Milestone-Proposal talk:Advanced Encryption Standard (AES)

From IEEE Milestones Wiki

Advocates and reviewers will post their comments below. In addition, any IEEE member can sign in with their ETHW login (different from IEEE Single Sign On) and comment on the milestone proposal's accuracy or completeness as a form of public review.

-- Administrator4 (talk) 20:04, 17 October 2023 (UTC)

Advocates’ Checklist

  1. Is proposal for an achievement rather than for a person? If the citation includes a person's name, have the proposers provided the required justification for inclusion of the person's name?
  2. Was proposed achievement a significant advance rather than an incremental improvement to an existing technology?
  3. Were there prior or contemporary achievements of a similar nature?
  4. Has the achievement truly led to a functioning, useful, or marketable technology?
  5. Is proposal adequately supported by significant references (minimum of five) such as patents, contemporary newspaper articles, journal articles, or citations to pages in scholarly books? At least one of the references from a peer-reviewed scholarly book or journal article. The full text of the material, not just the references, shall be present. If the supporting texts are copyright-encumbered and cannot be posted on the ETHW for intellectual property reasons, the proposers shall email a copy to the History Center so that it can be forwarded to the advocate. If the advocate does not consider the supporting references sufficient, the advocate may ask the proposer(s) for additional ones.
  6. Are the scholarly references sufficiently recent?
  7. Is proposed citation readable and understandable by the general public?
  8. Does the proposed plaque site fulfill the requirements? Is the address complete? Are the GPS coordinates correct and in decimal format?
  9. Is the proposal quality comparable to that of IEEE publications?
  10. Scientific and technical units correct? (e.g. km, mm, hertz, etc.) Are acronyms correct and properly upperercased or lowercased?
  11. Date formats correct as specified in Section 6 of Milestones Program Guidelines? https://ieeemilestones.ethw.org/Helpful_Hints_on_Citations,_Plaque_Locations
  12. It is the advocate's responsibility to confirm that the independent reviewers have no conflict of interest (e.g. worked for a company or a team involved in the achievement being proposed, published with the proposer(s), or had a project related to the achievement funded). An example of a way to do this would be searching reviewers' publications on IEEE Xplore.

Independent Expert Reviewers’ Checklist

  1. Is suggested wording of the Plaque Citation accurate?
  2. Is evidence presented in the proposal of sufficient substance and accuracy to support the Plaque Citation?
  3. Does proposed milestone represent a significant technical achievement?
  4. Were there similar or competing achievements? If so, have the proposers adequately described these and their relationship to the achievement being proposed?


In answering the questions above, the History Committee asks that independent expert reviewers apply a similar level of rigor to that used to peer-review an article, or evaluate a research proposal. Some elaboration is desirable. Of course the Committee would welcome any additional observations that you may have regarding this proposal.

Submission and Approval Log

Submitted date: 30 December 2023
Advocate approval date:
History Committee approval date:
Board of Directors approval date:

Comment to Proposers -- Tomohiro Hase (talk) 05:57, 12 February 2024 (UTC)

Dear Proposers.

ETHW Main Page describes as follows. "To be proposed as an IEEE Milestone, an achievement must be at least 25 years old." https://ieeemilestones.ethw.org/Main_Page

On the other hand, Abstract in NIST FIP197 describes as follows. "In 2000, NIST announced the selection of the Rijndael block cipher family as the winner of the Advanced Encryption Standard (AES) competition." https://csrc.nist.gov/pubs/fips/197/final

I think the AES deserves surely the IEEE Milestone. However, I think it will be 1-2 years before you can apply for the IEEE Milestone. It is reason why the design time frame is generally uncertain and therefore unsuitable for the IEEE Milestone.

Best regards, Dr. Tomohiro Hase, IEEE Fellow.

Re: Comment to Proposers -- Wvetten (talk) 12:09, 20 June 2024 (UTC)

Dear Dr. Tomohiro Hase,

As you can see in the proposal the actual work on AES was done in the years 1995-1998. This time span was more than 25 years ago.

Best regards,

Wim van Etten, proposer

Original Citation Title and Text -- Administrator4 (talk) 17:16, 3 April 2024 (UTC)

Design of the Advanced Encryption Standard (AES) Rijndael 1995-1998

In 1995-1998, Joan Daemen and Vincent Rijmen designed a series of secure and innovative block ciphers. This culminated in Rijndael, their submission to the first worldwide open NIST contest: the AES competition. After winning this in 2000, Rijndael, now AES, became ubiquitous in providing data confidentiality and authenticity worldwide.

Reviewer #1 Comments -- Sselleri (talk) 12:26, 22 July 2024 (UTC)

Here are the comments of the first anonymous reviewer. Please note that some comments might seems aimed more to a specialistic aiudince, while milestones are intended for the general public.

