A new encryption mode joins 16 others Tuesday for consideration by the
National Institute of Standards and Technology (NIST) as a security mode
using the advanced encryption standard (AES).
RSA Security, Inc.
MacFergus BV teamed up to create Counter with CBC (cipher block chaining)
MAC (message authentication code), a packet technology that puts
authentication and encryption in a single key.
The 17 AES proposals under consideration are the next step in crypto
evolution first started with the public key system introduced by Whitfield
Diffie, Marty Hellman and Ralph Merkle back in the 1970s.
AES is a block cipher algorithm developed on a mathematic formula — called
Rijndael after its creators, Belgian cryptographers Joan Daemen and Vincent
Rijmen — and selected by the U.S. government as the next generation in
data protection protocols.
The technology standard has been very popular in the private sector, creating a
rush for standards using AES in niche market security. The 17 security
modes have been created in little under two years since the NIST’s approval
of the standard.
Like the Diffie-Hellman public key, which drew the ire the National
Security Agency (NSA), Hifn is touting CCM’s availability to the masses.
“The decision of making CCM freely available in the public domain will
greatly enhance its value to the security community; if adopted by NIST it
can be deployed very quickly, without the constraints of patented
products,” said Dr. Doug Whiting, Hifn chief scientist and co-author of the
Normally, encryption and authentication are handled using different
algorithms, making a single-key solution unwieldy and boosting the size of
data packets sent over the network. CCM authenticates the packet header
and packet, but only encrypts the packet contents, using a 128-bit block
Russ Housley, RSA Security senior consulting architect, said any technology
that can simplify the security process is a boon.
“Cryptographic key management is one of the most difficult aspects of a
security solution, so any simplification is a real contribution,” he said.
The benefits to CCM go beyond the pale of techno-geek advances; because the
technology uses only one key, it’s easier to implement and data packets are
essentially reduced in size. That’s important to the burgeoning wireless
data industry, which has been looking for a legitimate security standard
Simplifying the process, and reducing the size of a packet, is especially
useful for wireless telecommunications. According to Hifn officials, IEEE
802 is planning to use CCM to provide the security for wireless LANs
(WLANs) and home networking.
Wireless has been on the mind of NIST officials for some
time. Understanding the inherent risk of unsecure wireless networks ripe
for the picking using such easy-to-install programs like NetStumbler, the
agency put out a call in July asking for recommendations to counter
unauthorized users hacking into a wireless network, to include airborne
“The relative immaturity of the technology coupled with poor security
standards, flawed implementations, limited user awareness and lax security
and administrative practices is an especially challenging combination,” the
The NIST asked for recommendations at the same time it warned network
administrators to test the built-in security measures found in Bluetooth
and 802.11 standards, to include the data link level encryption and