As a part of the periodic review of NIST’s cryptographic standards and guidelines, NIST's Crypto Publication Review Board ("Review Board") announced the review of Federal Information Processing Standards Publication (FIPS) 197, The Advanced Encryption Standard (AES) in May 2021.
NIST proposes to update FIPS 197. An update of a publication is appropriate when it only requires changes to correct errors or clarify its interpretation, and no changes are made to technical content. The proposed changes to FIPS 197 are summarized in the sections below.
A public comment period for the draft FIPS 197 update is open through February 13, 2023. Public comments on the decision to update the FIPS, or on the draft update itself, may be submitted to cryptopubreviewboard@nist.gov, with “Comments on Draft FIPS 197 Update” in the subject line. Comments received in response to this request will be posted on the Crypto Publication Review Project site after the due date. Submitters’ names and affiliations (when provided) will be included, while contact information will be removed. See the project site for additional information about the review process.
The version history is summarized in Appendix D of the draft update of FIPS 197. The draft update includes extensive editorial improvements to the version that was published in November 2001, including the following:
In May 2021, the Review Board requested initial public comments for the review of FIPS 197 (released 2001). In June 2021, the public comments were posted. The public comment to include a reference to NIST Special Publication (SP) 800-133 Rev. 2, Recommendation for Cryptographic Key Generation was accepted in the updated draft.
The other two public comments include a variety of observations and suggestions for the appropriate properties for a block cipher and its modes of operation. In particular, both comments request that NIST standardize an alternative block cipher with a larger block size. Neither comment recommends any changes to FIPS 197 itself.
Published in July 2021, NIST Internal Report (NISTIR) 8319, Review of the Advanced Encryption Standard documented the main considerations in the review of FIPS 197.
There are two elements to the decision to update a publication: 1) editorial revision is appropriate, and 2) technical revision is not necessary. In the case of FIPS 197, several potential clarifications are recommended in Section 3.5 of NISTIR 8319, and NIST identified a variety of other editorial improvements.
The technical content is the specification of a family of three block ciphers: AES-128, AES-192, and AES-256, where the numerical suffix indicates the bit length of the key. Since AES is adopted widely, the main question for the review is whether the specified block cipher family is sufficiently secure. The following is a summary of the security assessment: