Government

NIST estimates $250 billion economic impact from its encryption standard

The standards agency commissioned a study of how much the Advanced Encryption Standard meant to government and industry since the late '90s.

By Zaid Shoorbajee

September 20, 2018

(NIST building / CC2.0)

The U.S. government’s standards clearinghouse for science and technology says that an encryption standard it established in 2001 has had an economic impact of a quarter of a trillion dollars over the years, according to a report released Wednesday.

The National Institute of Standards and Technology set out in 1997 to find a new encryption algorithm for use in the federal agencies to replace the Data Encryption Standard (DES), the government’s prevailing yet aging standard at the time. The result was the Advanced Encryption Standard (AES), an algorithm born of collaboration from the greater cryptography community.

According to the report, commissioned by NIST and prepared by RM Advisory Services, AES has added more than $250 billion in value to the economy since it became available.

AES is part of the Federal Information Processing Standards, which agencies across the government use to guide their information security and interoperability. The encryption standard is unclassified and is available royalty-free, so it’s utilized by private sector organizations in addition to the government.

The assessment, the report says, is based on the following question: “‘What would it have cost industry, acting without NIST support, to develop and adopt a strong successor to the operative encryption standard (DES, FIPS-46) in the mid-1990s as DES was coming to the end of its useful life as a secure symmetric block cipher?’”

The figure is drawn from a survey of consumers in the public and private sector who use encryption systems, as well as private integrators that produce encryption products.

“This outstanding return on investment exemplifies the economic value of federal research and development, for the private sector and for the broader American economy,” said NIST Director Walter Copan, in a statement. “It also demonstrates how bringing together the private and public sectors effectively to address a challenge can result in positive impacts on U.S. commerce.”

NIST is also known for its Framework for Improving Critical Infrastructure Cybersecurity, which is used by government agencies and the private sector to guide security and risk management practices. The agency released Version 1.1 of the framework in April.

NIST estimates $250 billion economic impact from its encryption standard

More Like This

With a mysterious surveillance target identified, calls for Congress to change course

Congress rails against UnitedHealth Group after ransomware attack

Treasury report calls out cyber risks to financial sector fueled by AI

Top Stories

Mandiant: Notorious Russian hacking unit linked to breach of Texas water facility

After a sleepy primary season, Russia enters 2024 U.S. election fray

More Scoops

Apple rolls out quantum-resistant cryptography for iMessage

After years of work, Congress passes ‘internet of things’ cybersecurity bill — and it’s kind of a big deal

NIST is preparing guidance on how to share .zip files in a more secure way

Need more evidence that IoT security is a big deal? Here’s what NIST has to say

How secure is that .zip file? One senator is urging NIST to weigh in

What actually happens when a company examines third-party risk

Security ills of health care sector draw senator’s attention

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

AWS and CrowdStrike leaders discuss zero trust implementation and the path ahead

Government

Technology

Threats

Geopolitics