NIST plans

140 views
Skip to first unread message

Dworkin, Morris J. (Fed)

unread,
Aug 9, 2024, 3:43:19 PMAug 9
to 'Morris Dworkin' via ciphermodes-forum

On behalf of the NIST cipher modes team, I’d like to express my appreciation to the participants in the June cipher modes workshop and the folks who submitted written comments to us on our draft requirements for an accordion mode.  We are encouraged by the positive feedback.

 

For the development of the accordion mode(s), we intend to proceed along the lines of the “NIST-led collaboration” that was outlined at the workshop.  The next steps will be to finalize the draft requirements and to issue a “Request for Information” for design approaches, based on existing techniques, that would be suitable for adaptation to the requirements.

 

A related question is the development of a wide block cipher, as has been strongly recommended in public feedback at both the October and June cipher modes workshops.  One plausible option is for a version of Rijndael with 256-bit blocks and 256-bit keys, because 1) hardware acceleration for the AES round function could support it, and 2) we expect that this is simplest and quickest path forward.  The main technical questions are whether to revise the key schedule and, more generally, whether additional security vetting is necessary.  We would welcome feedback on these questions from the cipher modes forum. Subject to that feedback and our own analysis, the next step would be to issue a more formal announcement of a plan for public comment.

Reply all
Reply to author
Forward
0 new messages