New European Schemes for Signatures,  Integrity, and Encryption


NESSIE is a project within the Information Society Technologies (IST) Programme of the European Commission (Key Action II, Action Line II.4.1).

Disclaimer: The information on this web site is provided as is and no guarantee or warranty is given that the information is fit for any particluar purpose. The user thereof uses the information at its sole risk and liability.

The NESSIE book (draft version 19 April 2004):
Final report of European project IST-1999-12324:
New European Schemes for Signatures, Integrity, and Encryption

Press Release: NESSIE Project Announces Final Selection of Crypto Algorithms

NESSIE Portfolio of recommended cryptographic primitives
Presenting and motivating the final selection of crypto primitives

NEW Test vectors for all NESSIE candidates

Version 2.0 of the NESSIE final reports:
NESSIE Security Report, version 2.0
Performance of Optimized Implementations of the NESSIE Primitives, version 2.0

NESSIE deliverables

NESSIE public reports

List of NESSIE submissions as originally submitted

Modifications to NESSIE submissions selected for Phase 2 evaluation

IP-statements of accepted NESSIE submissions

NESSIE archives

Project main goals

The main objective of the project is to put forward a portfolio of strong cryptographic primitives that has been obtained after an open call and been evaluated using a transparent and open process. The project intends to contribute to the final phase of the AES block cipher standardisation process (organised by NIST, US), but will also launch an independent open call for a broad set of primitives providing confidentiality, data integrity, and authentication. These primitives include block ciphers, stream ciphers, hash functions, MAC algorithms, digital signature schemes, and public-key encryption schemes. The project will develop an evaluation methodology (both for security and performance evaluation) and a software toolbox to support the evaluation. The project goal is to widely disseminate the project results and to build consensus based on these results by using the appropriate fora (a project industry board, 5th Framework programme, and various standardisation bodies). A final objective is to maintain the strong position of European research while strengthening the position of European industry in cryptography.

Technical approach

In a first phase, an open call for the submission of cryptographic primitives as well as for evaluation methodologies for these primitives is published. This call includes a request for the submission of block ciphers (as for the AES call), but also of other cryptographic primitives including hash functions, additive stream ciphers, and digital signature algorithms. In addition, it asks for evaluation methodologies for these primitives. The scope of the call is defined together with the project industry board. This call has been published in March 2000. In parallel, a software toolbox will be developed for generic and, later on, specific evaluations of primitives, taking into account the submitted testing methodologies. A first part of the security evaluation will consist of an analysis of the AES finalists, resulting in joint comments towards NIST (US). Next, the evaluation of submitted primitives will start off with a fast screening of the submissions followed by a first evaluation. In parallel, a first performance evaluation will be executed, only implementing critical parts of the algorithms. Based on this evaluation, a set of submissions will be shortlisted (finalists). The second phase of the project will consist of a thorough security evaluation of the finalists, combined with a performance evaluation that will produce realistic performance estimates of optimised implementations (including software, hardware, and smart card). This will allow for comparing the speed of the primitives on a fair and equal basis. The final results (a recommended portfolio of cryptographic primitives) will be widely disseminated and entered into the relevant standardisation bodies.
The NESSIE evaluation process is an open process. Thus as part of the evaluation process, the NESSIE project welcomes comments about both submitted primitives and the evaluation process. To facilitate this process, four NESSIE workshops will be organised. The first took place on 13-14 November 2000, shortly after the deadline for submission of primitives. The second workshop took place on 12-13 September 2001, shortly after the end of the first phase of the project, the third workshop took place on 6-7 November 2002, and the fourth workshop takes place on 26-27 February 2003 (jointly with the STORK project). A timetable for the NESSIE project is given below.

2000  January Beginning of first phase of NESSIE
2000 January Creation of Industry Board
2000 March Call for Cryptographic Primitives
2000 September Submission deadline
2000 November First NESSIE workshop
2001 June Preliminary assessment of submissions
2001 June End of first phase of NESSIE

2001 July Beginning of second phase of NESSIE
2001  September Second NESSIE workshop
2002 February Preliminary selection of submissions
2002 May Standardisation Plan
2002 November Third NESSIE workshop
2003 February Fourth NESSIE workshop
2003 March Final selection of submissions
2003 March Final report of NESSIE project
2003 March End of second phase of NESSIE

The project may recommend a different block cipher than AES (if technical reasons support this), and will recommend primitives that can be used for challenging environments such as Gigabit networking, wireless communications, PDAs, and smart cards. The recommended primitives for digital signatures can support the European Electronic Signature Standardisation Initiative. By-products of the process will be an evaluation methodology and the improvement of the state-of-the-art in the area. The project will build consensus within the European security industry and gather support for the standardisation effort through a project industry board and through the 5th Framework programme. Members of the project industry board are: Algorithmic Research (Israel), Amtec SpA (I), Baltimore Technologies (IRL), Cryptomathic (DK), Deutsche Telekom AG (D), Entrust Technologies (CH), Ericsson Radio Systems AB (SE), Europay International (B), Gemplus (F), Hewlett-Packard Laboratories (UK), Isabel (B), KPN Research (NL), NDS (Israel), Nokia (Finland), Oberthur Card Systems (F), RSA Laboratories Europe (SE), Security Design International (UK), STMicroelectronics (F), S.W.I.F.T. (B), Telenor Research (N), Telsy Elettronica SpA (I), Thomson-CSF (F), Thomson Multimedia (F), Utimaco (D), Vodafone (UK), Zaxus (UK).

Expected achievements and impact

Project participants and key personnel

Katholieke Universiteit Leuven, Belgium (Prime Contractor) Bart Preneel, Alex Biryukov, Antoon Bosselaers, Christophe De Cannière, Bart Van Rompay
École Normale Supérieure, France Jacques Stern, Louis Granboulan
Royal Holloway, University of London, U.K Sean Murphy
Siemens AG, Germany Markus Dichtl
Technion – Israel Institute of Technology, Israel Eli Biham
Université Catholique de Louvain, Belgium Jean-Jacques Quisquater, Mathieu Ciet, Francesco Sica>
Universitetet i Bergen, Norway Lars Knudsen

Co-ordinator contact details

Prof. Bart Preneel
Department Electrical Engineering-ESAT, Division SISTA/COSIC
Kasteelpark Arenberg 10
B-3001 Heverlee
Tel.: +32-16-321148
Fax: +32-16-321969