Is suggested wording of the Plaque Citation accurate?

Yes

Is evidence presented in the proposal of sufficient substance and accuracy to support the Plaque Citation?

Yes. Note that for someone woking with cryptography and security it would have been enough to write "it's AES", and that would have been sufficient.

Does proposed milestone represent a significant technical achievement?

Absolutely yes

Were there similar or competing achievements? If so, have the proposers adequately described these and their relationship to the achievement being proposed?

Altough there were (and they are) numerous similar achievemnts in the field of cryptography, there is no doubt that AES is, after 25 years, still the de-facto reference architecture for symmeric data encryption. The proposal describes with ad adequate depth the importance of the milestone, and its relation with the pre-existing ones.

The only part that might me missing is the relationship between AES (a symmetric algorythm) with the asymmetric crypto algorythms. While this distinction is well known and obvious to anyone with a basic knowledge of the topic, it might not be obvious to the others.

Hence, I'd suggest to enhance the description with a note that, while asymmetric algorithms have been improved over the years, and are now subject to revision due to the risk of attacks due to quantum computing, AES, thanks to the symmetric structure, is still considered as the state of the art.

A last note: while the Rijndael algorithm was formally declared as a winner of the AES competition in 2000, its proposal was submitted earlier (1999), as documented in https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf. Hence, the 25-years requirement is perfectly fulfilled.

Reviewer #1 Comments -- Sselleri (talk) 08:37, 11 October 2024 (UTC)

Here are the comments of the second anonymous reviewer. Please note that some comments might seems aimed more to a specialistic aiudince, while milestones are intended for the general public.

Major comments:

The invention of Rijndael, which was adopted by NIST as the AES, is certainly a major development in information security, worthy of IEEE Milestone recognition. The proposed location, the University of Leuven (Katholieke Universiteit Leuven), where the development was done, is fitting.

In the citation I wonder if a deeper connection could be made to related major developments, especially ones already recognized by IEEE Milestones. For instance, AES, as a symmetric key cipher, could be contrasted with public-key cryptography, which has an IEEE Milestone plaque at Cheltenham, UK. https://ethw.org/Milestones:Invention_of_Public-key_Cryptography,_1969_-_1975

In my opinion:

○ The proposed wording for the plaque is accurate

○ The proposal shows significant evidence supporting the citation

○ The invention of Rijndael is a significant achievement, as evidenced by its selection as the AES.

○ There are no directly equivalent achievements of equal stature.


Minor items:

Abstract: 1. "Encryption is essential in protecting privacy of citizens in communication via…”

Suggest: “Encryption is essential in ensuring the privacy of communication via..”

Another approach could be to make reference to the 5 elements of information security: confidentiality (privacy), integrity, availability, authenticity and non-repudiation. AES arguably provides all but authentication and non-repudiation.

2. " after having been selected AES by NIST”

Suggest “after having been selected as the encryption algorithm for the NIST AES standard”

The Citation Needs Extensive Work / Justification Section is Inadequate -- Bberg (talk) 16:37, 11 October 2024 (UTC)

Citation Comments
The current citation is only 49 words in length, and about half of it relates to the NIST contest. There is very little technical content in the other half. Information as currently presented in the 3 background sections can be used for rewriting the citation so that it fulfills a key aspect of all Milestones: to educate the public.

Information on the order of what the www.NIST.gov website states should be included, e.g., "The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data." and "In 2000, NIST selected the Rijndael block cipher family as the winner of the AES competition." In addition, as AES is set forth in the Federal Information Processing Standards (FIPS) Publication 197, an abbreviated version of this fact could be included.

The citation should explain what happened at various points in time over the span of years included in the title. Note also that NIST should be followed by "(National Institute of Standards and Technology)" and that it should be shown to be a US entity. Also, describe what a cipher is. Since the name AES itself is explained in the title with "(Advanced Encryption Standard)," it is optional to also explain this acronym in the citation.

Note that the background information uses these 4 terms: Rijndael/AES, AES/Rijndael, AES and Rijndael. A single consistent name should be used instead. Also, the way "Rijndael" appears in the title is ambiguous.

I suggest that the proposer look at some of the citations of the 258 existing Milestones for guidance about writing a citation. Because of the widespread use of AES, this citation should both read dramatically and be educational.

Justification Section Comments
The "Justification for Inclusion of Names" requirement is inadequately met by way of the 2 brief sentences at the start of the "historical significance" section. There should be specific cites to documents that prove that it was these 2 people, no more and no less.

Thank you for your work on this. AES is very deserving!

Brian Berg, Milestones Subcommittee Chair

Retrieved from "https://ieeemilestones.ethw.org/w/index.php?title=Milestone-Proposal_talk:Advanced_Encryption_Standard_(AES)&oldid=20022"
Powered by MediaWiki
Powered by Semantic MediaWiki