success fail Nov DEC Jan 14 2011 2012 2014 101 captures 21 Apr 2011 - 01 Jul 2018 About this capture COLLECTED BY Organization: Alexa Crawls Starting in 1996, Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to the Wayback Machine after an embargo period. Collection: Alexa Crawls Starting in 1996, Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to the Wayback Machine after an embargo period. TIMESTAMPS RijndaelSearchSecurity.com
Data Loss Prevention, Data Analysis and Classification, Data Security and Cloud Computing, Identity Theft and Data Security Breaches, Enterprise Data Governance, Disk Encryption and File Encryption, Database Security Management
Secure SaaS: Cloud services and systems, Operating System Security, Enterprise Vulnerability Management, Virtualization Security Issues and Threats, Securing Productivity Applications, Software Development Methodology, Web Security Tools and Best Practices, Application Firewall Security, Application Attacks (Buffer Overflows, Cross-Site Scripting), Database Security Management, Email Protection, Open Source Security Tools and Applications, Social media security
Malware, Viruses, Trojans and Spyware, Smartphone and PDA Viruses and Threats, Emerging Information Security Threats, Information Security Incident Response, Hacker Tools and Techniques: Underground Sites and Hacking Groups, Denial of Service (DoS) Attack Prevention, Security Awareness Training and Internal Threats, Application Attacks -Information Security Threats , Web Server Threats and Countermeasures, Identity Theft and Data Security Breaches, Enterprise Vulnerability Management, Email and Messaging Threats, Web Application and Web 2.0 Threats
Network Security: Tools, Products, Software, Network Protocols and Security, Secure VPN Setup and Configuration, Network Intrusion Detection and Analysis, Wireless Network Security: Setup and Tools, NAC and Endpoint Security Management
Security Industry Market Trends, Predictions and Forecasts, Enterprise Risk Management: Metrics and Assessments, Enterprise Compliance Tools, Business Management: Security Support and Executive Communications, Enterprise Compliance Management Strategy, Disaster Recovery and Business Continuity Planning, Information Security Policies, Procedures and Guidelines, Information Security Laws, Investigations and Ethics, Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions, Information Security Incident Response-Information, Security Awareness Training and Internal Threats, News and analysis from IT security conferences
Advice & Tutorials
Ask a Question
Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES). It was selected from a list of five finalists, that were themselves selected from an original list of more than 15 submissions. Rijndael will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years in many cryptography applications. The algorithm was designed by two Belgian cryptologists, Vincent Rijmen and Joan Daemen, whose surnames are reflected in the cipher's name. Rijndael has its origins in Square, an earlier collaboration between the two cryptologists.
The Rijndael algorithm is a new generation symmetric block cipher that supports key sizes of 128, 192 and 256 bits, with data handled in 128-bit blocks - however, in excess of AES design criteria, the block sizes can mirror those of the keys. Rijndael uses a variable number of rounds, depending on key/block sizes, as follows:
9 rounds if the key/block size is 128 bits
11 rounds if the key/block size is 192 bits
13 rounds if the key/block size is 256 bits
Rijndael is a substitution linear transformation cipher, not requiring a Feistel network. It use triple discreet invertible uniform transformations (layers). Specifically, these are: Linear Mix Transform; Non-linear Transform and Key Addition Transform. Even before the first round, a simple key addition layer is performed, which adds to security. Thereafter, there are Nr-1 rounds and then the final round. The transformations form a State when started but before completion of the entire process.
The State can be thought of as an array, structured with 4 rows and the column number being the block length divided by bit length (for example, divided by 32). The cipher key similarly is an array with 4 rows, but the key length divided by 32 to give the number of columns. The blocks can be interpreted as unidimensional arrays of 4-byte vectors.
The exact transformations occur as follows: the byte subtransformation is nonlinear and operates on each of the State bytes independently - the invertible S-box (substitution table) is made up of 2 transformations. The shiftrow transformation sees the State shifted over variable offsets. The shift offset values are dependent on the block length of the State. The mixcolumn transformation sees the State columns take on polynomial characteristics over a Galois Field values (28), multiplied x4 + 1 (modulo) with a fixed polynomial. Finally, the roundkey transform is XORed to the State. The key schedule helps the cipher key determine the round keys through key expansion and round selection.
