NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Block Ciphers

Approved Algorithms

Currently, there exist three (3) Approved* encryption algorithms: AES, Triple DES, and Skipjack.

Advanced Encryption Standard (AES)

FIPS 197, Advanced Encryption Standard (AES), November 2001.

NIST is pleased to announce the approval of FIPS 197 Advance Encryption Standard which specifies the Rijndael encryption algorithm as a FIPS-approved symmetric encryption algorithm that may be used by U.S. Government organizations (and others) to protect sensitive information.

Federal agencies should also see OMB guidance.

Additional information regarding the use of AES can be found in CNSS Policy No. 15, Fact Sheet No. 1 National Policy on the Use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information, June 2003.

Complete information on the AES development effort is available at the AES home page. Please note that these pages are included for historical reference only. As these pages refer to a development effort, they may contain errors. Refer to FIPS 197 for the actual specification of AES.

Triple DES

NIST has completed Special Publication 800-67, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher. NIST SP 800-67 specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). This recommendation precisely defines the mathematical steps required to cryptographically protect data using TDEA and to subsequently process such protected data. When implemented in an SP 800-38 series-compliant mode of operation and in a FIPS 140-2 compliant cryptographic module, TDEA may be used by Federal organizations to protect sensitive unclassified data.

FIPS 46-3, Data Encryption Standard (DES), October 1999, the former specification for Triple DES, has been withdrawn.

Skipjack

The declassified Skipjack algorithm was originally referenced in FIPS 185, Escrowed Encryption Standard (EES), February 1994.

NIST is providing a clarification regarding byte ordering to the specification for Skipjack.

http://www.itl.nist.gov/fipspubs/fip81.htm

FIPS 81, DES Modes of Operation, December 1980.

Skipjack may use any of the four (4) DES modes of operation (ECB, CBC, CFB, OFB) specified in FIPS 81. Also see the Block Cipher Modes Section.

Data Encryption Standard (DES)

FIPS 46-3, Data Encryption Standard (DES), October 1999.

On May 19, 2005 FIPS 46-3 was withdrawn is is no longer approved for Federal use.

Back to Top

Testing Products

Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).

Back to Top

Additional Information

Details on the security of DES and the migration from DES to Triple DES are discussed in FIPS 46-3.

Back to Top

Future Plans

Modes of Operation for the FIPS-approved encryption algorithms are available on the Modes of Operation page.

A draft of the AES Key Wrap specification is available on the Key Management page.

Note: An algorithm or technique that is either specified in a FIPS or NIST Recommendation.