, 192 bit, and 256 bit.

Federal Information Processing Standard (FIPS) 197, Advanced Encryption Standard, describes the AES algorithm as a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. The AES is capable of using cryptographic keys of 128 bit, 192 bit, and 256 bit to encrypt and decrypt data in blocks of 128 bits. Since November 2001, AES has been the FlPS-approved symmetric encryption algorithm of choice.

The AES validation test suite consists of the Known Answer Tests (KATs), the Multi-block Message Test (MMT), and the Monte Carlo Test (MCT). The KATs are designed to provide conformance testing for the individual components of the AES algorithm. The MMT is designed to test the ability of the implementation to process multiblock messages, which require the chaining of information from one block to the next. The MCT is designed to exercise the entire implementation of the AES, as opposed to testing only the individual components. The AES validation test suite tests the Modes of Operation ECB, CBC, OFB, CFB (1 bit, 8 bit, and 128 bit), and CTR. For each mode implemented, selections are available for key sizes (128 bit, 192 bit, 256 bit) supported as well as the ciphering direction (i.e., encryption and decryption).

Successful completion of the AES validation tests is required to claim conformance to the AES as specified in FIPS 197. When applied to implementations under test (IUTs), the validation tests determine the correctness of the algorithm implementation. In addition to ascertaining conformance, the tests detect implementation flaws including pointer problems, insufficient allocation of space, improper error handling, and incorrect behavior of the AES algorithm implementation.

The AES validation test suite is part of NIST's CMVP, which encompasses validation testing for cryptographic modules and algorithms. Other cryptographic algorithms currently validated by the CMVP are the Data Encryption Standard (DES), the Triple Data Encryption Standard (TDES), the Digital Signature Algorithm (DSA), the secure Hash Algorithm (SHA-I), and the Random Number Generator algorithm (RNG). In the near future, the Reversible Digital Signature Algorithm (rDSA), the Elliptic Curve Digital Signature Algorithm (ECDSA), SHA-256, SHA-384, and SHA-512, and HMAC validation suites also will be available.

The CMVP uses laboratories accredited by NIST's National Voluntary Laboratory Accreditation Program to test cryptographic products that conform to FIPS. A vendor contracts with an accredited laboratory to perform the tests. When testing is completed, the laboratory submits the results to NIST for validation. If the vendor's implementation of the specific algorithm successfully passes the tests, NIST issues a validation certificate to the vendor. The Web site is csrc.nist.gov/cryptval.

CONTACT: Sharon Keller, (301)975-2910; [email protected].