Overall, the structure of Rijndael displays a high degree of modular design, which should make modification to counter any attack developed in the future much simpler than with past algorithm designs.
Was the best choice really Rijndael?Our Cryptography expert, Borys Pawliw comments: "The AES selection was always going to be a compromise, balancing various factors such as overall security, performance, and efficiency. As such, it was unlikely that the selection of any one algorithm would receive unanimous praise from all quarters. Rijndael's selection has been criticized by some because the algorithm does not appear to be as secure as some of the other choices.
This criticism is valid theoretically, but does not mean that data secured using this algorithm is going to be unacceptably vulnerable to attack. Although Rijndael may not have been the most secure algorithm from an academic viewpoint, defenders claim that it is more than likely secure enough for all applications in the real world and can be enhanced by simply adding more rounds. Attacks on the algorithm have succeeded only in an extremely limited environment and, while interesting from a mathematical viewpoint, appear to have little consequence in the real world."Related glossary terms: RSA algorithm (Rivest-Shamir-Adleman), data key, greynet (or graynet), spam cocktail (or anti-spam cocktail), fingerscanning (fingerprint scanning), munging, insider threat, authentication server, defense in depth, nonrepudiation Contributor(s): Borys Pawliw This was last updated in May 2007 Posted by: Margaret Rouse
Email AlertsRegister now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
More News and Tutorials
Adobe Reader X uses Microsoft's sandboxing technology to block potentially dangerous processes from executing beyond the confines of the software.
Microsoft repaired four vulnerabilities in its Forefront Unified Access Gateway and a critical flaw in Microsoft Office.
Download the entire October 2010 issue of Information Security magazine here in PDF format.
Resources from around the Web
Do you have something to add to this definition? Let us know.Send your comments to [email protected] Back to top
Research More Tech Terms
Search thousands of tech definitions
Browse tech definitions
File Extensions and File Formats
File Extension and File Formats List:
More from Related TechTarget Sites
- Cloud Security
Are cloud threat intelligence services worth the investment? Diana Kelley discusses whether they're really needed and eight key assessment questions.
IT pros praised the security of Amazon Web Services, saying the show eased their cloud computing security concerns.
At its user conference, Amazon Web Services says customers must understand the implications of its shared security model before moving to the cloud.
- Security Channel
Biometric authentication helps ensure only authorized smartphone users can access a network. David Jacobs weighs the pros and cons of three methods.
The Vault partner program uses incentives to increase visibility for F5 firewalls and its architecture bundle.
DMARC aids the DKIM and SPF protocols that help keep spam out and let legitimate emails in. David Jacobs explains how.
Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security risk assessment process.
A cybergang in Eastern Europe revealed plans to attack U.S. banks with a Gozi-like Trojan, according to RSA.
The latest variant of the banking Trojan is causing numerous problems, Symantec said.
Tilon is related to the Silon malware detected in 2009. It uses a man-in-the-browser attack to capture form submissions and steal credentials.
- Security UK
In this video interview, Ian Kilpatrick of Wick Hill discusses the IPv6 challenges that small and medium businesses are just beginning to address.
Apache has released an updated version of its Web server to address a DDoS vulnerability, for which exploit tools have been found in the wild.
Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise.
Video: In this Zenmap tutorial screencast, Keith Barker of CBT Nuggets explains how to efficiently map networks graphically using Zenmap profiles.
Organizations need to cover key risk areas when writing cloud provider service level agreements.
Companies must get better at making hacking corporate networks complicated and costly for cybercriminals, explains Kaspersky Lab CEO Eugene Kaspersky.
- Information Security
Even as India Inc experiments with the cloud, security concerns play spoilsport. These cloud computing audit and compliance tips will make your journey easier.
In addition to Exchange Server, updates fix flaws in Internet Explorer, Microsoft Office and Microsoft Word.
The cybercriminals connected to the notorious Zeus Trojan are using the Cutwail botnet to distribute spam designed to steal account credentials.